zdravím, po spuštění ntb dlouho trvá, než lze kliknout např. na prohlížeč a pak další dobu trvá než se spustí.
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-06-2019
Ran by Client (03-07-2019 18:57:20)
Running from C:\Users\Client\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-02-02 11:10:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-944637591-687013849-2777917340-500 - Administrator - Disabled)
Client (S-1-5-21-944637591-687013849-2777917340-1000 - Administrator - Enabled) => C:\Users\Client
Guest (S-1-5-21-944637591-687013849-2777917340-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit) (HKLM\...\{CBECBAA4-A9A1-48B6-88DC-5D5E800B0E52}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AuthenTec Fingerprint Software (HKLM\...\{83F136F0-2AE5-420C-A0B6-A440AD42591C}) (Version: 8.5.4.53 - Název společnosti:)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Balíček ovladače systému Windows - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/27/2009 4.2.0827.2009) (HKLM\...\F02860D720F53C6FCD75A013226E3E82F54FAB68) (Version: 08/27/2009 4.2.0827.2009 - Fujitsu America, Inc.)
Battery Utility (HKLM\...\{0294F00A-91AC-4FBF-BD14-0EE1583927AF}) (Version: 3.00.10.001 - Název společnosti:) Hidden
Battery Utility (HKLM\...\InstallShield_{0294F00A-91AC-4FBF-BD14-0EE1583927AF}) (Version: 3.00.10.001 - Název společnosti:)
Bluetooth Feature Pack 5.0 (HKLM\...\{0439D13F-C7CD-458A-90DE-44135CBD40B8}) (Version: 5.0.13 - CSR Plc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
FJ Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52008.0 - Sonix)
FUJITSU Battery Charging Control Update Tool (HKLM\...\{01A4BE67-357B-44C5-92F1-F543FB8643EF}) (Version: 2.0.2.0 - FUJITSU CLIENT COMPUTING LIMITED) Hidden
FUJITSU Battery Charging Control Utility (HKLM\...\InstallShield_{01A4BE67-357B-44C5-92F1-F543FB8643EF}) (Version: 2.0.2.0 - FUJITSU CLIENT COMPUTING LIMITED)
Fujitsu Button Utilities (HKLM\...\{207E8B60-07D2-4B7F-97FE-0DA448606861}) (Version: 7.02.0818.2009 - Fujitsu America, Incorporated)
Fujitsu Display Manager (HKLM\...\{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - Název společnosti:) Hidden
Fujitsu Display Manager (HKLM\...\InstallShield_{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - Název společnosti:)
Fujitsu Hotkey Utility (HKLM\...\{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu Hotkey Utility (HKLM\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (HKLM\...\{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Název společnosti:) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM\...\InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Název společnosti:)
Fujitsu System Extension Utility (HKLM\...\{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED)
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HappyFoto (HKLM\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM\...\{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM\...\InstallShield_{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
OZ711 SCR Driver (HKLM\...\{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro) Hidden
OZ711 SCR Driver (HKLM\...\InstallShield_{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pen Tablet (HKLM\...\Pen Tablet Driver) (Version: 5.1.1.11 - Wacom Technology Corp.)
Power Saving Utility (HKLM\...\{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.009 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM\...\InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.009 - FUJITSU LIMITED)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Security Panel (HKLM\...\InstallShield_{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Security Panel Application (HKLM\...\{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Security Panel Application for Supervisor (HKLM\...\{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Security Panel for Supervisor (HKLM\...\InstallShield_{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Shock Sensor Utility (HKLM\...\{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Název společnosti:) Hidden
Shock Sensor Utility (HKLM\...\InstallShield_{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Název společnosti:)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireless Selector (HKLM\...\{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED) Hidden
Wireless Selector (HKLM\...\InstallShield_{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Client\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Osoba 2 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2015-04-11 13:05 - 2012-02-17 20:55 - 000166912 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2015-02-03 15:45 - 2009-09-30 21:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2019-07-03 18:24 - 2019-07-03 18:44 - 000397312 _____ (ESET) [File not signed] c:\users\client\appdata\local\google\chrome\user data\swreporter\42.206.200.3\edls_32.dll
2009-08-17 22:08 - 2009-09-30 18:57 - 000069632 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjCuiSdk.dll
2009-08-18 21:37 - 2009-11-14 13:06 - 000024576 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
2009-08-18 21:38 - 2009-11-14 13:09 - 000020480 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\fjevents.exe
2015-02-02 14:06 - 2008-06-12 15:47 - 000057344 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
2009-08-06 16:07 - 2009-11-16 01:29 - 000020480 _____ (Fujitsu Computer Systems) [File not signed] C:\Program Files\Fujitsu\Utils\FjLidMon.exe
2009-07-16 20:20 - 2009-10-12 13:48 - 000032768 _____ (Fujitsu PC Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjFBUCmn.dll
2015-02-03 15:45 - 2009-09-30 22:33 - 000262144 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2015-02-03 15:45 - 2009-09-30 21:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2015-02-03 15:45 - 2009-09-30 21:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2015-02-03 15:45 - 2009-09-30 22:34 - 002314240 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2010-10-19 15:21 - 2010-10-19 15:21 - 001269760 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
2010-10-19 15:06 - 2010-10-19 15:06 - 000487424 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
2010-10-31 04:52 - 2010-10-31 04:52 - 000043520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\FrWrkCSY.dll
2010-10-31 05:02 - 2010-10-31 05:02 - 000006656 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\WiTrCSY.dll
2010-10-19 15:03 - 2010-10-19 15:03 - 000655360 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2010-10-19 15:04 - 2010-10-19 15:04 - 000622592 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2010-10-19 15:04 - 2010-10-19 15:04 - 002285568 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2010-10-19 15:05 - 2010-10-19 15:05 - 000512000 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2010-10-19 15:07 - 2010-10-19 15:07 - 000503808 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2010-10-19 15:05 - 2010-10-19 15:05 - 000200704 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2010-10-31 04:58 - 2010-10-31 04:58 - 000106496 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\LangResources\CSY\PanTrCSY.dll
2010-10-19 15:17 - 2010-10-19 15:17 - 000876544 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2010-10-19 15:18 - 2010-10-19 15:18 - 000307200 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PanApi.dll
2010-10-19 15:10 - 2010-10-19 15:10 - 001626112 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2010-10-19 15:08 - 2010-10-19 15:08 - 000499712 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfQOSMgr.dll
2010-10-19 15:02 - 2010-10-19 15:02 - 000135168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2010-10-19 15:02 - 2010-10-19 15:02 - 000139264 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.dll
2010-10-19 15:16 - 2010-10-19 15:16 - 001146880 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2007-02-12 02:43 - 2007-02-12 02:43 - 000065536 _____ (O2Micro International) [File not signed] C:\Windows\system32\o2flash.exe
2010-10-19 14:39 - 2010-10-19 14:39 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-02-26 19:57 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-944637591-687013849-2777917340-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Client\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{47E232FA-1099-4017-A8F8-F447393319F5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C22701D-2520-4CCB-84D0-C5435539203B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{B350DF42-9C1E-4626-A848-BFD21B1FCB98}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D29DF108-2023-4486-B6BA-D742B352C94E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC480EAD-2853-4CB6-A610-62C1E49FEAC4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A674D906-7B82-42BE-9752-B5321AB33FC5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{814920D5-3853-4194-8FD3-34CA0A01FF5B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAC9AFBB-A13B-4787-9511-9F97F126FCD4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40DD0323-EA20-404A-9BF5-34DF63DED06A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54F2C6B2-3549-4CE2-818E-6270A9D06333}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
07-06-2019 20:07:04 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
19-06-2019 16:04:08 Naplánovaný kontrolní bod
20-06-2019 21:25:17 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/03/2019 06:21:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 06:12:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/03/2019 06:09:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (06/24/2019 03:49:36 PM) (Source: FjLogEvt) (EventID: 52) (User: )
Description: FjLidMon.exe : Register: Unknown retc (1)
Error: (06/24/2019 03:36:25 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
System errors:
=============
Error: (07/03/2019 06:12:42 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas. při pokusu o spuštění služby WSearch s argumenty za účelem spuštění serveru:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (07/03/2019 06:12:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/03/2019 06:12:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).
Error: (07/03/2019 06:10:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Server, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (07/03/2019 06:09:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Platforma WDF (Windows Driver Foundation) – platforma ovladače v uživatelském režimu byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (07/03/2019 06:09:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Automatická konfigurace sítě WLAN byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (07/03/2019 06:09:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Správce relací správce oken plochy byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (07/03/2019 06:09:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Klient služby Sledování distribuovaných odkazů byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Windows Defender:
===================================
Date: 2016-07-08 22:50:55.320
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C19C5084-5512-45AF-93A9-B8453F29E3BA}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
==================== Memory info ===========================
BIOS: FUJITSU // Phoenix Technologies Ltd. Version 1.19 11/29/2011
Motherboard: FUJITSU FJNB204
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 86%
Total physical RAM: 2995.5 MB
Available physical RAM: 394.06 MB
Total Virtual: 9137.87 MB
Available Virtual: 6302.14 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.05 GB) (Free:52.61 GB) NTFS
\\?\Volume{aa9b253a-aac9-11e4-9e65-806e6f6e6963}\ () (Fixed) (Total:1 GB) (Free:0.95 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 87C2420C)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-06-2019
Ran by Client (administrator) on CLIENT-PC (FUJITSU LIFEBOOK T900) (03-07-2019 19:01:59)
Running from C:\Users\Client\Desktop
Loaded Profiles: Client (Available Profiles: Client)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
(Cambridge Silicon Radio Ltd. -> CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjEvents.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\fjmnuico.exe
(Fujitsu Computer Systems) [File not signed] C:\Program Files\Fujitsu\Utils\FjLidMon.exe
(FUJITSU LIMITED -> ) C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\Client\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Client\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Client\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Client\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\snuvcdsm.exe
(Microsoft Windows Hardware Compatibility Publisher -> Sonix) C:\Windows\vsnp2uvc.exe
(O2Micro International) [File not signed] C:\Windows\System32\o2flash.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7703072 2009-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CSRSkype] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [346464 2009-08-20] (Cambridge Silicon Radio Ltd. -> CSR, plc)
HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [504160 2009-08-20] (Cambridge Silicon Radio Ltd. -> CSR, plc)
HKLM\...\Run: [ATSwpNav] => "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
HKLM\...\Run: [FJBATAID2] => C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe [107880 2009-10-16] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Sonix)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [24576 2009-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [] => [X]
HKLM\...\Run: [FjStrtAp] => C:\Program Files\Fujitsu\Utils\FjStrtAp.exe [20480 2009-10-12] (Fujitsu Computer Systems Corp.) [File not signed]
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1206544 2010-10-19] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-09-30] () [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-09] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [IndicatorUtility] => C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-06-16] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [144744 2009-07-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [SSUtility] => C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [193832 2007-12-14] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [128360 2009-07-23] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [226184 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [FUJ02B1_Apps] => C:\Program Files\Fujitsu\FUJ02B1\CheckBatteryPack.exe [380840 2018-09-13] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM\...\Run: [FUJ02E3_BatteryChargingControlUpdate] => C:\Program Files\Fujitsu\FUJ02E3_BatteryChargingControlUpdate\CheckBatteryFW.exe [433264 2019-04-09] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [FjBatteryLimitter] => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterRun.exe [361096 2018-11-21] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {627d7ffb-4de5-11e6-879f-002258c78025} - E:\autorun.exe
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {6bf6b3ea-8249-11e6-9711-002258c78025} - E:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {126CD0A5-905F-4F90-A365-AB8F5260195A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {33D9BBB1-89C6-4CB6-BBC9-0EE80BA7365C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {46B5CF64-C963-4C44-AC2B-C0F9A576EE5D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {515EBCAD-8055-4984-A474-2B3EAFDE1D5A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20166760 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {53EB5FD8-D0DC-404C-8FBE-7E0975463305} - System32\Tasks\Fujitsu\FjBatteryLimitter\Notify => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterNotify.exe [181904 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {54213060-202F-4A6D-A9BA-1AFCF68B0724} - System32\Tasks\Fujitsu\FjBatteryLimitter\Unlimit => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterBatu.exe [150160 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {5435DFE8-DCC1-45FD-B757-737BD8DF93E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {8300BA07-4E77-439D-B63B-2F5087D1B8BD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {83C58E82-6947-4613-81D9-74EE4342D989} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20166760 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {96A1248C-E37D-4644-BE02-8712896AF825} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-26] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9A84C94B-C692-423D-9CF0-6DDEA276FEAC} - System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Client\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SRW4P1E\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573[1].EXE" -d C:\Users\Client\Desktop
Task: {A34F728A-6025-43F7-B8B5-E23CBD418C79} - System32\Tasks\Fujitsu\FjBatteryLimitter\Limit => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterBatu.exe [150160 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {B1F00F6B-AB3F-407F-81B5-971B0D33A09C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6174E92-9CC9-4E2C-A640-50A3FF67851D} - System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => C:\Windows\system32\pcalua.exe -a "E:\notebook fujitsu t900\SMARTCARD_O2MICRO_V3.0.1.6D_WIN7_CA41534-5573.EXE" -d "E:\notebook fujitsu t900"
Task: {CB0CE3BD-325A-4350-BE18-B0107B61C1A8} - System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => C:\Windows\system32\pcalua.exe -a C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573\PROUnstl.exe -d C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573
Task: {CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {E210116B-F9B8-4EF1-80B2-E57503813C4B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2394504 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
Task: {EAAB0F48-3266-4E58-A0B0-9C38603A017D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {EF69E9FD-FEE4-4551-A21D-EFA3F32F6D07} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504376 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2BD29B8-AA0E-4985-B4CE-5CAD214B5125} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F874727D-7F51-42ED-934E-9F0391BF8CC7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1913648 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {FE577009-7166-4173-83A0-E22CF150E690} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-944637591-687013849-2777917340-1000] => 172.25.125.66:8080
AutoConfigURL: [S-1-5-21-944637591-687013849-2777917340-1000] => 172.25.125.66:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{767F1F43-85A0-45E8-B66F-2851A52C169C}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{FDA8B116-774B-4A30-8590-77568983CD84}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-944637591-687013849-2777917340-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00151-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=14275 ... 3ECHRH44FX"
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-27]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-27]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-29]
CHR Extension: (AdBlock) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-06]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-03]
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-07]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-05]
CHR Extension: (Avast SafePrice) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-05]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-07]
CHR Extension: (AdBlock) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-11]
CHR Extension: (Avast Online Security) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-11]
CHR Extension: (Adblock Super) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-07-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-11]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR Extension: (Chrome Media Router) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-05]
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-22]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-22]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5584416 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1819896 2009-11-19] (AuthenTec, Inc. -> AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [359864 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7314528 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [227600 2010-10-19] (Intel Corporation - Mobile Wireless Group -> )
R2 O2Flash; C:\Windows\system32\o2flash.exe [65536 2007-02-12] (O2Micro International) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [62824 2009-07-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62760 2008-10-09] (FUJITSU LIMITED -> )
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34488 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [173232 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225608 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171520 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56296 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139568 2019-06-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783024 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403680 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167360 2019-06-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312248 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 Fjbtndrv; C:\Windows\System32\DRIVERS\FjBtnDrv.sys [18816 2009-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Fujitsu America, Inc.)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [12776 2015-02-03] (FUJITSU LIMITED -> FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [25776 2018-09-13] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7122944 2010-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscr.sys [102560 2009-05-15] (O2Micro Inc. -> O2Micro)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3487104 2009-09-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WISDPen; C:\Windows\System32\DRIVERS\wisdpen.sys [36648 2009-08-24] (Wacom Technology Corp. -> Wacom Technology)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalený NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený NTB
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalený NTB
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-03-2019
# Duration: 00:00:13
# OS: Windows 7 Professional
# Cleaned: 7
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\f62c78bcf98ee6f6ed29b0f63f66e8b2
Deleted HKCU\Software\Seznam.cz
***** [ Chromium (and derivatives) ] *****
Deleted DeadMouse
***** [ Chromium URLs ] *****
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1902 octets] - [03/07/2019 19:59:54]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-03-2019
# Duration: 00:00:13
# OS: Windows 7 Professional
# Cleaned: 7
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\f62c78bcf98ee6f6ed29b0f63f66e8b2
Deleted HKCU\Software\Seznam.cz
***** [ Chromium (and derivatives) ] *****
Deleted DeadMouse
***** [ Chromium URLs ] *****
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1902 octets] - [03/07/2019 19:59:54]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený NTB
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalený NTB
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-07-2019
Ran by Client (administrator) on CLIENT-PC (FUJITSU LIFEBOOK T900) (03-07-2019 21:09:47)
Running from C:\Users\Client\Desktop
Loaded Profiles: Client (Available Profiles: Client)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Cambridge Silicon Radio Ltd. -> CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjEvents.exe
(Fujitsu Computer Systems) [File not signed] C:\Program Files\Fujitsu\Utils\FjLidMon.exe
(FUJITSU LIMITED -> ) C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\snuvcdsm.exe
(Microsoft Windows Hardware Compatibility Publisher -> Sonix) C:\Windows\vsnp2uvc.exe
(O2Micro International) [File not signed] C:\Windows\System32\o2flash.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7703072 2009-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CSRSkype] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [346464 2009-08-20] (Cambridge Silicon Radio Ltd. -> CSR, plc)
HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [504160 2009-08-20] (Cambridge Silicon Radio Ltd. -> CSR, plc)
HKLM\...\Run: [ATSwpNav] => "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
HKLM\...\Run: [FJBATAID2] => C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe [107880 2009-10-16] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Sonix)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [24576 2009-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [] => [X]
HKLM\...\Run: [FjStrtAp] => C:\Program Files\Fujitsu\Utils\FjStrtAp.exe [20480 2009-10-12] (Fujitsu Computer Systems Corp.) [File not signed]
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1206544 2010-10-19] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-09-30] () [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-09] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [IndicatorUtility] => C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-06-16] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [144744 2009-07-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [SSUtility] => C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [193832 2007-12-14] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [128360 2009-07-23] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [226184 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [FUJ02B1_Apps] => C:\Program Files\Fujitsu\FUJ02B1\CheckBatteryPack.exe [380840 2018-09-13] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM\...\Run: [FUJ02E3_BatteryChargingControlUpdate] => C:\Program Files\Fujitsu\FUJ02E3_BatteryChargingControlUpdate\CheckBatteryFW.exe [433264 2019-04-09] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [FjBatteryLimitter] => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterRun.exe [361096 2018-11-21] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {627d7ffb-4de5-11e6-879f-002258c78025} - E:\autorun.exe
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {6bf6b3ea-8249-11e6-9711-002258c78025} - E:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {126CD0A5-905F-4F90-A365-AB8F5260195A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {33D9BBB1-89C6-4CB6-BBC9-0EE80BA7365C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {46B5CF64-C963-4C44-AC2B-C0F9A576EE5D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {515EBCAD-8055-4984-A474-2B3EAFDE1D5A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20166760 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {53EB5FD8-D0DC-404C-8FBE-7E0975463305} - System32\Tasks\Fujitsu\FjBatteryLimitter\Notify => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterNotify.exe [181904 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {54213060-202F-4A6D-A9BA-1AFCF68B0724} - System32\Tasks\Fujitsu\FjBatteryLimitter\Unlimit => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterBatu.exe [150160 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {5435DFE8-DCC1-45FD-B757-737BD8DF93E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {8300BA07-4E77-439D-B63B-2F5087D1B8BD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {83C58E82-6947-4613-81D9-74EE4342D989} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20166760 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {96A1248C-E37D-4644-BE02-8712896AF825} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-26] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9A84C94B-C692-423D-9CF0-6DDEA276FEAC} - System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Client\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SRW4P1E\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573[1].EXE" -d C:\Users\Client\Desktop
Task: {A34F728A-6025-43F7-B8B5-E23CBD418C79} - System32\Tasks\Fujitsu\FjBatteryLimitter\Limit => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterBatu.exe [150160 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {B1F00F6B-AB3F-407F-81B5-971B0D33A09C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6174E92-9CC9-4E2C-A640-50A3FF67851D} - System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => C:\Windows\system32\pcalua.exe -a "E:\notebook fujitsu t900\SMARTCARD_O2MICRO_V3.0.1.6D_WIN7_CA41534-5573.EXE" -d "E:\notebook fujitsu t900"
Task: {CB0CE3BD-325A-4350-BE18-B0107B61C1A8} - System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => C:\Windows\system32\pcalua.exe -a C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573\PROUnstl.exe -d C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573
Task: {CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {E210116B-F9B8-4EF1-80B2-E57503813C4B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2394504 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
Task: {EAAB0F48-3266-4E58-A0B0-9C38603A017D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {EF69E9FD-FEE4-4551-A21D-EFA3F32F6D07} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504376 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2BD29B8-AA0E-4985-B4CE-5CAD214B5125} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F874727D-7F51-42ED-934E-9F0391BF8CC7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1913648 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {FE577009-7166-4173-83A0-E22CF150E690} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-944637591-687013849-2777917340-1000] => 172.25.125.66:8080
AutoConfigURL: [S-1-5-21-944637591-687013849-2777917340-1000] => 172.25.125.66:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{767F1F43-85A0-45E8-B66F-2851A52C169C}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{FDA8B116-774B-4A30-8590-77568983CD84}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-944637591-687013849-2777917340-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00151-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-27]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-27]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-29]
CHR Extension: (AdBlock) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-06]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-03]
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-07]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-05]
CHR Extension: (Avast SafePrice) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-05]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-07]
CHR Extension: (AdBlock) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-11]
CHR Extension: (Avast Online Security) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-11]
CHR Extension: (Adblock Super) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-07-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-11]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR Extension: (Chrome Media Router) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-05]
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-22]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-22]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5584416 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1819896 2009-11-19] (AuthenTec, Inc. -> AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [359864 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7314528 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [227600 2010-10-19] (Intel Corporation - Mobile Wireless Group -> )
R2 O2Flash; C:\Windows\system32\o2flash.exe [65536 2007-02-12] (O2Micro International) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [62824 2009-07-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62760 2008-10-09] (FUJITSU LIMITED -> )
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34488 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [173232 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225608 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171520 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56296 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139568 2019-06-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783024 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403680 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167360 2019-06-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312248 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 Fjbtndrv; C:\Windows\System32\DRIVERS\FjBtnDrv.sys [18816 2009-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Fujitsu America, Inc.)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [12776 2015-02-03] (FUJITSU LIMITED -> FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [25776 2018-09-13] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7122944 2010-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscr.sys [102560 2009-05-15] (O2Micro Inc. -> O2Micro)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3487104 2009-09-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WISDPen; C:\Windows\System32\DRIVERS\wisdpen.sys [36648 2009-08-24] (Wacom Technology Corp. -> Wacom Technology)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-03 21:09 - 2019-07-03 21:11 - 000028495 _____ C:\Users\Client\Desktop\FRST.txt
2019-07-03 21:09 - 2019-07-03 21:09 - 000000000 ____D C:\Users\Client\Desktop\FRST-OlderVersion
2019-07-03 19:57 - 2019-07-03 19:58 - 007025360 _____ (Malwarebytes) C:\Users\Client\Desktop\adwcleaner_7.3.exe
2019-07-03 18:50 - 2019-07-03 19:01 - 000000000 ____D C:\FRST
2019-07-03 18:47 - 2019-07-03 21:09 - 001772032 _____ (Farbar) C:\Users\Client\Desktop\FRST.exe
2019-06-19 12:14 - 2019-06-04 01:10 - 000751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-19 12:14 - 2019-06-04 01:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-19 12:14 - 2019-05-27 08:29 - 000348984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-19 12:14 - 2019-05-25 03:07 - 020275712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-19 12:14 - 2019-05-25 02:45 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-19 12:14 - 2019-05-25 02:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-06-19 12:14 - 2019-05-25 02:44 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-06-19 12:14 - 2019-05-25 02:42 - 002297344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-19 12:14 - 2019-05-25 02:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-06-19 12:14 - 2019-05-25 02:38 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-06-19 12:14 - 2019-05-25 02:37 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-06-19 12:14 - 2019-05-25 02:37 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-06-19 12:14 - 2019-05-25 02:36 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-06-19 12:14 - 2019-05-25 02:33 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-06-19 12:14 - 2019-05-25 02:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-06-19 12:14 - 2019-05-25 02:26 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-06-19 12:14 - 2019-05-25 02:26 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-06-19 12:14 - 2019-05-25 02:24 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-06-19 12:14 - 2019-05-25 02:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-06-19 12:14 - 2019-05-25 02:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-06-19 12:14 - 2019-05-25 02:22 - 004492800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-19 12:14 - 2019-05-25 02:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-06-19 12:14 - 2019-05-25 02:17 - 013706240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-19 12:14 - 2019-05-25 02:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-06-19 12:14 - 2019-05-25 02:15 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-19 12:14 - 2019-05-25 02:15 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-06-19 12:14 - 2019-05-25 02:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-19 12:14 - 2019-05-25 02:15 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-19 12:14 - 2019-05-25 02:02 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-19 12:14 - 2019-05-25 01:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-19 12:14 - 2019-05-25 01:59 - 001323008 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-19 12:14 - 2019-05-25 01:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-06-19 12:14 - 2019-05-25 01:56 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-06-19 12:14 - 2019-05-23 03:58 - 000628224 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-06-19 12:14 - 2019-05-23 03:58 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-06-19 12:14 - 2019-05-23 03:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-19 12:14 - 2019-05-23 02:31 - 001251840 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-19 12:14 - 2019-05-23 02:31 - 000910336 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-19 12:14 - 2019-05-17 20:14 - 000251112 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-06-19 12:14 - 2019-05-16 17:22 - 004057312 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-06-19 12:14 - 2019-05-16 17:22 - 003963624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-19 12:14 - 2019-05-16 17:21 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000135912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-06-19 12:14 - 2019-05-16 17:21 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-06-19 12:14 - 2019-05-16 17:19 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-19 12:14 - 2019-05-16 17:02 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-19 12:14 - 2019-05-16 16:50 - 002406400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-19 12:14 - 2019-05-16 16:50 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-06-19 12:14 - 2019-05-16 16:47 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-19 12:14 - 2019-05-16 16:45 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-06-19 12:14 - 2019-05-13 16:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2019-06-19 12:14 - 2019-05-13 16:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2019-06-19 12:14 - 2019-05-13 16:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2019-06-19 12:14 - 2019-05-13 16:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2019-06-19 12:14 - 2019-05-09 17:20 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-06-19 12:14 - 2019-05-09 17:20 - 000078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-06-19 12:14 - 2019-05-09 17:18 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-06-19 12:14 - 2019-05-09 17:13 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-06-19 12:14 - 2019-05-09 16:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-06-19 12:14 - 2019-04-30 03:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-19 12:14 - 2019-04-25 17:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-19 12:14 - 2019-04-24 17:20 - 001311464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-19 12:14 - 2019-04-24 17:20 - 000240864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-06-19 12:14 - 2019-04-24 17:19 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-19 12:14 - 2019-04-12 15:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-06-19 12:14 - 2019-04-09 17:17 - 002953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-06-19 12:14 - 2019-04-09 17:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-06-19 12:14 - 2019-04-09 17:05 - 002092032 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-19 12:14 - 2019-04-09 17:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-19 12:14 - 2019-04-09 17:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-06-19 12:13 - 2019-05-25 02:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-06-19 12:13 - 2019-05-25 02:55 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-06-19 12:13 - 2019-05-25 02:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-06-19 12:13 - 2019-05-25 02:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-06-19 12:13 - 2019-05-25 02:39 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-06-19 12:13 - 2019-05-25 02:37 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-06-19 12:13 - 2019-05-25 02:27 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-06-19 12:13 - 2019-05-23 03:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-06-19 12:13 - 2019-05-16 17:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-06-19 12:13 - 2019-05-16 17:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-06-19 12:13 - 2019-05-16 16:53 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-06-19 12:13 - 2019-05-16 16:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-06-19 12:13 - 2019-05-16 16:53 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-06-19 12:13 - 2019-05-16 16:53 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-06-19 12:13 - 2019-05-16 16:53 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-06-19 12:13 - 2019-05-16 16:50 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-06-19 12:13 - 2019-05-16 16:49 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-06-19 12:13 - 2019-05-16 16:45 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-06-19 12:13 - 2019-05-16 16:45 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-06-19 12:13 - 2019-05-09 17:18 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-06-19 12:13 - 2019-05-09 17:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-06-19 12:13 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-06-19 12:13 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-06-19 12:13 - 2019-05-09 17:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-06-19 12:13 - 2019-05-09 17:02 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-06-19 12:13 - 2019-05-09 16:56 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-06-19 12:13 - 2019-05-09 16:48 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-06-19 12:13 - 2019-05-09 16:48 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-06-19 12:13 - 2019-05-09 16:48 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-06-19 12:13 - 2019-04-09 17:14 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-06-19 12:13 - 2019-04-09 17:05 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-06-19 12:13 - 2019-04-09 17:05 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-19 12:13 - 2019-04-09 17:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-06-19 12:13 - 2019-04-09 17:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-19 12:13 - 2019-04-09 17:05 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-06-07 20:16 - 2019-06-07 20:16 - 000001023 _____ C:\Users\Client\Desktop\DOMINIK – zástupce.lnk
2019-06-07 20:07 - 2019-06-07 20:07 - 000001163 _____ C:\Users\Public\Desktop\HappyFoto.lnk
2019-06-07 20:07 - 2019-06-07 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Happy Foto CZ
2019-06-07 20:06 - 2019-06-07 20:06 - 000000000 ____D C:\ProgramData\PhotoGenie X
2019-06-07 17:02 - 2019-06-07 17:10 - 338502528 _____ (Happy Foto CZ ) C:\Users\Client\Downloads\HappyFoto (2).exe
2019-06-04 20:29 - 2019-06-04 20:29 - 016920766 _____ C:\Users\Client\Downloads\pozvánka.pdf
2019-06-03 21:12 - 2019-06-03 21:12 - 000000342 ____H C:\Windows\Tasks\Avast Emergency Update.job
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-03 20:12 - 2009-07-14 06:34 - 000021408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-03 20:12 - 2009-07-14 06:34 - 000021408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-03 20:10 - 2015-04-12 15:42 - 000003540 _____ C:\Users\Client\AppData\Roaming\FjMenu1.XML
2019-07-03 20:03 - 2015-02-02 14:08 - 000000000 ____D C:\Users\Client\AppData\Roaming\WTablet
2019-07-03 20:02 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-03 19:59 - 2018-02-11 12:51 - 000000000 ____D C:\AdwCleaner
2019-07-03 18:39 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-07-03 18:21 - 2017-08-28 21:00 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-03 18:20 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-03 18:18 - 2017-08-28 20:48 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-03 18:08 - 2009-07-14 06:53 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-02 22:11 - 2015-03-28 16:06 - 000000000 ____D C:\Users\Client\AppData\LocalLow\Adblock Plus for IE
2019-06-24 17:57 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2019-06-24 15:41 - 2011-04-12 03:37 - 000668376 _____ C:\Windows\system32\perfh005.dat
2019-06-24 15:41 - 2011-04-12 03:37 - 000141004 _____ C:\Windows\system32\perfc005.dat
2019-06-24 15:41 - 2010-11-20 23:01 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-24 15:33 - 2009-07-14 06:33 - 000509904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-24 15:28 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\Dism
2019-06-20 21:37 - 2015-03-28 16:28 - 000000000 ____D C:\Windows\system32\MRT
2019-06-20 21:30 - 2015-03-28 16:28 - 132265168 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-20 17:50 - 2015-11-21 12:30 - 000139568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-20 11:01 - 2015-02-04 22:11 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 12:24 - 2019-02-28 12:34 - 000002119 _____ C:\Users\Client\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-06-19 12:24 - 2017-08-28 21:06 - 000000000 ___RD C:\Users\Client\OneDrive
2019-06-19 12:13 - 2015-11-21 12:30 - 000167360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-19 12:09 - 2016-07-30 12:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-07 17:06 - 2017-01-29 23:06 - 000000000 ____D C:\Program Files\HappyFoto-Designer
2019-06-06 17:52 - 2019-05-21 19:15 - 000000000 ____D C:\Program Files\Happy Foto CZ
==================== Files in the root of some directories ================
2018-12-29 21:23 - 2018-12-29 21:23 - 007895040 _____ () C:\Program Files\GUT538E.tmp
2015-04-12 15:42 - 2019-07-03 20:10 - 000003540 _____ () C:\Users\Client\AppData\Roaming\FjMenu1.XML
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-06-24 16:36
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-07-2019
Ran by Client (03-07-2019 21:12:05)
Running from C:\Users\Client\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-02-02 11:10:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-944637591-687013849-2777917340-500 - Administrator - Disabled)
Client (S-1-5-21-944637591-687013849-2777917340-1000 - Administrator - Enabled) => C:\Users\Client
Guest (S-1-5-21-944637591-687013849-2777917340-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit) (HKLM\...\{CBECBAA4-A9A1-48B6-88DC-5D5E800B0E52}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AuthenTec Fingerprint Software (HKLM\...\{83F136F0-2AE5-420C-A0B6-A440AD42591C}) (Version: 8.5.4.53 - Název společnosti:)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Balíček ovladače systému Windows - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/27/2009 4.2.0827.2009) (HKLM\...\F02860D720F53C6FCD75A013226E3E82F54FAB68) (Version: 08/27/2009 4.2.0827.2009 - Fujitsu America, Inc.)
Battery Utility (HKLM\...\{0294F00A-91AC-4FBF-BD14-0EE1583927AF}) (Version: 3.00.10.001 - Název společnosti:) Hidden
Battery Utility (HKLM\...\InstallShield_{0294F00A-91AC-4FBF-BD14-0EE1583927AF}) (Version: 3.00.10.001 - Název společnosti:)
Bluetooth Feature Pack 5.0 (HKLM\...\{0439D13F-C7CD-458A-90DE-44135CBD40B8}) (Version: 5.0.13 - CSR Plc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
FJ Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52008.0 - Sonix)
FUJITSU Battery Charging Control Update Tool (HKLM\...\{01A4BE67-357B-44C5-92F1-F543FB8643EF}) (Version: 2.0.2.0 - FUJITSU CLIENT COMPUTING LIMITED) Hidden
FUJITSU Battery Charging Control Utility (HKLM\...\InstallShield_{01A4BE67-357B-44C5-92F1-F543FB8643EF}) (Version: 2.0.2.0 - FUJITSU CLIENT COMPUTING LIMITED)
Fujitsu Button Utilities (HKLM\...\{207E8B60-07D2-4B7F-97FE-0DA448606861}) (Version: 7.02.0818.2009 - Fujitsu America, Incorporated)
Fujitsu Display Manager (HKLM\...\{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - Název společnosti:) Hidden
Fujitsu Display Manager (HKLM\...\InstallShield_{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - Název společnosti:)
Fujitsu Hotkey Utility (HKLM\...\{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu Hotkey Utility (HKLM\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (HKLM\...\{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Název společnosti:) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM\...\InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Název společnosti:)
Fujitsu System Extension Utility (HKLM\...\{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED)
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HappyFoto (HKLM\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM\...\{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM\...\InstallShield_{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
OZ711 SCR Driver (HKLM\...\{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro) Hidden
OZ711 SCR Driver (HKLM\...\InstallShield_{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pen Tablet (HKLM\...\Pen Tablet Driver) (Version: 5.1.1.11 - Wacom Technology Corp.)
Power Saving Utility (HKLM\...\{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.009 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM\...\InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.009 - FUJITSU LIMITED)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Security Panel (HKLM\...\InstallShield_{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Security Panel Application (HKLM\...\{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Security Panel Application for Supervisor (HKLM\...\{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Security Panel for Supervisor (HKLM\...\InstallShield_{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Shock Sensor Utility (HKLM\...\{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Název společnosti:) Hidden
Shock Sensor Utility (HKLM\...\InstallShield_{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Název společnosti:)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireless Selector (HKLM\...\{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED) Hidden
Wireless Selector (HKLM\...\InstallShield_{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Client\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Osoba 2 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2015-02-03 15:45 - 2009-09-30 21:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2009-08-17 22:08 - 2009-09-30 18:57 - 000069632 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjCuiSdk.dll
2009-08-18 21:37 - 2009-11-14 13:06 - 000024576 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
2009-08-18 21:38 - 2009-11-14 13:09 - 000020480 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\fjevents.exe
2009-08-06 16:07 - 2009-11-16 01:29 - 000020480 _____ (Fujitsu Computer Systems) [File not signed] C:\Program Files\Fujitsu\Utils\FjLidMon.exe
2009-07-16 20:20 - 2009-10-12 13:48 - 000032768 _____ (Fujitsu PC Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjFBUCmn.dll
2015-02-03 15:45 - 2009-09-30 22:33 - 000262144 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2015-02-03 15:45 - 2009-09-30 21:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2015-02-03 15:45 - 2009-09-30 21:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2015-02-03 15:45 - 2009-09-30 22:34 - 002314240 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2010-10-19 15:21 - 2010-10-19 15:21 - 001269760 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
2010-10-19 15:06 - 2010-10-19 15:06 - 000487424 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
2010-10-31 04:52 - 2010-10-31 04:52 - 000043520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\FrWrkCSY.dll
2010-10-31 05:02 - 2010-10-31 05:02 - 000006656 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\WiTrCSY.dll
2010-10-19 15:03 - 2010-10-19 15:03 - 000655360 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2010-10-19 15:04 - 2010-10-19 15:04 - 000622592 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2010-10-19 15:04 - 2010-10-19 15:04 - 002285568 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2010-10-19 15:05 - 2010-10-19 15:05 - 000512000 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2010-10-19 15:07 - 2010-10-19 15:07 - 000503808 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2010-10-19 15:05 - 2010-10-19 15:05 - 000200704 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2010-10-31 04:58 - 2010-10-31 04:58 - 000106496 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\LangResources\CSY\PanTrCSY.dll
2010-10-19 15:17 - 2010-10-19 15:17 - 000876544 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2010-10-19 15:18 - 2010-10-19 15:18 - 000307200 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PanApi.dll
2010-10-19 15:10 - 2010-10-19 15:10 - 001626112 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2010-10-19 15:08 - 2010-10-19 15:08 - 000499712 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfQOSMgr.dll
2010-10-19 15:02 - 2010-10-19 15:02 - 000135168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2010-10-19 15:02 - 2010-10-19 15:02 - 000139264 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.dll
2010-10-19 15:16 - 2010-10-19 15:16 - 001146880 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2007-02-12 02:43 - 2007-02-12 02:43 - 000065536 _____ (O2Micro International) [File not signed] C:\Windows\system32\o2flash.exe
2010-10-19 14:39 - 2010-10-19 14:39 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-02-26 19:57 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-944637591-687013849-2777917340-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Client\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{47E232FA-1099-4017-A8F8-F447393319F5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C22701D-2520-4CCB-84D0-C5435539203B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{B350DF42-9C1E-4626-A848-BFD21B1FCB98}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D29DF108-2023-4486-B6BA-D742B352C94E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC480EAD-2853-4CB6-A610-62C1E49FEAC4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A674D906-7B82-42BE-9752-B5321AB33FC5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{814920D5-3853-4194-8FD3-34CA0A01FF5B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAC9AFBB-A13B-4787-9511-9F97F126FCD4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40DD0323-EA20-404A-9BF5-34DF63DED06A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54F2C6B2-3549-4CE2-818E-6270A9D06333}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
07-06-2019 20:07:04 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
19-06-2019 16:04:08 Naplánovaný kontrolní bod
20-06-2019 21:25:17 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/03/2019 08:03:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/03/2019 08:03:04 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 08:03:04 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 08:03:04 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 07:03:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST.exe verze 30.6.2019.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 187c
Čas spuštění: 01d531bf712d2f1c
Čas ukončení: 62
Cesta k aplikaci: C:\Users\Client\Desktop\FRST.exe
ID hlášení:
Error: (07/03/2019 06:21:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
System errors:
=============
Error: (07/03/2019 08:01:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (07/03/2019 08:01:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (07/03/2019 08:01:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (07/03/2019 08:00:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (07/03/2019 08:00:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/03/2019 08:00:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AuthenTec Fingerprint Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (07/03/2019 08:00:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (07/03/2019 08:00:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management & Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2016-07-08 22:50:55.320
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C19C5084-5512-45AF-93A9-B8453F29E3BA}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
==================== Memory info ===========================
BIOS: FUJITSU // Phoenix Technologies Ltd. Version 1.19 11/29/2011
Motherboard: FUJITSU FJNB204
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 66%
Total physical RAM: 2995.5 MB
Available physical RAM: 1017.96 MB
Total Virtual: 9137.87 MB
Available Virtual: 6894.62 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.05 GB) (Free:52.42 GB) NTFS
\\?\Volume{aa9b253a-aac9-11e4-9e65-806e6f6e6963}\ () (Fixed) (Total:1 GB) (Free:0.95 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 87C2420C)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Client (administrator) on CLIENT-PC (FUJITSU LIFEBOOK T900) (03-07-2019 21:09:47)
Running from C:\Users\Client\Desktop
Loaded Profiles: Client (Available Profiles: Client)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Cambridge Silicon Radio Ltd. -> CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjEvents.exe
(Fujitsu Computer Systems) [File not signed] C:\Program Files\Fujitsu\Utils\FjLidMon.exe
(FUJITSU LIMITED -> ) C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\snuvcdsm.exe
(Microsoft Windows Hardware Compatibility Publisher -> Sonix) C:\Windows\vsnp2uvc.exe
(O2Micro International) [File not signed] C:\Windows\System32\o2flash.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7703072 2009-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CSRSkype] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [346464 2009-08-20] (Cambridge Silicon Radio Ltd. -> CSR, plc)
HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [504160 2009-08-20] (Cambridge Silicon Radio Ltd. -> CSR, plc)
HKLM\...\Run: [ATSwpNav] => "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
HKLM\...\Run: [FJBATAID2] => C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe [107880 2009-10-16] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Sonix)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [24576 2009-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [] => [X]
HKLM\...\Run: [FjStrtAp] => C:\Program Files\Fujitsu\Utils\FjStrtAp.exe [20480 2009-10-12] (Fujitsu Computer Systems Corp.) [File not signed]
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1206544 2010-10-19] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-09-30] () [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-09] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [IndicatorUtility] => C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-06-16] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [144744 2009-07-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [SSUtility] => C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [193832 2007-12-14] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [128360 2009-07-23] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [226184 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [FUJ02B1_Apps] => C:\Program Files\Fujitsu\FUJ02B1\CheckBatteryPack.exe [380840 2018-09-13] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM\...\Run: [FUJ02E3_BatteryChargingControlUpdate] => C:\Program Files\Fujitsu\FUJ02E3_BatteryChargingControlUpdate\CheckBatteryFW.exe [433264 2019-04-09] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [FjBatteryLimitter] => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterRun.exe [361096 2018-11-21] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {627d7ffb-4de5-11e6-879f-002258c78025} - E:\autorun.exe
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {6bf6b3ea-8249-11e6-9711-002258c78025} - E:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {126CD0A5-905F-4F90-A365-AB8F5260195A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {33D9BBB1-89C6-4CB6-BBC9-0EE80BA7365C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {46B5CF64-C963-4C44-AC2B-C0F9A576EE5D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {515EBCAD-8055-4984-A474-2B3EAFDE1D5A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20166760 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {53EB5FD8-D0DC-404C-8FBE-7E0975463305} - System32\Tasks\Fujitsu\FjBatteryLimitter\Notify => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterNotify.exe [181904 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {54213060-202F-4A6D-A9BA-1AFCF68B0724} - System32\Tasks\Fujitsu\FjBatteryLimitter\Unlimit => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterBatu.exe [150160 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {5435DFE8-DCC1-45FD-B757-737BD8DF93E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {8300BA07-4E77-439D-B63B-2F5087D1B8BD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {83C58E82-6947-4613-81D9-74EE4342D989} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20166760 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {96A1248C-E37D-4644-BE02-8712896AF825} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-26] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9A84C94B-C692-423D-9CF0-6DDEA276FEAC} - System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Client\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SRW4P1E\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573[1].EXE" -d C:\Users\Client\Desktop
Task: {A34F728A-6025-43F7-B8B5-E23CBD418C79} - System32\Tasks\Fujitsu\FjBatteryLimitter\Limit => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterBatu.exe [150160 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {B1F00F6B-AB3F-407F-81B5-971B0D33A09C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6174E92-9CC9-4E2C-A640-50A3FF67851D} - System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => C:\Windows\system32\pcalua.exe -a "E:\notebook fujitsu t900\SMARTCARD_O2MICRO_V3.0.1.6D_WIN7_CA41534-5573.EXE" -d "E:\notebook fujitsu t900"
Task: {CB0CE3BD-325A-4350-BE18-B0107B61C1A8} - System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => C:\Windows\system32\pcalua.exe -a C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573\PROUnstl.exe -d C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573
Task: {CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {E210116B-F9B8-4EF1-80B2-E57503813C4B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2394504 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
Task: {EAAB0F48-3266-4E58-A0B0-9C38603A017D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {EF69E9FD-FEE4-4551-A21D-EFA3F32F6D07} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504376 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2BD29B8-AA0E-4985-B4CE-5CAD214B5125} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F874727D-7F51-42ED-934E-9F0391BF8CC7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1913648 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {FE577009-7166-4173-83A0-E22CF150E690} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-944637591-687013849-2777917340-1000] => 172.25.125.66:8080
AutoConfigURL: [S-1-5-21-944637591-687013849-2777917340-1000] => 172.25.125.66:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{767F1F43-85A0-45E8-B66F-2851A52C169C}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{FDA8B116-774B-4A30-8590-77568983CD84}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-944637591-687013849-2777917340-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00151-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-27]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-27]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-29]
CHR Extension: (AdBlock) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-06]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-03]
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-07]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-05]
CHR Extension: (Avast SafePrice) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-05]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-07]
CHR Extension: (AdBlock) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-11]
CHR Extension: (Avast Online Security) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-11]
CHR Extension: (Adblock Super) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-07-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-11]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR Extension: (Chrome Media Router) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-05]
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-22]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-22]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5584416 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1819896 2009-11-19] (AuthenTec, Inc. -> AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [359864 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7314528 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [227600 2010-10-19] (Intel Corporation - Mobile Wireless Group -> )
R2 O2Flash; C:\Windows\system32\o2flash.exe [65536 2007-02-12] (O2Micro International) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [62824 2009-07-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62760 2008-10-09] (FUJITSU LIMITED -> )
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34488 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [173232 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225608 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171520 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56296 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139568 2019-06-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783024 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403680 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167360 2019-06-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312248 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 Fjbtndrv; C:\Windows\System32\DRIVERS\FjBtnDrv.sys [18816 2009-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Fujitsu America, Inc.)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [12776 2015-02-03] (FUJITSU LIMITED -> FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [25776 2018-09-13] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7122944 2010-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscr.sys [102560 2009-05-15] (O2Micro Inc. -> O2Micro)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3487104 2009-09-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WISDPen; C:\Windows\System32\DRIVERS\wisdpen.sys [36648 2009-08-24] (Wacom Technology Corp. -> Wacom Technology)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-03 21:09 - 2019-07-03 21:11 - 000028495 _____ C:\Users\Client\Desktop\FRST.txt
2019-07-03 21:09 - 2019-07-03 21:09 - 000000000 ____D C:\Users\Client\Desktop\FRST-OlderVersion
2019-07-03 19:57 - 2019-07-03 19:58 - 007025360 _____ (Malwarebytes) C:\Users\Client\Desktop\adwcleaner_7.3.exe
2019-07-03 18:50 - 2019-07-03 19:01 - 000000000 ____D C:\FRST
2019-07-03 18:47 - 2019-07-03 21:09 - 001772032 _____ (Farbar) C:\Users\Client\Desktop\FRST.exe
2019-06-19 12:14 - 2019-06-04 01:10 - 000751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-19 12:14 - 2019-06-04 01:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-19 12:14 - 2019-05-27 08:29 - 000348984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-19 12:14 - 2019-05-25 03:07 - 020275712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-19 12:14 - 2019-05-25 02:45 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-19 12:14 - 2019-05-25 02:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-06-19 12:14 - 2019-05-25 02:44 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-06-19 12:14 - 2019-05-25 02:42 - 002297344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-19 12:14 - 2019-05-25 02:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-06-19 12:14 - 2019-05-25 02:38 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-06-19 12:14 - 2019-05-25 02:37 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-06-19 12:14 - 2019-05-25 02:37 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-06-19 12:14 - 2019-05-25 02:36 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-06-19 12:14 - 2019-05-25 02:33 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-06-19 12:14 - 2019-05-25 02:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-06-19 12:14 - 2019-05-25 02:26 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-06-19 12:14 - 2019-05-25 02:26 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-06-19 12:14 - 2019-05-25 02:24 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-06-19 12:14 - 2019-05-25 02:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-06-19 12:14 - 2019-05-25 02:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-06-19 12:14 - 2019-05-25 02:22 - 004492800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-19 12:14 - 2019-05-25 02:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-06-19 12:14 - 2019-05-25 02:17 - 013706240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-19 12:14 - 2019-05-25 02:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-06-19 12:14 - 2019-05-25 02:15 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-19 12:14 - 2019-05-25 02:15 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-06-19 12:14 - 2019-05-25 02:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-19 12:14 - 2019-05-25 02:15 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-19 12:14 - 2019-05-25 02:02 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-19 12:14 - 2019-05-25 01:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-19 12:14 - 2019-05-25 01:59 - 001323008 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-19 12:14 - 2019-05-25 01:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-06-19 12:14 - 2019-05-25 01:56 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-06-19 12:14 - 2019-05-23 03:58 - 000628224 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-06-19 12:14 - 2019-05-23 03:58 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-06-19 12:14 - 2019-05-23 03:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-19 12:14 - 2019-05-23 02:31 - 001251840 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-19 12:14 - 2019-05-23 02:31 - 000910336 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-19 12:14 - 2019-05-17 20:14 - 000251112 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-06-19 12:14 - 2019-05-16 17:22 - 004057312 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-06-19 12:14 - 2019-05-16 17:22 - 003963624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-19 12:14 - 2019-05-16 17:21 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000135912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-06-19 12:14 - 2019-05-16 17:21 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-06-19 12:14 - 2019-05-16 17:19 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-19 12:14 - 2019-05-16 17:02 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-19 12:14 - 2019-05-16 16:50 - 002406400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-19 12:14 - 2019-05-16 16:50 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-06-19 12:14 - 2019-05-16 16:47 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-19 12:14 - 2019-05-16 16:45 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-06-19 12:14 - 2019-05-13 16:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2019-06-19 12:14 - 2019-05-13 16:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2019-06-19 12:14 - 2019-05-13 16:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2019-06-19 12:14 - 2019-05-13 16:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2019-06-19 12:14 - 2019-05-09 17:20 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-06-19 12:14 - 2019-05-09 17:20 - 000078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-06-19 12:14 - 2019-05-09 17:18 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-06-19 12:14 - 2019-05-09 17:13 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-06-19 12:14 - 2019-05-09 16:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-06-19 12:14 - 2019-04-30 03:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-19 12:14 - 2019-04-25 17:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-19 12:14 - 2019-04-24 17:20 - 001311464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-19 12:14 - 2019-04-24 17:20 - 000240864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-06-19 12:14 - 2019-04-24 17:19 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-19 12:14 - 2019-04-12 15:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-06-19 12:14 - 2019-04-09 17:17 - 002953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-06-19 12:14 - 2019-04-09 17:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-06-19 12:14 - 2019-04-09 17:05 - 002092032 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-19 12:14 - 2019-04-09 17:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-19 12:14 - 2019-04-09 17:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-06-19 12:13 - 2019-05-25 02:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-06-19 12:13 - 2019-05-25 02:55 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-06-19 12:13 - 2019-05-25 02:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-06-19 12:13 - 2019-05-25 02:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-06-19 12:13 - 2019-05-25 02:39 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-06-19 12:13 - 2019-05-25 02:37 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-06-19 12:13 - 2019-05-25 02:27 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-06-19 12:13 - 2019-05-23 03:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-06-19 12:13 - 2019-05-16 17:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-06-19 12:13 - 2019-05-16 17:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-06-19 12:13 - 2019-05-16 16:53 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-06-19 12:13 - 2019-05-16 16:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-06-19 12:13 - 2019-05-16 16:53 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-06-19 12:13 - 2019-05-16 16:53 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-06-19 12:13 - 2019-05-16 16:53 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-06-19 12:13 - 2019-05-16 16:50 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-06-19 12:13 - 2019-05-16 16:49 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-06-19 12:13 - 2019-05-16 16:45 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-06-19 12:13 - 2019-05-16 16:45 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-06-19 12:13 - 2019-05-09 17:18 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-06-19 12:13 - 2019-05-09 17:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-06-19 12:13 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-06-19 12:13 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-06-19 12:13 - 2019-05-09 17:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-06-19 12:13 - 2019-05-09 17:02 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-06-19 12:13 - 2019-05-09 16:56 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-06-19 12:13 - 2019-05-09 16:48 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-06-19 12:13 - 2019-05-09 16:48 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-06-19 12:13 - 2019-05-09 16:48 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-06-19 12:13 - 2019-04-09 17:14 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-06-19 12:13 - 2019-04-09 17:05 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-06-19 12:13 - 2019-04-09 17:05 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-19 12:13 - 2019-04-09 17:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-06-19 12:13 - 2019-04-09 17:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-19 12:13 - 2019-04-09 17:05 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-06-07 20:16 - 2019-06-07 20:16 - 000001023 _____ C:\Users\Client\Desktop\DOMINIK – zástupce.lnk
2019-06-07 20:07 - 2019-06-07 20:07 - 000001163 _____ C:\Users\Public\Desktop\HappyFoto.lnk
2019-06-07 20:07 - 2019-06-07 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Happy Foto CZ
2019-06-07 20:06 - 2019-06-07 20:06 - 000000000 ____D C:\ProgramData\PhotoGenie X
2019-06-07 17:02 - 2019-06-07 17:10 - 338502528 _____ (Happy Foto CZ ) C:\Users\Client\Downloads\HappyFoto (2).exe
2019-06-04 20:29 - 2019-06-04 20:29 - 016920766 _____ C:\Users\Client\Downloads\pozvánka.pdf
2019-06-03 21:12 - 2019-06-03 21:12 - 000000342 ____H C:\Windows\Tasks\Avast Emergency Update.job
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-03 20:12 - 2009-07-14 06:34 - 000021408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-03 20:12 - 2009-07-14 06:34 - 000021408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-03 20:10 - 2015-04-12 15:42 - 000003540 _____ C:\Users\Client\AppData\Roaming\FjMenu1.XML
2019-07-03 20:03 - 2015-02-02 14:08 - 000000000 ____D C:\Users\Client\AppData\Roaming\WTablet
2019-07-03 20:02 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-03 19:59 - 2018-02-11 12:51 - 000000000 ____D C:\AdwCleaner
2019-07-03 18:39 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-07-03 18:21 - 2017-08-28 21:00 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-03 18:20 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-03 18:18 - 2017-08-28 20:48 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-03 18:08 - 2009-07-14 06:53 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-02 22:11 - 2015-03-28 16:06 - 000000000 ____D C:\Users\Client\AppData\LocalLow\Adblock Plus for IE
2019-06-24 17:57 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2019-06-24 15:41 - 2011-04-12 03:37 - 000668376 _____ C:\Windows\system32\perfh005.dat
2019-06-24 15:41 - 2011-04-12 03:37 - 000141004 _____ C:\Windows\system32\perfc005.dat
2019-06-24 15:41 - 2010-11-20 23:01 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-24 15:33 - 2009-07-14 06:33 - 000509904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-24 15:28 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\Dism
2019-06-20 21:37 - 2015-03-28 16:28 - 000000000 ____D C:\Windows\system32\MRT
2019-06-20 21:30 - 2015-03-28 16:28 - 132265168 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-20 17:50 - 2015-11-21 12:30 - 000139568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-20 11:01 - 2015-02-04 22:11 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 12:24 - 2019-02-28 12:34 - 000002119 _____ C:\Users\Client\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-06-19 12:24 - 2017-08-28 21:06 - 000000000 ___RD C:\Users\Client\OneDrive
2019-06-19 12:13 - 2015-11-21 12:30 - 000167360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-19 12:09 - 2016-07-30 12:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-07 17:06 - 2017-01-29 23:06 - 000000000 ____D C:\Program Files\HappyFoto-Designer
2019-06-06 17:52 - 2019-05-21 19:15 - 000000000 ____D C:\Program Files\Happy Foto CZ
==================== Files in the root of some directories ================
2018-12-29 21:23 - 2018-12-29 21:23 - 007895040 _____ () C:\Program Files\GUT538E.tmp
2015-04-12 15:42 - 2019-07-03 20:10 - 000003540 _____ () C:\Users\Client\AppData\Roaming\FjMenu1.XML
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-06-24 16:36
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-07-2019
Ran by Client (03-07-2019 21:12:05)
Running from C:\Users\Client\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-02-02 11:10:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-944637591-687013849-2777917340-500 - Administrator - Disabled)
Client (S-1-5-21-944637591-687013849-2777917340-1000 - Administrator - Enabled) => C:\Users\Client
Guest (S-1-5-21-944637591-687013849-2777917340-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit) (HKLM\...\{CBECBAA4-A9A1-48B6-88DC-5D5E800B0E52}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AuthenTec Fingerprint Software (HKLM\...\{83F136F0-2AE5-420C-A0B6-A440AD42591C}) (Version: 8.5.4.53 - Název společnosti:)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Balíček ovladače systému Windows - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/27/2009 4.2.0827.2009) (HKLM\...\F02860D720F53C6FCD75A013226E3E82F54FAB68) (Version: 08/27/2009 4.2.0827.2009 - Fujitsu America, Inc.)
Battery Utility (HKLM\...\{0294F00A-91AC-4FBF-BD14-0EE1583927AF}) (Version: 3.00.10.001 - Název společnosti:) Hidden
Battery Utility (HKLM\...\InstallShield_{0294F00A-91AC-4FBF-BD14-0EE1583927AF}) (Version: 3.00.10.001 - Název společnosti:)
Bluetooth Feature Pack 5.0 (HKLM\...\{0439D13F-C7CD-458A-90DE-44135CBD40B8}) (Version: 5.0.13 - CSR Plc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
FJ Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52008.0 - Sonix)
FUJITSU Battery Charging Control Update Tool (HKLM\...\{01A4BE67-357B-44C5-92F1-F543FB8643EF}) (Version: 2.0.2.0 - FUJITSU CLIENT COMPUTING LIMITED) Hidden
FUJITSU Battery Charging Control Utility (HKLM\...\InstallShield_{01A4BE67-357B-44C5-92F1-F543FB8643EF}) (Version: 2.0.2.0 - FUJITSU CLIENT COMPUTING LIMITED)
Fujitsu Button Utilities (HKLM\...\{207E8B60-07D2-4B7F-97FE-0DA448606861}) (Version: 7.02.0818.2009 - Fujitsu America, Incorporated)
Fujitsu Display Manager (HKLM\...\{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - Název společnosti:) Hidden
Fujitsu Display Manager (HKLM\...\InstallShield_{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - Název společnosti:)
Fujitsu Hotkey Utility (HKLM\...\{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu Hotkey Utility (HKLM\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (HKLM\...\{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Název společnosti:) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM\...\InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Název společnosti:)
Fujitsu System Extension Utility (HKLM\...\{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED)
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HappyFoto (HKLM\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM\...\{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM\...\InstallShield_{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
OZ711 SCR Driver (HKLM\...\{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro) Hidden
OZ711 SCR Driver (HKLM\...\InstallShield_{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pen Tablet (HKLM\...\Pen Tablet Driver) (Version: 5.1.1.11 - Wacom Technology Corp.)
Power Saving Utility (HKLM\...\{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.009 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM\...\InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.009 - FUJITSU LIMITED)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Security Panel (HKLM\...\InstallShield_{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Security Panel Application (HKLM\...\{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Security Panel Application for Supervisor (HKLM\...\{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Security Panel for Supervisor (HKLM\...\InstallShield_{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Shock Sensor Utility (HKLM\...\{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Název společnosti:) Hidden
Shock Sensor Utility (HKLM\...\InstallShield_{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Název společnosti:)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireless Selector (HKLM\...\{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED) Hidden
Wireless Selector (HKLM\...\InstallShield_{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Client\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Osoba 2 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2015-02-03 15:45 - 2009-09-30 21:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2009-08-17 22:08 - 2009-09-30 18:57 - 000069632 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjCuiSdk.dll
2009-08-18 21:37 - 2009-11-14 13:06 - 000024576 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
2009-08-18 21:38 - 2009-11-14 13:09 - 000020480 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\fjevents.exe
2009-08-06 16:07 - 2009-11-16 01:29 - 000020480 _____ (Fujitsu Computer Systems) [File not signed] C:\Program Files\Fujitsu\Utils\FjLidMon.exe
2009-07-16 20:20 - 2009-10-12 13:48 - 000032768 _____ (Fujitsu PC Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjFBUCmn.dll
2015-02-03 15:45 - 2009-09-30 22:33 - 000262144 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2015-02-03 15:45 - 2009-09-30 21:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2015-02-03 15:45 - 2009-09-30 21:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2015-02-03 15:45 - 2009-09-30 22:34 - 002314240 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2010-10-19 15:21 - 2010-10-19 15:21 - 001269760 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
2010-10-19 15:06 - 2010-10-19 15:06 - 000487424 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
2010-10-31 04:52 - 2010-10-31 04:52 - 000043520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\FrWrkCSY.dll
2010-10-31 05:02 - 2010-10-31 05:02 - 000006656 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\WiTrCSY.dll
2010-10-19 15:03 - 2010-10-19 15:03 - 000655360 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2010-10-19 15:04 - 2010-10-19 15:04 - 000622592 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2010-10-19 15:04 - 2010-10-19 15:04 - 002285568 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2010-10-19 15:05 - 2010-10-19 15:05 - 000512000 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2010-10-19 15:07 - 2010-10-19 15:07 - 000503808 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2010-10-19 15:05 - 2010-10-19 15:05 - 000200704 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2010-10-31 04:58 - 2010-10-31 04:58 - 000106496 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\LangResources\CSY\PanTrCSY.dll
2010-10-19 15:17 - 2010-10-19 15:17 - 000876544 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2010-10-19 15:18 - 2010-10-19 15:18 - 000307200 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PanApi.dll
2010-10-19 15:10 - 2010-10-19 15:10 - 001626112 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2010-10-19 15:08 - 2010-10-19 15:08 - 000499712 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfQOSMgr.dll
2010-10-19 15:02 - 2010-10-19 15:02 - 000135168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2010-10-19 15:02 - 2010-10-19 15:02 - 000139264 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.dll
2010-10-19 15:16 - 2010-10-19 15:16 - 001146880 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2007-02-12 02:43 - 2007-02-12 02:43 - 000065536 _____ (O2Micro International) [File not signed] C:\Windows\system32\o2flash.exe
2010-10-19 14:39 - 2010-10-19 14:39 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-02-26 19:57 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-944637591-687013849-2777917340-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Client\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{47E232FA-1099-4017-A8F8-F447393319F5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C22701D-2520-4CCB-84D0-C5435539203B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{B350DF42-9C1E-4626-A848-BFD21B1FCB98}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D29DF108-2023-4486-B6BA-D742B352C94E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC480EAD-2853-4CB6-A610-62C1E49FEAC4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A674D906-7B82-42BE-9752-B5321AB33FC5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{814920D5-3853-4194-8FD3-34CA0A01FF5B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAC9AFBB-A13B-4787-9511-9F97F126FCD4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40DD0323-EA20-404A-9BF5-34DF63DED06A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54F2C6B2-3549-4CE2-818E-6270A9D06333}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
07-06-2019 20:07:04 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
19-06-2019 16:04:08 Naplánovaný kontrolní bod
20-06-2019 21:25:17 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/03/2019 08:03:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/03/2019 08:03:04 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 08:03:04 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 08:03:04 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 07:03:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST.exe verze 30.6.2019.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 187c
Čas spuštění: 01d531bf712d2f1c
Čas ukončení: 62
Cesta k aplikaci: C:\Users\Client\Desktop\FRST.exe
ID hlášení:
Error: (07/03/2019 06:21:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
System errors:
=============
Error: (07/03/2019 08:01:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (07/03/2019 08:01:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (07/03/2019 08:01:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (07/03/2019 08:00:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (07/03/2019 08:00:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/03/2019 08:00:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AuthenTec Fingerprint Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (07/03/2019 08:00:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (07/03/2019 08:00:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management & Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2016-07-08 22:50:55.320
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C19C5084-5512-45AF-93A9-B8453F29E3BA}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
==================== Memory info ===========================
BIOS: FUJITSU // Phoenix Technologies Ltd. Version 1.19 11/29/2011
Motherboard: FUJITSU FJNB204
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 66%
Total physical RAM: 2995.5 MB
Available physical RAM: 1017.96 MB
Total Virtual: 9137.87 MB
Available Virtual: 6894.62 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.05 GB) (Free:52.42 GB) NTFS
\\?\Volume{aa9b253a-aac9-11e4-9e65-806e6f6e6963}\ () (Fixed) (Total:1 GB) (Free:0.95 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 87C2420C)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený NTB
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {627d7ffb-4de5-11e6-879f-002258c78025} - E:\autorun.exe
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {6bf6b3ea-8249-11e6-9711-002258c78025} - E:\HiSuiteDownLoader.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {9A84C94B-C692-423D-9CF0-6DDEA276FEAC} - System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Client\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SRW4P1E\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573[1].EXE" -d C:\Users\Client\Desktop
Task: {C6174E92-9CC9-4E2C-A640-50A3FF67851D} - System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => C:\Windows\system32\pcalua.exe -a "E:\notebook fujitsu t900\SMARTCARD_O2MICRO_V3.0.1.6D_WIN7_CA41534-5573.EXE" -d "E:\notebook fujitsu t900"
Task: {CB0CE3BD-325A-4350-BE18-B0107B61C1A8} - System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => C:\Windows\system32\pcalua.exe -a C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573\PROUnstl.exe -d C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573
Task: {CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {FE577009-7166-4173-83A0-E22CF150E690} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Program Files\GUT538E.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalený NTB
Fix result of Farbar Recovery Scan Tool (x86) Version: 03-07-2019
Ran by Client (03-07-2019 22:20:53) Run:1
Running from C:\Users\Client\Desktop
Loaded Profiles: Client (Available Profiles: Client)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {627d7ffb-4de5-11e6-879f-002258c78025} - E:\autorun.exe
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {6bf6b3ea-8249-11e6-9711-002258c78025} - E:\HiSuiteDownLoader.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {9A84C94B-C692-423D-9CF0-6DDEA276FEAC} - System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Client\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SRW4P1E\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573[1].EXE" -d C:\Users\Client\Desktop
Task: {C6174E92-9CC9-4E2C-A640-50A3FF67851D} - System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => C:\Windows\system32\pcalua.exe -a "E:\notebook fujitsu t900\SMARTCARD_O2MICRO_V3.0.1.6D_WIN7_CA41534-5573.EXE" -d "E:\notebook fujitsu t900"
Task: {CB0CE3BD-325A-4350-BE18-B0107B61C1A8} - System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => C:\Windows\system32\pcalua.exe -a C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573\PROUnstl.exe -d C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573
Task: {CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {FE577009-7166-4173-83A0-E22CF150E690} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Program Files\GUT538E.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-944637591-687013849-2777917340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{627d7ffb-4de5-11e6-879f-002258c78025} => removed successfully.
HKLM\Software\Classes\CLSID\{627d7ffb-4de5-11e6-879f-002258c78025} => not found
HKU\S-1-5-21-944637591-687013849-2777917340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6bf6b3ea-8249-11e6-9711-002258c78025} => removed successfully.
HKLM\Software\Classes\CLSID\{6bf6b3ea-8249-11e6-9711-002258c78025} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A84C94B-C692-423D-9CF0-6DDEA276FEAC}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A84C94B-C692-423D-9CF0-6DDEA276FEAC}" => removed successfully.
C:\Windows\System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6174E92-9CC9-4E2C-A640-50A3FF67851D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6174E92-9CC9-4E2C-A640-50A3FF67851D}" => removed successfully.
C:\Windows\System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB0CE3BD-325A-4350-BE18-B0107B61C1A8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB0CE3BD-325A-4350-BE18-B0107B61C1A8}" => removed successfully.
C:\Windows\System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE577009-7166-4173-83A0-E22CF150E690}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE577009-7166-4173-83A0-E22CF150E690}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
C:\Program Files\GUT538E.tmp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4119395 B
Java, Flash, Steam htmlcache => 1155 B
Windows/system/drivers => 4770949 B
Edge => 0 B
Chrome => 25752876 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83565 B
LocalService => 66228 B
NetworkService => 2007040 B
Client => 6864054 B
RecycleBin => 146729 B
EmptyTemp: => 49.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:21:15 ====
Ran by Client (03-07-2019 22:20:53) Run:1
Running from C:\Users\Client\Desktop
Loaded Profiles: Client (Available Profiles: Client)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {627d7ffb-4de5-11e6-879f-002258c78025} - E:\autorun.exe
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {6bf6b3ea-8249-11e6-9711-002258c78025} - E:\HiSuiteDownLoader.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {9A84C94B-C692-423D-9CF0-6DDEA276FEAC} - System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Client\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SRW4P1E\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573[1].EXE" -d C:\Users\Client\Desktop
Task: {C6174E92-9CC9-4E2C-A640-50A3FF67851D} - System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => C:\Windows\system32\pcalua.exe -a "E:\notebook fujitsu t900\SMARTCARD_O2MICRO_V3.0.1.6D_WIN7_CA41534-5573.EXE" -d "E:\notebook fujitsu t900"
Task: {CB0CE3BD-325A-4350-BE18-B0107B61C1A8} - System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => C:\Windows\system32\pcalua.exe -a C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573\PROUnstl.exe -d C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573
Task: {CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {FE577009-7166-4173-83A0-E22CF150E690} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Program Files\GUT538E.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-944637591-687013849-2777917340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{627d7ffb-4de5-11e6-879f-002258c78025} => removed successfully.
HKLM\Software\Classes\CLSID\{627d7ffb-4de5-11e6-879f-002258c78025} => not found
HKU\S-1-5-21-944637591-687013849-2777917340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6bf6b3ea-8249-11e6-9711-002258c78025} => removed successfully.
HKLM\Software\Classes\CLSID\{6bf6b3ea-8249-11e6-9711-002258c78025} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A84C94B-C692-423D-9CF0-6DDEA276FEAC}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A84C94B-C692-423D-9CF0-6DDEA276FEAC}" => removed successfully.
C:\Windows\System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6174E92-9CC9-4E2C-A640-50A3FF67851D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6174E92-9CC9-4E2C-A640-50A3FF67851D}" => removed successfully.
C:\Windows\System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB0CE3BD-325A-4350-BE18-B0107B61C1A8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB0CE3BD-325A-4350-BE18-B0107B61C1A8}" => removed successfully.
C:\Windows\System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE577009-7166-4173-83A0-E22CF150E690}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE577009-7166-4173-83A0-E22CF150E690}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
C:\Program Files\GUT538E.tmp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4119395 B
Java, Flash, Steam htmlcache => 1155 B
Windows/system/drivers => 4770949 B
Edge => 0 B
Chrome => 25752876 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83565 B
LocalService => 66228 B
NetworkService => 2007040 B
Client => 6864054 B
RecycleBin => 146729 B
EmptyTemp: => 49.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:21:15 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený NTB
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalený NTB
o moc lepší mi to nepřijde. Je spuštěný pouze chrome a procesor při každém vyhledávání je vytížený kolem 60% a fyzická paměť je stále na nějakých 60-70 %.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený NTB
Koukněte do správce úloh a zjistěte, který proces nejvíce CPU a paměť zatěžuje.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený NTB
Zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalený NTB
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Client on źt 04.07.2019 at 19:25:16,94.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Client\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
4.7.2019 19:28:43 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\Drogerie TETA deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~2\CorelDRAW Graphics Suite X7 deleted successfully
C:\Users\Client\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Client\AppData\Local\EmieSiteList deleted successfully
C:\Users\Client\AppData\Local\EmieUserList deleted successfully
C:\Users\Client\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Program Files\Drogerie TETA not found
C:\Program Files\DeadMouse deleted
C:\PROGRA~2\{7b233f3e-d305-4bc8-7b23-33f3ed30fcfb} deleted
C:\PROGRA~2\{fb433786-960a-560a-fb43-33786960de1a} deleted
C:\Program Files\GUM538D.tmp deleted
C:\PROGRA~2\Package Cache deleted
==== Firefox XPI-files found: ======================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x86
Ran by Client (Administrator) on źt 04.07.2019 at 20:35:32,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 04.07.2019 at 20:39:59,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tool run by Client on źt 04.07.2019 at 19:25:16,94.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Client\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
4.7.2019 19:28:43 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\Drogerie TETA deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~2\CorelDRAW Graphics Suite X7 deleted successfully
C:\Users\Client\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Client\AppData\Local\EmieSiteList deleted successfully
C:\Users\Client\AppData\Local\EmieUserList deleted successfully
C:\Users\Client\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Program Files\Drogerie TETA not found
C:\Program Files\DeadMouse deleted
C:\PROGRA~2\{7b233f3e-d305-4bc8-7b23-33f3ed30fcfb} deleted
C:\PROGRA~2\{fb433786-960a-560a-fb43-33786960de1a} deleted
C:\Program Files\GUM538D.tmp deleted
C:\PROGRA~2\Package Cache deleted
==== Firefox XPI-files found: ======================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x86
Ran by Client (Administrator) on źt 04.07.2019 at 20:35:32,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 04.07.2019 at 20:39:59,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený NTB
Tady OK. A Zoek?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?