Tak zde je log z FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by Admin (administrator) on ADMIN-PC (08-07-2019 13:03:00)
Running from C:\Users\Admin\Desktop\COMODO
Loaded Profiles: Admin (Available Profiles: Admin & DefaultAppPool)
Platform: Windows 10 Home Version 1809 17763.557 (X64) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Clarus, Inc.) [File not signed] C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe
(Comodo Security Solutions, Inc. -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(OrdinarySoft -> OrdinarySoft) C:\Program Files\Start Menu X\StartMenuX.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2011-12-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [QFan Help] => C:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe [888960 2010-03-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) [File not signed]
HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [8516280 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKU\S-1-5-21-1715255161-2832042311-1099015237-1000\...\Run: [StartMenuX] => C:\Program Files\Start Menu X\StartMenuX.exe [7917912 2016-07-08] (OrdinarySoft -> OrdinarySoft)
HKU\S-1-5-21-1715255161-2832042311-1099015237-1000\...\Run: [Google Update] => C:\Users\Admin\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc -> Google LLC)
HKU\S-1-5-21-1715255161-2832042311-1099015237-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1715255161-2832042311-1099015237-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-12-11] (ZONER software, a.s. -> ZONER software)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\System32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\System32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\System32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\System32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\System32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\System32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\System32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\System32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\System32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\System32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\System32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\System32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\System32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\System32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\System32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [vidc.i263] => C:\Windows\SysWOW64\i263_32.drv [391680 1997-04-07] (Intel Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.l3fhg] => C:\Windows\SysWOW64\mp3fhg.acm [232448 2006-10-18] (Fraunhofer Institut Integrierte Schaltungen IIS) [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\divxa32.acm [287744 2001-02-25] (Kristal StudioDFileDescription) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1294336 2002-07-08] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3315712 2010-05-26] () [File not signed]
HKLM\...\Drivers32: [VIDC.DIV3] => C:\Windows\SysWOW64\DivXc32.dll [413760 2002-08-01] (Hacked with Joy !) [File not signed]
HKLM\...\Drivers32: [VIDC.DIV4] => C:\Windows\SysWOW64\DivXc32f.dll [413760 2002-08-22] (Hacked with Joy !) [File not signed]
HKLM\...\Drivers32: [VIDC.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.VP70] => C:\Windows\SysWOW64\vp7vfw.dll [630784 2006-04-02] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [205824 2009-05-29] () [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [217088 2004-01-25] (
http://www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\AC3ACM.acm [151552 2010-01-17] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://
www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [108032 2010-06-02] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32-x32: [msacm.lame] => lame.ax
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-09-23]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-03-28]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0075047A-0C17-406E-B0CC-169ED3A1DF66} - System32\Tasks\{2ED52D4E-05E5-46E5-964D-94324713081D} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {043AF31D-66A7-4986-B59B-6547AEE091C4} - System32\Tasks\{D0E5CACA-B5FB-45B9-A0D4-CCFEFB10E29D} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
Task: {048E9D9B-15E4-4767-8454-1E87DD66C8CF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {04B0D92D-5994-451B-BA91-31DBA823211D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {08BB75DD-EF20-4E5E-BF82-2129B5B6519F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {0D1794D5-39F4-4E28-9E51-9F95938A44E0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0E53777E-9580-41B8-A427-6446D05456F3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {135CEE38-B4EF-4C73-BC4B-064BCC1F684A} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {14910B6C-A8BF-4597-A48E-CCD985C5CFC5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1673453B-07AE-4418-BCA6-6136169CDDDF} - System32\Tasks\{7E77A8B1-A1DD-4AF4-8130-6A804C6F99A7} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {1DB99ED3-2739-4AF7-B72E-CC8FD6272D1E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1DBE6F1D-D476-4086-B62B-A760FC19C9C2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1FB53746-57DF-48A4-BF81-EFDD66FD15C5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {26417ACD-D4D6-4F96-A194-820D3FBDEB94} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {2A8C4295-C887-4EED-923F-BB2AE202F7D5} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {2CEA2CD7-230E-410D-A51F-8509E4F119B2} - System32\Tasks\{F5C44B8F-8860-4551-AFD4-3A438D270FF1} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {2FA91AD6-A488-46F5-A37A-F2ECCA4276B8} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {305EFAD2-94C0-49C2-A7CD-0297BA4553D4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1715255161-2832042311-1099015237-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {30A49C45-42E5-424F-8B0B-4C5EC50597D2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {31BDBED9-543F-49C0-8A51-ABD6269AC2F0} - System32\Tasks\{2E595A9D-E2D3-4C88-8A43-87C069FAAF28} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {3271EB17-3DC0-48D0-AE08-934DA17164FE} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {37481F78-7791-48E4-ADCC-547E7029C6B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3976A02A-9529-471D-AEAC-BC996C61113E} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Admin\AppData\Roaming\HP Photo Creations\Communicator.exe [186080 2011-11-15] (RocketLife -> )
Task: {3AD2C34A-2002-4341-AE79-BDC2FFA1DB78} - System32\Tasks\{5B0DEB96-FAA3-43A6-9A9A-54C6C5DB7120} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {3B226873-669A-4B26-A91B-ADE28C9F3BBB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3D07643D-6761-41BF-B9AE-A011F606DF14} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.05\AsLoader.exe [803968 2010-01-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {3D0D7EAA-3B01-43ED-BCFC-B0DDD8A76EA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3F269491-AC6A-404D-995D-A559480FDBDA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {41E0A35D-BC5C-4040-AE94-1E15C04D8D7C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {429C0586-605D-4D14-B07D-AEDC0C607A8A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {47E9657D-70E8-4A69-A87F-FE31B304EC16} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {49631686-F098-40DB-AE5E-F0D10CAC1F10} - System32\Tasks\{DA70EFF7-C408-4214-BCF5-78D3FC95E92B} => C:\Users\Admin\Desktop\STAŽENÉ\WonderFoxDVDVideoConverter86-dp4fh72\Setup.exe
Task: {52BA1836-B51B-4E03-949B-820444FA0063} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {556ADD71-26DF-4170-8021-1C9EDDDDB8A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {5630BBAE-6492-4FDA-9151-D22FD3808366} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1715255161-2832042311-1099015237-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {56677640-FE45-43A7-8C4B-D0902E766BE1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1715255161-2832042311-1099015237-1000UA1d2599280a1ff0f => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5E1BD579-419F-45F2-B828-95619DBD3529} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {5E8A643F-91B5-4692-97FD-5810AA78D0E1} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {62BA2B29-3BDD-462F-AA57-4AB8B197CB39} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {64684BB1-5728-4E15-84D2-A0A61BAF31A8} - System32\Tasks\{84D29ABF-E1DB-4FD0-9999-806D3ECD4399} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {68B4D736-DF80-4A56-B4B4-9C9AC9AF0CD8} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {6A957E7A-ACA3-42B1-8971-AA0043DDAD43} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {76051720-2A8C-4BE7-AA91-4609504BE116} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A1151C3-E0C4-406A-B9BF-CCFC8D68D5DB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EF92B7C-A637-4B54-A422-6309A6BF2657} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-13] (Adobe Inc. -> Adobe)
Task: {8174C70B-F1F1-459F-A4D5-7584669A9CD6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86D4A4EF-B209-47C8-96E3-2632C491E8CC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {87292AB6-6FA5-4692-B6AC-3E82F906FC5F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {8D1F199D-9787-4797-BD0B-4ADD1B37A39A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {94A6A784-B6C7-4260-9DAA-A20784C4D2EF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9519CEAB-15A1-405A-AC43-5074446239EA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9599259D-D7C3-4321-84B5-ACF6DBBE6498} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {97A4289B-86DC-470F-8FC9-4558C587BECB} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {A6D2C352-6F0F-469A-868C-D65562BF2C72} - System32\Tasks\{FD92923C-BEFD-4F94-ABE9-7A4F66D0FD48} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
Task: {AA009932-AE09-4D67-ADB6-7CEF9EFF0FAC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AA3740CC-0987-4940-879B-91DB16CC727C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {ABCCFB85-EE70-4A94-8475-2EE359028D85} - System32\Tasks\{A8162E04-5A43-448C-8A5B-552E875F0DEC} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {AF77D5B8-C2C1-40DB-99A0-0E8F2FEB271F} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B126ED9E-64EF-4B71-944A-891158304111} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B2B41287-A501-4DD7-BDB1-A62DB902DC92} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1715255161-2832042311-1099015237-1000Core1d25992805cdaa0 => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {B5ACD352-105B-4B8D-BEC4-365C7DCBB2BC} - System32\Tasks\{440D0B85-4D03-46F6-997F-82E7E7DED13A} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
Task: {B72983A3-8CF5-4B4D-B9D5-C46F2B1F100F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA4A4932-A882-400F-AECB-A3623803E8AA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {BD6A7DB3-C908-4349-BACE-F7D6BF085806} - System32\Tasks\{86825F77-39FB-4048-894B-8FA83566CCE5} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {BDF80F5B-B0BB-4C07-AAAF-C48DBCFF0FB8} - System32\Tasks\{0817238E-3D33-4326-990E-02EE743E5F9D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Handset Manager\Install.exe" -d "C:\Program Files (x86)\Handset Manager"
Task: {C00868FC-56BC-4F15-A11E-130742FC64FC} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {C099DDBE-D8C6-4986-9925-8AD21CC0207D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C2EF83BC-4B31-4869-9208-C8BB03949D02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-13] (Adobe Inc. -> Adobe)
Task: {C517A25B-87F7-4486-AC78-A994160A2F86} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-12] (Adobe Inc. -> Adobe)
Task: {C5D465DF-F7BB-4653-B01A-D3FF1A589412} - System32\Tasks\{4CE93009-E6FA-4387-B7BF-DD1806EA82A3} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
Task: {C83DDDDE-36D2-4D27-AFF1-A15A18D07032} - System32\Tasks\ASUS\Gpu Boost Driver => C:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exe [1137280 2010-03-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {CCDEEEB8-37E9-4DB6-9DE1-C1F5AAD07EDD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CD17F43B-2A29-45E1-AEAA-AC072C5F7991} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D15E693B-706F-4B41-A6C5-9201CA46C55E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D30EDB79-F067-424A-8651-26E862B20431} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D69F89A6-8ECF-458B-A1F3-09AF07C9B601} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DEAE3D12-4C2E-4741-A98E-B002F41F627E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {DF2AEA1F-C5E5-4D46-90D3-30843284F9BE} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E04BB851-BF0A-42B8-8A2E-0B886E3777DC} - System32\Tasks\{36089806-21CA-40E7-B313-BB138333902F} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {E4B8D7FD-5192-4A87-99AB-A01067FD371E} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E4E0CCDB-CCBC-40F0-8601-7BB300508353} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E6C1ED6C-E1A0-4748-BB03-8EECEA9039F7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E6E67CD1-E06D-419A-98A2-CBF97B86C314} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E87249D3-0ED7-4586-810F-6CF9F68EA5A0} - System32\Tasks\{1C87C160-26C6-47A2-BAA4-202205A9D152} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
Task: {EC8EF2CD-A83B-4B51-81F1-62B4841D230B} - System32\Tasks\{339848FA-267D-4843-895F-159E08EDA0B5} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {EF4D9CFB-48B1-4AB7-A20B-6E59A0B201EC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EF65ECF7-4C92-4048-B2DC-E32C359C9D61} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F20338D5-D0EB-4A68-B3CB-DE3B68DE2F3E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {F4DDCCB6-006F-40F5-A128-1CD802A14DB8} - System32\Tasks\{FD9D3541-72F6-4025-8F62-997DD5A425A3} => C:\Windows\system32\pcalua.exe -a C:\Users\Admin\Desktop\MOBIL\drivers_Sterwoniki_1203925675\sterowniki\setup.exe -d C:\Users\Admin\Desktop\MOBIL\drivers_Sterwoniki_1203925675\sterowniki
Task: {FA7755F5-3274-4F2B-9903-1BA47659C2D8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {FB3894D1-782D-4458-AAF7-220A2DF71F97} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {FBDBB270-3544-4AD1-B430-30DD1C4DB078} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FE025E4B-159E-41C7-8DE3-27BF25BD7599} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1715255161-2832042311-1099015237-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1715255161-2832042311-1099015237-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Admin\AppData\Roaming\HP Photo Creations\Communicator.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 192.168.1.1
Tcpip\..\Interfaces\{0af76db1-3334-41a3-8ba4-ab8be3082360}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{88fafba6-ca9e-4c9b-bfa2-880442089c90}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{88fafba6-ca9e-4c9b-bfa2-880442089c90}: [DhcpNameServer] 192.168.10.1 192.168.1.1
Tcpip\..\Interfaces\{f84a142e-1246-4aca-a594-0caf9ca3d3dd}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1715255161-2832042311-1099015237-1000 -> DefaultScope {194F07BA-8C47-4918-BE8B-093659FBFA84} URL = hxxp://
www.google.com/search?q={searchTerms}&rlz=
SearchScopes: HKU\S-1-5-21-1715255161-2832042311-1099015237-1000 -> {194F07BA-8C47-4918-BE8B-093659FBFA84} URL = hxxp://
www.google.com/search?q={searchTerms}&rlz=
BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc -> Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation -> Microsoft Corporation.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc -> Google Inc.)
IE Session Restore: HKU\S-1-5-21-1715255161-2832042311-1099015237-1000 -> is enabled.
DPF: HKLM-x32 {563DF2AD-1EB7-4C84-8DA8-52A0A134E30E} hxxp://
www.icantek.com/viewer/activex/icsview.cab
DPF: HKLM-x32 {64865E5A-E8D7-44C1-89E1-99A84F6E56D0} hxxp://46.33.113.85:8080/VVTK_Plugin_Installer.exe
DPF: HKLM-x32 {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://hostyn.nwt.cz/activex/AxisCamControl.cab
DPF: HKLM-x32 {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} hxxp://t.live.cntv.cn/ieocx/CCTVUpdateInstall.dll
DPF: HKLM-x32 {BCCA9B64-41B3-4A20-8D8B-E69FE61F1F8B} hxxp://
www.zoiper.com/webphone/InstallerWeb.cab
DPF: HKLM-x32 {C32FE9F1-A857-48B0-B7BF-065B5792F28D} hxxp://77.95.196.129/activex/decoder/intel_mpeg4_dec.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://77.95.196.129/activex/AMC.cab
FireFox:
========
FF DefaultProfile: tcvs2xaf.default-1364899423536
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tcvs2xaf.default-1364899423536 [2019-07-08]
FF Session Restore: Mozilla\Firefox\Profiles\tcvs2xaf.default-1364899423536 -> is enabled.
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tcvs2xaf.default-1364899423536\Extensions\
cs@dictionaries.addons.mozilla.org.xpi [2019-01-05]
FF Extension: (Avast Online Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tcvs2xaf.default-1364899423536\Extensions\
wrc@avast.com.xpi [2019-07-02]
FF Extension: (mx3) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tcvs2xaf.default-1364899423536\Extensions\{3d2ee42e-a6d9-4888-bd17-2148dc7928d7}.xpi [2017-10-15] [Legacy]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\tcvs2xaf.default-1364899423536\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2019-06-25]
FF HKLM-x32\...\Firefox\Extensions: [
smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-28] [Legacy] [not signed]
FF HKU\S-1-5-21-1715255161-2832042311-1099015237-1000\...\Firefox\Extensions: [
smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-12] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-12] (Adobe Inc. -> )
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [No File]
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-06-02] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-06-02] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @zoiper.com/npZoiper -> C:\Program Files (x86)\Zoiper Web\npZoiper.dll [2012-08-08] (SECURAX -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: WinLessPlugin -> C:\Program Files (x86)\Camera Stream Controller\npWinLessRtspCtrl.dll [2012-10-18] (VIVOTEK INC. -> )
FF Plugin HKU\S-1-5-21-1715255161-2832042311-1099015237-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Admin\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife -> RocketLife, LLP)
FF Plugin HKU\S-1-5-21-1715255161-2832042311-1099015237-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1715255161-2832042311-1099015237-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://mysearch.avg.com?cid={4669E67E-67FC-4DE9-AA61-3A65CEEE972E}&mid=a35fcc87b5c847d2a3b06de7836a7dd3-37426f6650395e3706f1825e059166d843a24dec&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-30 10:24:11&v=18.1.9.799&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxps://mysearch.avg.com?cid={4669E67E-67FC-4DE9-AA61-3A65CEEE972E}&mid=a35fcc87b5c847d2a3b06de7836a7dd3-37426f6650395e3706f1825e059166d843a24dec&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-30 10:24:11&v=18.1.9.799&pid=safeguard&sg=&sap=hp"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2019-07-07]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-12]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-23]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-23]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-04-23] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [238080 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-08] (CobianSoft, Luis Cobian) [File not signed]
S2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2651840 2019-04-11] (Comodo Security Solutions, Inc. -> COMODO)
R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4202680 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2960336 2019-06-20] (Comodo Security Solutions, Inc. -> Comodo)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2019-04-01] (Microsoft Windows -> Microsoft Corporation)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Sony Mobile Communications -> Avanquest Software) [File not signed]
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2015-05-21] (Clarus, Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [11922944 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [359936 2015-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] (ASUSTeK Computer Inc. -> )
R3 AtiHdmiService; C:\WINDOWS\system32\drivers\AtiHdmi.sys [116736 2010-01-28] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies, Inc.)
R0 AtiPcie; C:\WINDOWS\System32\drivers\AtiPcie.sys [16440 2009-08-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17872 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmdcss; C:\WINDOWS\system32\drivers\cmdcss.sys [125000 2018-02-28] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [43416 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [849048 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [51672 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
S3 cpuz134; C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [21480 2010-07-09] (CPUID -> Windows (R) Win 7 DDK provider)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [134280 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-07-08] (Malwarebytes Corporation -> Malwarebytes)
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] (Clarus, Inc. -> )
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] (Clarus, Inc. -> )
S3 pccsmcfd; C:\WINDOWS\System32\DRIVERS\pccsmcfdx64.sys [25600 2008-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-08-18] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 tapwp01; C:\WINDOWS\System32\DRIVERS\tapwp01.sys [40664 2014-12-11] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-07] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-08 11:29 - 2019-07-08 11:29 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-07-07 18:19 - 2019-07-08 13:03 - 000000000 ____D C:\Users\Admin\Desktop\COMODO
2019-07-07 18:12 - 2019-07-07 18:12 - 000033042 _____ C:\Users\Admin\Desktop\CisReport_x64_v12.0.0.6818_20190707-181144.zip
2019-07-07 17:49 - 2019-07-07 17:50 - 000067065 _____ C:\Users\Admin\Desktop\STM_CZ5106000000000209975773_20190704_2019000004.PDF
2019-07-03 07:37 - 2019-07-03 07:37 - 000452738 _____ C:\Users\Admin\Desktop\Potvrzeni_o_provedene_platbe_03.07.2019_07_36.pdf
2019-07-01 18:22 - 2019-07-01 19:17 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-01 18:22 - 2019-07-01 18:22 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-01 18:22 - 2019-07-01 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-01 18:22 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-06-19 13:04 - 2019-06-19 21:44 - 000000000 ____D C:\Users\Admin\Desktop\FOTO AE
2019-06-17 10:44 - 2019-06-17 10:44 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 023438336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 018999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 007875072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 006547144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-12 16:31 - 2019-06-12 16:31 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-12 16:31 - 2019-06-12 16:31 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 001466496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-12 16:31 - 2019-06-12 16:31 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-12 16:31 - 2019-06-12 16:31 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-12 16:31 - 2019-06-12 16:31 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-12 16:31 - 2019-06-12 16:31 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-12 16:31 - 2019-06-12 16:31 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-12 16:31 - 2019-06-12 16:31 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 006309256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-12 16:30 - 2019-06-12 16:30 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-12 16:30 - 2019-06-12 16:30 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-12 16:30 - 2019-06-12 16:30 - 001670840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-12 16:30 - 2019-06-12 16:30 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-12 16:30 - 2019-06-12 16:30 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-12 16:30 - 2019-06-12 16:30 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-12 16:30 - 2019-06-12 16:30 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000513904 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-06-12 16:30 - 2019-06-12 16:30 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-12 16:30 - 2019-06-12 16:30 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-12 16:30 - 2019-06-12 16:30 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-06-12 16:30 - 2019-06-12 16:30 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-06-12 16:30 - 2019-06-12 16:30 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-12 16:29 - 2019-06-12 16:29 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-12 16:29 - 2019-06-12 16:29 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-12 16:29 - 2019-06-12 16:29 - 003385344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-12 16:29 - 2019-06-12 16:29 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 003091968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-06-12 16:29 - 2019-06-12 16:29 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-12 16:29 - 2019-06-12 16:29 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 001929216 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-12 16:29 - 2019-06-12 16:29 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-12 16:29 - 2019-06-12 16:29 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-12 16:29 - 2019-06-12 16:29 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-12 16:29 - 2019-06-12 16:29 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000419368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-06-12 16:29 - 2019-06-12 16:29 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-06-12 16:29 - 2019-06-12 16:29 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-06-12 16:28 - 2019-06-12 16:29 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-12 16:28 - 2019-06-12 16:28 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000730592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-12 16:28 - 2019-06-12 16:28 - 000676048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-06-12 16:28 - 2019-06-12 16:28 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-06-12 16:28 - 2019-06-12 16:28 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-12 16:28 - 2019-06-12 16:28 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-12 16:28 - 2019-06-12 16:28 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-06-12 16:28 - 2019-06-12 16:28 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-12 16:28 - 2019-06-12 16:28 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-12 16:28 - 2019-06-12 16:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-12 16:28 - 2019-06-12 16:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-12 16:28 - 2019-06-12 16:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-12 16:28 - 2019-06-12 16:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-12 16:28 - 2019-06-12 16:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-12 16:28 - 2019-06-12 16:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-12 16:28 - 2019-06-12 16:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-12 16:28 - 2019-06-12 16:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-06-12 16:27 - 2019-06-12 16:27 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-12 16:27 - 2019-06-12 16:27 - 002653696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-12 16:27 - 2019-06-12 16:27 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-06-12 16:27 - 2019-06-12 16:27 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-12 16:27 - 2019-06-12 16:27 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-12 16:27 - 2019-06-12 16:27 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-12 16:27 - 2019-06-12 16:27 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-06-12 16:27 - 2019-06-12 16:27 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-12 16:27 - 2019-06-12 16:27 - 000101176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-06-12 16:27 - 2019-06-12 16:27 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-12 16:26 - 2019-06-12 16:26 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-12 16:26 - 2019-06-12 16:26 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-12 16:26 - 2019-06-12 16:26 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-12 16:26 - 2019-06-12 16:26 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-12 16:26 - 2019-06-12 16:26 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-12 16:26 - 2019-06-12 16:26 - 000752144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-12 16:26 - 2019-06-12 16:26 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-12 16:26 - 2019-06-12 16:26 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-12 16:26 - 2019-06-12 16:26 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-12 16:26 - 2019-06-12 16:26 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-12 16:26 - 2019-06-12 16:26 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-12 16:26 - 2019-06-12 16:26 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-12 16:26 - 2019-06-12 16:26 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-11 02:06 - 2019-06-11 02:06 - 000000248 _____ C:\Users\Admin\Desktop\Jakub Hula (Karviná, Mizerov) • Firmy.cz.url
2019-06-10 10:59 - 2019-07-01 18:00 - 000000000 ____D C:\Users\Admin\Desktop\POTVRZENI EQUA BAQNK
2019-06-10 00:19 - 2019-06-10 00:19 - 000000252 _____ C:\Users\Admin\Desktop\BlueBoard - ShoutBoard.url
2019-06-09 08:29 - 2019-06-09 08:29 - 000030184 _____ C:\Users\Admin\Desktop\CisReport_x64_v12.0.0.6818_20190609-082845.zip
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-08 13:03 - 2018-09-17 23:19 - 000000000 ____D C:\FRST
2019-07-08 12:55 - 2017-09-03 21:28 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2019-07-08 12:26 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-08 11:42 - 2015-10-21 14:40 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2019-07-08 11:30 - 2016-11-17 23:43 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2019-07-08 11:27 - 2019-04-01 14:49 - 000000000 ____D C:\Users\Admin
2019-07-08 11:26 - 2019-04-01 15:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-08 11:26 - 2019-04-01 14:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-08 00:38 - 2016-06-29 19:06 - 000000400 _____ C:\Users\Admin\Desktop\Připojení k místní síti – zástupce.lnk
2019-07-08 00:01 - 2018-09-14 23:15 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\HPAppData
2019-07-07 20:32 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-07 18:02 - 2019-04-01 14:49 - 000000000 ____D C:\Users\DefaultAppPool
2019-07-07 17:34 - 2017-09-03 22:15 - 000845056 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2019-07-06 09:31 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-02 15:20 - 2018-05-18 18:32 - 000000000 ____D C:\ProgramData\AVAST Software
2019-07-01 19:37 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-01 19:30 - 2019-04-01 15:14 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-01 19:30 - 2016-11-28 12:21 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-01 18:22 - 2014-12-26 12:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-29 11:20 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-25 23:57 - 2012-10-16 16:42 - 000000000 ___RD C:\Users\Admin\Desktop\RŮZNÉ
2019-06-24 11:50 - 2012-04-24 20:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-23 19:27 - 2013-04-02 20:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-06-23 19:27 - 2011-03-24 22:26 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-23 19:02 - 2016-11-22 16:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-06-21 22:02 - 2011-03-29 12:29 - 000002540 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-21 22:02 - 2011-03-29 12:29 - 000002503 _____ C:\Users\Admin\Desktop\Google Chrome.lnk
2019-06-21 21:52 - 2018-07-02 22:35 - 000000000 ____D C:\ProgramData\Packages
2019-06-21 15:57 - 2011-07-08 08:10 - 000002102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-06-19 10:23 - 2017-07-07 19:07 - 000000000 ____D C:\Program Files\UNP
2019-06-17 10:44 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-17 09:07 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-06-15 23:27 - 2019-04-01 15:14 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1715255161-2832042311-1099015237-1000
2019-06-15 23:27 - 2019-04-01 14:49 - 000002403 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-15 23:27 - 2016-06-27 23:37 - 000000000 ___RD C:\Users\Admin\OneDrive
2019-06-14 10:36 - 2015-11-07 15:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-13 01:16 - 2019-04-01 15:14 - 000004652 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-13 01:15 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-06-12 16:46 - 2016-07-01 18:55 - 000000000 ___RD C:\Users\Admin\3D Objects
2019-06-12 16:46 - 2016-04-27 08:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-12 16:42 - 2019-04-01 14:41 - 000489760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-12 16:38 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-12 16:38 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-06-12 16:38 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-12 16:38 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-06-12 16:38 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-12 13:10 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-06-12 13:10 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-06-12 13:10 - 2013-08-10 09:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 12:56 - 2011-03-22 16:26 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-12 10:24 - 2019-04-01 15:14 - 000004640 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-06-12 10:24 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-06-10 11:26 - 2019-04-07 08:15 - 000000000 ____D C:\Users\Admin\Desktop\SIPO POTVRZENI
==================== Files in the root of some directories ================
2018-10-01 12:49 - 2018-10-01 12:49 - 000000218 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2011-04-09 16:34 - 2012-09-13 19:01 - 000007609 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================