Moc prosím o kontrolu. Notebook je velmi pomalý. Obzvlášť pomalý je internet. Předem díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2019
Ran by admin (administrator) on FORNTB-009-W7 (Hewlett-Packard HP 350 G1) (02-06-2019 14:55:43)
Running from C:\Users\admin\Downloads
Loaded Profiles: admin (Available Profiles: admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.765 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1904.31.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Seznam.cz, a.s. -> ) C:\Users\admin\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\admin\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-02] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [BingSvc] => C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-22] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\admin\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [AvastBrowserAutoLaunch_87BAEF0CF97F906CE964583298891759] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\Installer\chrmstp.exe [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2013-09-02] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
HKLM\Software\...\Winlogon\GPExtensions: [{6490DB9D-2802-4956-BCCB-EC84EA0887BB}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{D7300225-081C-4CED-9FAD-BFCF9EC3D1D3}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01726808-97B5-4498-8E68-2D8C3C9A1D7D} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {0657093F-564C-448B-A74F-97589F8FA3BD} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {087AE7E4-B189-4661-BC81-52160F211E5C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {0F531CED-9974-4F1E-AD5F-E826D800193C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10B70C05-F4D2-4121-8D94-C4C0D298C0A5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {169276CB-5B14-4ADF-80AE-2680F1BE405F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18BFAC69-71D9-4E74-9719-B2D0A899A7F8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {253D637F-4669-402F-AE0F-9A663EDB87FD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {26331321-5788-4B0B-AD7A-61E9FFF65355} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {29BA28CF-5689-4798-977B-4CE63B351F86} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {34EDF480-91D9-45B4-A8CC-115ED5648ACE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {4643E492-39A9-4B92-BC87-18F7979402C1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4CFD15A4-AF0B-445D-9CDC-F5707DC4FC4D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5528F22C-2470-4715-ACAE-E274EF6898C7} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {62573B62-C559-4528-9136-AA80E1ABCD40} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6915A6A8-1829-4D75-8433-ACC252915CA6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70432B1C-4693-4BFF-9458-CFF2AACBD3E8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72577089-87C8-488D-890A-EB6510DC56CE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {73148C51-B84D-4F23-AD18-957542E7C4B5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {83795B87-BDC9-4F80-A96D-48ED113712D9} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {84749AF0-88A8-45D0-9E63-F45B2DD5E693} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {854FE963-10B3-4500-BC21-B81681F2587E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {87DDBFA2-3106-4405-A140-41D8092CBBEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {88100568-D69B-4940-8FC5-E698438E7030} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-17] (Google Inc -> Google Inc.)
Task: {887C724C-0E79-4ACD-982F-22E2AF371A7A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {900E7AC8-94C5-47E8-B8FE-2BC75373679E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-17] (Google Inc -> Google Inc.)
Task: {90450433-BAEA-47BC-B4ED-897E21BB979F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {96B4F5D5-F1C7-47C8-9428-7195BC374884} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {9C4F4ACB-5122-40E1-9D7E-99555BC2F2C1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613FBA38-A3DF-4AB8-9674-5604984A299A} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A249E1B8-2C34-4C69-8127-7550463B0820} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A92118EB-5AE1-45B3-92C9-2F96F3335541} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {B022837A-D68D-4D72-BD86-0621C6ED6E64} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B24BD218-53BC-49ED-BEAE-3383B26420BE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {B90BE79B-7E58-4B09-A881-E68F1019C471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [603008 2012-11-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {BA8388E5-91E3-4B65-9B75-72280DC93C98} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {BDBB012E-2EBB-4C2F-91EC-96CDEA0B0E29} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BE71EBB2-37C2-47B6-8660-273FFABB4794} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [38784 2012-03-21] (Hewlett-Packard Company -> )
Task: {C03B2D84-E7E6-47FF-B266-99FA40464BED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {C32AE2F2-7202-4E51-BF9B-C86F484EDFEB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1796072148-3433743337-3639312054-4191UA => C:\Users\iveta.cerna\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-17] (Google Inc -> Google Inc.)
Task: {C46B36B6-55EF-4C16-A0CF-2EA48A96A8DC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C4BF7D14-7F4C-490F-8FBD-DAE3517B2ECC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C4E2B49B-D2CB-40F5-9BF5-360F38142F01} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C737D1C6-13EF-4CEA-B7D4-C0498757E839} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416 2014-01-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CD4E589C-D5EA-4846-A292-3BF3484159DA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CEC47082-9496-4A8E-A88A-8A73C9AF55D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {D27C7A75-C63B-4C3B-B3BB-57B33835ADB0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2E1826F-44F5-4A60-938B-5961FFC33A0E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {D707BA21-1FBE-493D-B338-3BA1F0A3E464} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D7FF04F3-D441-4E10-BC94-96B956474614} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1344312 2013-09-10] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {DA62CF65-FD26-496E-9B53-CF381BB958C4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {DB8BA814-4A31-4FDB-9D9D-F0D440D815D9} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {E2106D6A-B341-44C6-824B-526B50282435} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [541496 2013-08-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {ECE01E21-00FD-42F2-B426-B67ED24AABCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [541496 2013-08-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {EF42A52E-24F3-44D8-87AF-D618A1712891} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1B688A1-075E-4A67-ABF7-459D71672E61} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2bd50bca-f6b3-469e-8d23-02a0d9b22f7f}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2019-06-02]
CHR Extension: (Seznam doplněk - Email) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-02-15]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-06]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Skype) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-10-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-14]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-24]
CHR HKU\S-1-5-21-1322162875-1540301060-204253963-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1322162875-1540301060-204253963-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1322162875-1540301060-204253963-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [416512 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-01] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [549200 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225096 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R1 Avgtdia; C:\WINDOWS\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\WINDOWS\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink -> CyberLink)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2018-04-12] (Microsoft Windows -> MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-10-26] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated -> Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313384 2018-06-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-02 14:55 - 2019-06-02 15:00 - 000038914 _____ C:\Users\admin\Downloads\FRST.txt
2019-06-02 14:52 - 2019-06-02 14:53 - 002433536 _____ (Farbar) C:\Users\admin\Downloads\FRST64 (1).exe
2019-06-02 14:28 - 2019-06-02 14:30 - 342465644 _____ C:\Users\admin\Downloads\B5300070-D5BC-4C5C-9C68-A38228B19EE4 (1).MOV
2019-06-02 12:31 - 2019-06-02 12:34 - 342465644 _____ C:\Users\admin\Downloads\B5300070-D5BC-4C5C-9C68-A38228B19EE4.MOV
2019-06-02 11:20 - 2019-06-02 11:20 - 000193395 _____ C:\Users\admin\Downloads\WhatsApp Image 2019-06-01 at 19.29.28.jpeg
2019-06-02 11:20 - 2019-06-02 11:20 - 000107541 _____ C:\Users\admin\Downloads\WhatsApp Image 2019-06-01 at 20.46.01.jpeg
2019-05-29 23:11 - 2019-05-29 23:13 - 195244778 _____ C:\Users\admin\Downloads\Soubor_002.mov
2019-05-29 23:05 - 2019-05-29 23:06 - 033127622 _____ C:\Users\admin\Downloads\Daft Punk_nácvik chorošky.mp4
2019-05-29 14:55 - 2019-05-29 14:56 - 000000000 ____D C:\Users\admin\Desktop\Italian Fashion Felicita Noční Košile - Mateřské spodní prádlo_files
2019-05-29 14:55 - 2019-05-29 14:55 - 000229436 _____ C:\Users\admin\Desktop\Italian Fashion Felicita Noční Košile - Mateřské spodní prádlo.html
2019-05-28 19:59 - 2019-05-28 19:59 - 000077340 _____ C:\Users\admin\Downloads\smlouva-2019-05-28-.pdf
2019-05-28 14:11 - 2019-05-28 14:11 - 000013244 _____ C:\Users\admin\Downloads\27413-2019-05-28_10-00.pdf
2019-05-27 17:39 - 2019-05-27 17:38 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-25 21:06 - 2019-05-25 21:07 - 021315608 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup557.exe
2019-05-22 15:15 - 2019-05-22 15:15 - 000289966 _____ C:\Users\admin\Desktop\Totál Vokál_Kmochův Kolín.pdf
2019-05-21 21:07 - 2019-05-21 21:19 - 1891554104 _____ C:\Users\admin\Downloads\Hra o truny Game of Thrones S08E06 1080i CZ Titulky.ts
2019-05-20 14:44 - 2019-05-20 14:44 - 000012733 _____ C:\Users\admin\Downloads\27413-2019-05-20_10-00.pdf
2019-05-20 14:20 - 2019-05-20 14:20 - 000007405 _____ C:\Users\admin\Desktop\New Textový dokument OpenDocument.odt
2019-05-19 09:51 - 2019-05-19 09:51 - 021254208 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup556 (1).exe
2019-05-19 07:37 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-19 07:37 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-19 07:37 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-19 07:36 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-19 07:36 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-19 07:36 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-19 07:36 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-19 07:36 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-19 07:36 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-19 07:36 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-19 07:36 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-19 07:36 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-19 07:36 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-19 07:36 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-19 07:36 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-19 07:35 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-19 07:35 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-19 07:35 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-19 07:35 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-19 07:35 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-19 07:35 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-19 07:35 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-19 07:35 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-19 07:35 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-19 07:35 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-19 07:35 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-19 07:35 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-19 07:35 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-19 07:35 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-19 07:35 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-19 07:35 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-19 07:35 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-19 07:35 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-19 07:35 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-19 07:35 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-19 07:35 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-19 07:35 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-19 07:35 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-19 07:35 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-19 07:35 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-19 07:35 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-19 07:35 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-19 07:35 - 2019-05-03 07:54 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-19 07:35 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-19 07:35 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-19 07:35 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-19 07:35 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-19 07:35 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-19 07:35 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-19 07:35 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-19 07:35 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-19 07:35 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-19 07:35 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-19 07:35 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-19 07:35 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-19 07:35 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-19 07:35 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-19 07:35 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-19 07:35 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-19 07:35 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-19 07:35 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-19 07:35 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-19 07:34 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-19 07:34 - 2019-05-03 14:14 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-05-19 07:34 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-19 07:34 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-19 07:34 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-19 07:34 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-19 07:34 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-19 07:34 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-19 07:34 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-19 07:34 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-19 07:34 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-19 07:34 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-19 07:34 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-19 07:34 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-19 07:34 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-19 07:34 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-19 07:34 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-19 07:34 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-19 07:34 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-19 07:34 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-19 07:34 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-19 07:34 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-19 07:34 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-19 07:34 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-19 07:34 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-19 07:34 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-19 07:34 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-19 07:34 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-19 07:34 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-19 07:34 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-19 07:34 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-19 07:34 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-19 07:34 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-19 07:34 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-19 07:34 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-19 07:34 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-19 07:34 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-19 07:34 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-19 07:34 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-19 07:34 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-19 07:34 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-19 07:34 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-19 07:34 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-19 07:34 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-19 07:34 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-19 07:34 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-19 07:34 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-19 07:34 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-19 07:34 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-19 07:34 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-19 07:34 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-19 07:34 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-19 07:34 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-19 07:34 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-19 07:34 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-19 07:34 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-19 07:34 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-19 07:34 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-19 07:34 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-19 07:34 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-19 07:34 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-19 07:33 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-19 07:33 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-19 07:33 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-19 07:33 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-19 07:33 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-19 07:33 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-19 07:33 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-19 07:33 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-19 07:33 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-19 07:33 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-19 07:33 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-19 07:33 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-19 07:33 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-19 07:33 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-19 07:33 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-19 07:33 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-19 07:33 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-19 07:33 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-19 07:33 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-19 07:33 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-19 07:33 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-19 07:33 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-19 07:33 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-19 07:33 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-19 07:33 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-19 07:33 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-19 07:33 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-19 07:33 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-19 07:33 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-19 07:33 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-19 07:33 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-19 07:33 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-19 07:33 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-19 07:33 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-19 07:33 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-19 07:33 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-19 07:33 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-19 07:33 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-19 07:33 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-19 07:33 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-19 07:33 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-19 07:33 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-19 07:33 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-19 07:33 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-19 07:33 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-19 07:33 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-19 07:33 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-19 07:33 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-19 07:33 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-19 07:33 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-19 07:33 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-19 07:33 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-16 15:18 - 2019-05-16 15:18 - 000012957 _____ C:\Users\admin\Downloads\27413-2019-05-15_10-00.pdf
2019-05-15 21:42 - 2019-05-15 21:57 - 772219586 _____ C:\Users\admin\Downloads\Hra o trůny (Game of Thrones) S08E05 CZtit. (frpli).avi
2019-05-14 12:08 - 2019-05-14 12:08 - 021254208 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup556.exe
2019-05-12 18:20 - 2019-05-12 18:20 - 000058760 _____ C:\Users\admin\Downloads\10824.frx.pdf
2019-05-12 17:54 - 2019-05-12 17:54 - 000168407 _____ C:\Users\admin\Downloads\VINNÝ LÍSTEK Osika Praha ceny - AKTUALIZACE.pdf
2019-05-12 17:16 - 2019-05-12 17:16 - 000014036 _____ C:\Users\admin\Downloads\27413-2019-05-12_10-00.pdf
2019-05-09 17:29 - 2019-05-09 17:30 - 021205512 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup555 (1).exe
2019-05-07 21:54 - 2019-05-07 22:06 - 1713119078 _____ C:\Users\admin\Downloads\Hra o trůny - Game of Thrones S08E04 (CZ tit.).mkv
2019-05-04 23:16 - 2019-05-04 23:17 - 021205512 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup555.exe
2019-05-03 22:40 - 2019-05-03 22:40 - 000301835 _____ C:\Users\admin\Downloads\Vypis_z_uctu-2701008645_20190401-20190430_cislo-4.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-02 14:55 - 2018-10-11 22:40 - 000000000 ____D C:\FRST
2019-06-02 14:47 - 2018-06-08 13:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-02 14:47 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-02 14:47 - 2016-04-22 19:58 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2019-06-02 14:25 - 2017-12-17 23:41 - 000000000 ____D C:\Users\admin\Desktop\Foto ICloud
2019-06-02 14:21 - 2017-08-28 11:48 - 000000000 ____D C:\Users\admin\Desktop\TV
2019-06-02 14:07 - 2018-07-23 10:47 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-02 13:56 - 2018-06-18 11:52 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-06-02 13:01 - 2016-04-22 14:04 - 000000000 ____D C:\Users\admin\AppData\Roaming\Seznam.cz
2019-06-02 13:00 - 2018-06-18 12:00 - 000000000 ____D C:\Users\admin\AppData\Local\AVAST Software
2019-06-02 13:00 - 2017-12-17 23:30 - 000000000 ___RD C:\Users\admin\iCloudDrive
2019-06-02 12:59 - 2014-09-15 14:29 - 000000000 ____D C:\Users\admin\Documents\Youcam
2019-06-02 12:58 - 2018-06-08 13:31 - 000970576 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-02 12:58 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-02 12:55 - 2016-03-08 12:33 - 000000000 __SHD C:\Users\admin\IntelGraphicsProfiles
2019-06-02 12:54 - 2018-10-14 22:18 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-06-02 12:54 - 2018-06-08 14:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-02 12:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-02 12:54 - 2014-01-20 13:29 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2019-06-02 12:53 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-06-02 12:52 - 2018-06-08 13:36 - 000000000 ____D C:\Users\admin
2019-06-02 12:49 - 2015-04-23 10:48 - 000000000 ____D C:\Users\admin\AppData\Roaming\Media Player Classic
2019-06-02 12:47 - 2018-12-19 14:59 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-02 12:47 - 2018-12-19 14:59 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-02 12:47 - 2018-07-23 10:47 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-06-02 12:47 - 2018-06-18 11:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-06-02 12:47 - 2018-06-08 14:04 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-06-02 12:47 - 2018-06-08 14:04 - 000003304 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16ECC96E-C0BE-4948-BFA1-BD22B4C4616C}
2019-06-02 12:47 - 2018-06-08 14:04 - 000003194 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-06-02 12:47 - 2018-06-08 14:04 - 000002958 _____ C:\WINDOWS\System32\Tasks\Registration
2019-06-02 12:47 - 2018-06-08 14:04 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1322162875-1540301060-204253963-1000
2019-06-02 12:47 - 2018-06-08 14:04 - 000002536 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2019-06-02 12:47 - 2018-06-08 14:04 - 000002536 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2019-06-02 12:47 - 2018-06-08 14:04 - 000002536 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2019-06-02 12:47 - 2018-06-08 14:04 - 000002160 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2019-05-31 17:26 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-30 11:34 - 2018-06-18 11:51 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-29 10:12 - 2017-10-21 14:04 - 000000000 ____D C:\Users\admin\Desktop\Práce
2019-05-28 20:15 - 2019-04-17 15:10 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-28 20:15 - 2019-04-17 15:10 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-28 20:15 - 2018-06-18 12:02 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-28 20:15 - 2018-06-18 12:02 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-05-28 13:34 - 2018-10-04 14:37 - 000000000 ____D C:\Users\admin\Desktop\PFUK
2019-05-27 17:39 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-27 17:38 - 2018-10-23 06:32 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000225096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-27 17:37 - 2019-02-21 09:03 - 000549200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2019-05-27 17:37 - 2019-01-19 00:15 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-27 17:37 - 2019-01-07 16:11 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-27 17:37 - 2019-01-07 16:11 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-27 17:37 - 2018-06-18 11:51 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-27 17:37 - 2018-06-18 11:51 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-26 09:32 - 2018-05-16 23:40 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2019-05-21 20:49 - 2015-03-17 10:29 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 20:49 - 2015-03-17 10:29 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-21 15:41 - 2018-06-08 13:36 - 000002363 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-21 15:41 - 2016-03-08 12:42 - 000000000 ___RD C:\Users\admin\OneDrive
2019-05-20 14:29 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-19 08:11 - 2018-06-08 13:24 - 000506984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-17 19:21 - 2017-09-30 19:18 - 000000000 ____D C:\Program Files\rempl
2019-05-16 17:30 - 2017-05-02 23:09 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 22:18 - 2014-09-15 15:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 22:06 - 2014-09-15 15:19 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 14:14 - 2015-09-04 12:06 - 000000000 ____D C:\Users\admin\Documents\Soubory aplikace Outlook
2019-05-14 14:13 - 2017-12-17 23:30 - 000000000 ____D C:\Users\admin\AppData\Local\F57C5AFD-60D2-41BC-BC15-353BADA8F863.aplzod
2019-05-08 11:47 - 2017-02-09 12:08 - 000000000 ____D C:\Users\admin\Desktop\Osika
2019-05-04 01:53 - 2018-11-16 22:31 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2018-11-16 22:31 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-03 22:07 - 2015-02-19 17:28 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Adobe
==================== Files in the root of some directories =======
2018-07-30 10:12 - 2018-07-30 10:12 - 000000040 _____ () C:\Users\admin\AppData\Roaming\cdr.ini
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by admin (02-06-2019 15:02:17)
Running from C:\Users\admin\Downloads
Windows 10 Pro Version 1803 17134.765 (X64) (2018-06-08 12:06:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
admin (S-1-5-21-1322162875-1540301060-204253963-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-1322162875-1540301060-204253963-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1322162875-1540301060-204253963-503 - Limited - Disabled)
Guest (S-1-5-21-1322162875-1540301060-204253963-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1322162875-1540301060-204253963-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.4 (HKLM-x32\...\{17CEAB50-0275-4D5E-9C11-CF2963C59FA1}) (Version: 4.4.6.2295 - Open Media LLC)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.132 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
AVG (HKLM\...\AVG) (Version: 3491 - AVG Technologies)
AVG 2013 (HKLM\...\{12079D47-A4AB-4AE5-A957-C2062D328F35}) (Version: 13.0.3495 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\{799B578C-3A0D-4FCA-9712-143B84ABAC35}) (Version: 13.0.4257 - AVG Technologies) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Camtasia 9 (HKLM\...\{33E08945-3D7B-40BB-B34F-1A3C8B9650DE}) (Version: 9.1.2.3011 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{34ab05ac-3089-417f-828e-c2da3d5b4e09}) (Version: 9.1.2.3011 - TechSmith Corporation)
Camtasia 9 (HKLM-x32\...\{d298a2fc-0b3a-45ab-9711-d5ca8a3bda00}) (Version: 9.1.1.2546 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
CDA to MP3 Converter v3.3 build 1228 (HKLM-x32\...\{22AC6A90-A99A-4E41-BADC-AC05C811C2C8}_is1) (Version: - Hoo Technologies)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2523 - CDBurnerXP)
CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E1ACF120-CD69-47F0-B202-9A4B95C436D8}) (Version: 5.1.5 - Hewlett-Packard)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version: - Eusing Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C178F0A7-86C8-4BE0-8401-3BC4F6E12F81}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
iCloud (HKLM\...\{29C6B346-C29C-40CE-89EB-DF7C149E0EB9}) (Version: 7.7.0.27 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6498.0 - IDT)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.00.57 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{9F1EE6A3-7BDE-48CC-BC81-1EA3D21D94E3}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
K-Lite Codec Pack 9.9.5 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
LibreOffice 5.4.7.2 (HKLM\...\{26D12F93-E454-4637-9A5C-D52F6B4CC0DD}) (Version: 5.4.7.2 - The Document Foundation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Ralink Bluetooth Stack (HKLM\...\{C079427A-BB28-5168-3DB1-DC6608D226D4}) (Version: 11.0.748.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.33.1 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21242 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
UFR II Printer Driver Uninstaller (HKLM\...\Canon UFR II Printer Driver) (Version: 6, 3, 0, 0 - Canon Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)
Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.140.300.0_x86__kgqvnymyfvs32 [2019-05-28] (king.com)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.5.2.0_x64__6e5tt8cgb93ep [2019-02-04] (Canon Inc.)
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-04-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1322162875-1540301060-204253963-1000_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-30] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-10-01] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-30] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\admin\Desktop\Foto\Nabídka Start\Programy\RarZilla Free Unrar\RarZilla Free Unrar Updates.lnk -> hxxp://www.philipp-winterberg.com/software/rar ... e_unrar.ph
Shortcut: C:\Users\admin\Desktop\Foto\Nabídka Start\Programy\RarZilla Free Unrar\Thanks.lnk -> hxxp://www.philipp-winterberg.com/gratitude.ph
==================== Loaded Modules (Whitelisted) ==============
2013-10-14 11:25 - 2013-10-14 11:25 - 002541056 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 11:24 - 2013-10-14 11:24 - 000627200 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-10-14 11:23 - 2013-10-14 11:23 - 000109568 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 11:22 - 2013-10-14 11:22 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 11:30 - 2013-10-14 11:30 - 000065024 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2013-10-14 11:22 - 2013-10-14 11:22 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2015-08-17 10:47 - 2013-12-17 00:15 - 003815936 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNLB0MUI_DBB31.DLL
2013-08-29 19:31 - 2013-08-29 19:31 - 000092160 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
2013-10-14 11:34 - 2013-10-14 11:34 - 000765440 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2013-10-14 11:23 - 2013-10-14 11:23 - 000690176 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2013-10-14 11:25 - 2013-10-14 11:25 - 001097216 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000517120 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-27 14:32 - 2013-08-27 14:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2018-06-08 13:41 - 2018-06-08 13:41 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2018-06-08 13:41 - 2018-06-08 13:41 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2013-10-14 11:29 - 2013-10-14 11:29 - 000087552 _____ (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
2013-10-14 11:35 - 2013-10-14 11:35 - 001297296 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 000306064 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 000599952 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 000208272 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ldapdrv.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 002075536 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2018-12-31 12:45 - 2016-10-17 19:29 - 003842048 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 19\Program32\sciter32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-04 10:15 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{022A10C4-D045-443A-AF88-FB3EEC4893D9}] => (Allow) LPort=8318
FirewallRules: [{3C70A23A-42C8-42AE-B5BD-475D0BD13CDA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7833BFDF-EFA0-44E2-A561-DAB06FC896F6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B3C8E27-0263-4CD4-AF8F-05A34B76528D}] => (Allow) LPort=2869
FirewallRules: [{1FF13871-5BEF-4293-8982-7051805EEBA5}] => (Allow) LPort=1900
FirewallRules: [{B1D99D95-CCAD-4155-B62B-E9278F6E1EAD}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{58E02D41-AB81-41CB-AB4A-F51D74FCD8F7}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{E6354540-9AEA-4E1F-8CC1-C70E58DC6493}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{6C636E9B-A4A9-42D5-85B9-050C5B10D9A2}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{29774C27-D4FA-46E2-AC3A-51BB0C448B9F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{41A2D49C-BFD9-4E44-A0F4-68DA4A9E4787}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{294A29C3-E669-4D54-84D8-31BFB5C1D786}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{08CADD4B-18B1-4A94-9D4B-B87D7FE9F673}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{6D5F2FB6-56D4-4C8B-AF34-BF7CED9C7BAA}C:\program files (x86)\microsoft office\office14\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6D8EC373-6BBD-45CF-9890-BCC74F0F36C8}C:\program files (x86)\microsoft office\office14\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39282A5F-0809-4A81-8B7C-9C87E51BB255}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{27288146-2A0C-46E6-AFEA-6AC33BD8363B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{952C1CD4-2921-4886-BE6B-F45BC18D66A5}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1D76EDCC-55E7-421E-A616-09C34D521AE8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{BA7EBA53-A17A-43BA-82A2-3F67099FA345}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{35E75F12-DF56-47B9-A088-B190BF451144}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{057DEB0A-B0D0-441E-BC4D-B7416E699762}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E8EF4CB-707F-45E9-860A-21935FC38DDD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ECDC0253-CECB-4EB7-BB87-203AB4E118D0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{83B4664F-70EB-4596-AC5B-CE3BC3186F9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F707712B-352F-4390-B8F6-36C8AC6B175F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{0B0B63FF-83A6-455E-98E2-CA5E0B11CCF0}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DF31640D-0B01-44D9-A1C7-9CF1B8620357}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{6F653604-4EB7-423C-8D1E-0A9AB8265188}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
19-05-2019 07:23:13 Windows Update
26-05-2019 16:51:55 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/02/2019 11:18:17 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
Error: (06/02/2019 11:18:14 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (06/02/2019 11:12:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3562
Error: (06/02/2019 11:12:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3562
Error: (06/02/2019 11:12:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/02/2019 09:34:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (5164,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\admin\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (06/02/2019 09:34:55 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (5164,R,98) WebCacheLocal: An attempt to open the file "C:\Users\admin\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (06/02/2019 09:34:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.17134.556, time stamp: 0xf23cada5
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x8400000e
Fault offset: 0x0000000000000000
Faulting process id: 0xaaa8
Faulting application start time: 0x01d519157ede6ed2
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: unknown
Report Id: 8155a433-d4a5-46b0-8c7e-70e91a290291
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (06/02/2019 02:25:03 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 02:20:18 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 12:59:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
Error: (06/02/2019 12:59:04 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 12:57:47 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 12:54:10 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (06/02/2019 12:51:58 PM) (Source: DCOM) (EventID: 10010) (User: FORNTB-009-W7)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (06/02/2019 12:51:58 PM) (Source: DCOM) (EventID: 10010) (User: FORNTB-009-W7)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2018-06-11 13:05:01.899
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {96B93285-592F-412D-8D74-509FAB4C204E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-11 12:23:21.181
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7A92C388-E8F2-4B76-ABA7-7C94727D7710}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-09 16:53:31.148
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5EEE4226-EA5D-4194-9B53-4DE3E7D65EB2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-09 16:00:49.898
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C6353759-F4BF-42FA-9172-E99B51EE422C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-09 15:33:23.180
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {06FC532C-9ED1-4B51-9431-45FD7983C1BA}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-06-02 13:00:42.455
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.454
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.454
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.417
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.412
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-05-20 08:34:44.967
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.864
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.738
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.412
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.363
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.316
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:40.536
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:39.447
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.10 01/09/2014
Motherboard: Hewlett-Packard 21B7
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 63%
Total physical RAM: 4016.36 MB
Available physical RAM: 1459.26 MB
Total Virtual: 8112.36 MB
Available Virtual: 5315.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:447.92 GB) (Free:79.47 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:17.55 GB) (Free:1.87 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{a7783f44-2d1b-11e4-bfff-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.14 GB) NTFS
\\?\Volume{a7783f47-2d1b-11e4-bfff-806e6f6e6963}\ (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 72C974A0)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Velmi pomalý NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Velmi pomalý NTB
Ahoj 
Ak nepouzivas, odporucam odinstalovat Seznam Software (Seznam Listicka).
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Ak nepouzivas, odporucam odinstalovat Seznam Software (Seznam Listicka). Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
emmanaruby
- Návštěvník
- Příspěvky: 114
- Registrován: 18 čer 2010 14:34
Re: Velmi pomalý NTB
Moc díky za tip. Seznam lištičku jsem odstraněnila. Níže posílám zrávu z adw. Ještě se mi také stává, že se mi samovolně odpojuje počítač od wifi (stalo se i teď po restartu), nevím, jestli to s problémem nějak nemůže souviset.
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-02-2019
# Duration: 00:00:08
# OS: Windows 10 Pro
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\admin\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
Deleted MSN Homepage & Bing Search Engine
Deleted Seznam doplněk - Esko
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1550 octets] - [09/10/2018 21:17:19]
AdwCleaner[C00].txt - [1586 octets] - [09/10/2018 21:51:15]
AdwCleaner[S01].txt - [2001 octets] - [02/06/2019 16:11:29]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-02-2019
# Duration: 00:00:08
# OS: Windows 10 Pro
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\admin\AppData\Roaming\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
***** [ Chromium (and derivatives) ] *****
Deleted MSN Homepage & Bing Search Engine
Deleted Seznam doplněk - Esko
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1550 octets] - [09/10/2018 21:17:19]
AdwCleaner[C00].txt - [1586 octets] - [09/10/2018 21:51:15]
AdwCleaner[S01].txt - [2001 octets] - [02/06/2019 16:11:29]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Re: Velmi pomalý NTB
Poprosim o obidva nove logy z FRST.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
emmanaruby
- Návštěvník
- Příspěvky: 114
- Registrován: 18 čer 2010 14:34
Re: Velmi pomalý NTB
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2019
Ran by admin (administrator) on FORNTB-009-W7 (Hewlett-Packard HP 350 G1) (02-06-2019 21:19:07)
Running from C:\Users\admin\Downloads
Loaded Profiles: admin (Available Profiles: admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.765 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1904.31.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-02] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [BingSvc] => C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-22] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [AvastBrowserAutoLaunch_87BAEF0CF97F906CE964583298891759] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Providers\Internet Print Provider: inetpp.dll [174080 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: win32spl.dll [836608 2018-09-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> themeui.dll [2018-09-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> shell32.dll [2018-11-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\Installer\chrmstp.exe [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2013-09-02] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> wlgpclnt.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{169EBF44-942F-4C43-87CE-13C93996EBBE}] -> AppManagementConfiguration.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> fdeploy.dll [2018-08-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{2BFCC077-22D2-48DE-BDE1-2F618D9B476D}] -> AppManagementConfiguration.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> gptext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{6490DB9D-2802-4956-BCCB-EC84EA0887BB}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> dmenrollengine.dll [2019-04-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> scecli.dll [2018-10-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> hvsigpext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> dot3gpclnt.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> appmgmts.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> gptext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{D7300225-081C-4CED-9FAD-BFCF9EC3D1D3}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{F312195E-3D9D-447A-A3F5-08DFFA24735E}] -> dggpext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> gptext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> gptext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FC491EF1-C4AA-4CE1-B329-414B101DB823}] -> dggpext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01726808-97B5-4498-8E68-2D8C3C9A1D7D} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {0657093F-564C-448B-A74F-97589F8FA3BD} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {087AE7E4-B189-4661-BC81-52160F211E5C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {0F531CED-9974-4F1E-AD5F-E826D800193C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10B70C05-F4D2-4121-8D94-C4C0D298C0A5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {169276CB-5B14-4ADF-80AE-2680F1BE405F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18BFAC69-71D9-4E74-9719-B2D0A899A7F8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {253D637F-4669-402F-AE0F-9A663EDB87FD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {26331321-5788-4B0B-AD7A-61E9FFF65355} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {29BA28CF-5689-4798-977B-4CE63B351F86} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {34EDF480-91D9-45B4-A8CC-115ED5648ACE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {4643E492-39A9-4B92-BC87-18F7979402C1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4CFD15A4-AF0B-445D-9CDC-F5707DC4FC4D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5528F22C-2470-4715-ACAE-E274EF6898C7} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {62573B62-C559-4528-9136-AA80E1ABCD40} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6915A6A8-1829-4D75-8433-ACC252915CA6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70432B1C-4693-4BFF-9458-CFF2AACBD3E8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72577089-87C8-488D-890A-EB6510DC56CE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {73148C51-B84D-4F23-AD18-957542E7C4B5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {83795B87-BDC9-4F80-A96D-48ED113712D9} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {84749AF0-88A8-45D0-9E63-F45B2DD5E693} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {854FE963-10B3-4500-BC21-B81681F2587E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {87DDBFA2-3106-4405-A140-41D8092CBBEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {88100568-D69B-4940-8FC5-E698438E7030} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-17] (Google Inc -> Google Inc.)
Task: {887C724C-0E79-4ACD-982F-22E2AF371A7A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {900E7AC8-94C5-47E8-B8FE-2BC75373679E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-17] (Google Inc -> Google Inc.)
Task: {90450433-BAEA-47BC-B4ED-897E21BB979F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {96B4F5D5-F1C7-47C8-9428-7195BC374884} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {9C4F4ACB-5122-40E1-9D7E-99555BC2F2C1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613FBA38-A3DF-4AB8-9674-5604984A299A} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A249E1B8-2C34-4C69-8127-7550463B0820} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A92118EB-5AE1-45B3-92C9-2F96F3335541} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {B022837A-D68D-4D72-BD86-0621C6ED6E64} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B24BD218-53BC-49ED-BEAE-3383B26420BE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {B90BE79B-7E58-4B09-A881-E68F1019C471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [603008 2012-11-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {BA8388E5-91E3-4B65-9B75-72280DC93C98} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {BDBB012E-2EBB-4C2F-91EC-96CDEA0B0E29} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BE71EBB2-37C2-47B6-8660-273FFABB4794} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [38784 2012-03-21] (Hewlett-Packard Company -> )
Task: {C03B2D84-E7E6-47FF-B266-99FA40464BED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {C32AE2F2-7202-4E51-BF9B-C86F484EDFEB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1796072148-3433743337-3639312054-4191UA => C:\Users\iveta.cerna\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-17] (Google Inc -> Google Inc.)
Task: {C46B36B6-55EF-4C16-A0CF-2EA48A96A8DC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C4BF7D14-7F4C-490F-8FBD-DAE3517B2ECC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C4E2B49B-D2CB-40F5-9BF5-360F38142F01} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C737D1C6-13EF-4CEA-B7D4-C0498757E839} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416 2014-01-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CB7576FC-46D5-4830-89D9-DE1C82925B77} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe [40448 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {CD4E589C-D5EA-4846-A292-3BF3484159DA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CEC47082-9496-4A8E-A88A-8A73C9AF55D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {D27C7A75-C63B-4C3B-B3BB-57B33835ADB0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2E1826F-44F5-4A60-938B-5961FFC33A0E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {D707BA21-1FBE-493D-B338-3BA1F0A3E464} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D7FF04F3-D441-4E10-BC94-96B956474614} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1344312 2013-09-10] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {DA62CF65-FD26-496E-9B53-CF381BB958C4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {DB8BA814-4A31-4FDB-9D9D-F0D440D815D9} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {E2106D6A-B341-44C6-824B-526B50282435} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [541496 2013-08-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {ECE01E21-00FD-42F2-B426-B67ED24AABCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [541496 2013-08-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {EF42A52E-24F3-44D8-87AF-D618A1712891} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1B688A1-075E-4A67-ABF7-459D71672E61} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2bd50bca-f6b3-469e-8d23-02a0d9b22f7f}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2019-06-02]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-06]
CHR Extension: (Bing) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-06-02]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Skype) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-10-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-14]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-24]
CHR HKU\S-1-5-21-1322162875-1540301060-204253963-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [416512 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-01] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [549200 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225096 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R1 Avgtdia; C:\WINDOWS\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\WINDOWS\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink -> CyberLink)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2018-04-12] (Microsoft Windows -> MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-10-26] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated -> Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313384 2018-06-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-02 16:08 - 2019-06-02 16:08 - 007025360 _____ (Malwarebytes) C:\Users\admin\Desktop\adwcleaner_7.3.exe
2019-06-02 15:02 - 2019-06-02 15:07 - 000042089 _____ C:\Users\admin\Downloads\Addition.txt
2019-06-02 14:55 - 2019-06-02 21:23 - 000041541 _____ C:\Users\admin\Downloads\FRST.txt
2019-06-02 14:52 - 2019-06-02 14:53 - 002433536 _____ (Farbar) C:\Users\admin\Downloads\FRST64 (1).exe
2019-06-02 14:28 - 2019-06-02 14:30 - 342465644 _____ C:\Users\admin\Downloads\B5300070-D5BC-4C5C-9C68-A38228B19EE4 (1).MOV
2019-06-02 12:31 - 2019-06-02 12:34 - 342465644 _____ C:\Users\admin\Downloads\B5300070-D5BC-4C5C-9C68-A38228B19EE4.MOV
2019-06-02 11:20 - 2019-06-02 11:20 - 000193395 _____ C:\Users\admin\Downloads\WhatsApp Image 2019-06-01 at 19.29.28.jpeg
2019-06-02 11:20 - 2019-06-02 11:20 - 000107541 _____ C:\Users\admin\Downloads\WhatsApp Image 2019-06-01 at 20.46.01.jpeg
2019-05-29 23:11 - 2019-05-29 23:13 - 195244778 _____ C:\Users\admin\Downloads\Soubor_002.mov
2019-05-29 23:05 - 2019-05-29 23:06 - 033127622 _____ C:\Users\admin\Downloads\Daft Punk_nácvik chorošky.mp4
2019-05-28 19:59 - 2019-05-28 19:59 - 000077340 _____ C:\Users\admin\Downloads\smlouva-2019-05-28-.pdf
2019-05-28 14:11 - 2019-05-28 14:11 - 000013244 _____ C:\Users\admin\Downloads\27413-2019-05-28_10-00.pdf
2019-05-27 17:39 - 2019-05-27 17:38 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-25 21:06 - 2019-05-25 21:07 - 021315608 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup557.exe
2019-05-21 21:07 - 2019-05-21 21:19 - 1891554104 _____ C:\Users\admin\Downloads\Hra o truny Game of Thrones S08E06 1080i CZ Titulky.ts
2019-05-20 14:44 - 2019-05-20 14:44 - 000012733 _____ C:\Users\admin\Downloads\27413-2019-05-20_10-00.pdf
2019-05-19 09:51 - 2019-05-19 09:51 - 021254208 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup556 (1).exe
2019-05-19 07:37 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-19 07:37 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-19 07:37 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-19 07:36 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-19 07:36 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-19 07:36 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-19 07:36 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-19 07:36 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-19 07:36 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-19 07:36 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-19 07:36 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-19 07:36 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-19 07:36 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-19 07:36 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-19 07:36 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-19 07:35 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-19 07:35 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-19 07:35 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-19 07:35 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-19 07:35 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-19 07:35 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-19 07:35 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-19 07:35 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-19 07:35 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-19 07:35 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-19 07:35 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-19 07:35 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-19 07:35 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-19 07:35 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-19 07:35 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-19 07:35 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-19 07:35 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-19 07:35 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-19 07:35 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-19 07:35 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-19 07:35 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-19 07:35 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-19 07:35 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-19 07:35 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-19 07:35 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-19 07:35 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-19 07:35 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-19 07:35 - 2019-05-03 07:54 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-19 07:35 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-19 07:35 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-19 07:35 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-19 07:35 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-19 07:35 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-19 07:35 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-19 07:35 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-19 07:35 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-19 07:35 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-19 07:35 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-19 07:35 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-19 07:35 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-19 07:35 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-19 07:35 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-19 07:35 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-19 07:35 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-19 07:35 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-19 07:35 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-19 07:35 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-19 07:34 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-19 07:34 - 2019-05-03 14:14 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-05-19 07:34 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-19 07:34 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-19 07:34 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-19 07:34 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-19 07:34 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-19 07:34 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-19 07:34 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-19 07:34 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-19 07:34 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-19 07:34 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-19 07:34 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-19 07:34 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-19 07:34 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-19 07:34 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-19 07:34 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-19 07:34 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-19 07:34 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-19 07:34 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-19 07:34 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-19 07:34 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-19 07:34 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-19 07:34 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-19 07:34 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-19 07:34 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-19 07:34 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-19 07:34 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-19 07:34 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-19 07:34 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-19 07:34 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-19 07:34 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-19 07:34 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-19 07:34 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-19 07:34 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-19 07:34 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-19 07:34 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-19 07:34 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-19 07:34 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-19 07:34 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-19 07:34 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-19 07:34 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-19 07:34 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-19 07:34 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-19 07:34 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-19 07:34 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-19 07:34 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-19 07:34 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-19 07:34 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-19 07:34 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-19 07:34 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-19 07:34 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-19 07:34 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-19 07:34 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-19 07:34 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-19 07:34 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-19 07:34 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-19 07:34 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-19 07:34 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-19 07:34 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-19 07:34 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-19 07:33 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-19 07:33 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-19 07:33 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-19 07:33 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-19 07:33 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-19 07:33 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-19 07:33 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-19 07:33 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-19 07:33 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-19 07:33 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-19 07:33 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-19 07:33 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-19 07:33 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-19 07:33 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-19 07:33 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-19 07:33 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-19 07:33 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-19 07:33 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-19 07:33 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-19 07:33 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-19 07:33 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-19 07:33 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-19 07:33 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-19 07:33 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-19 07:33 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-19 07:33 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-19 07:33 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-19 07:33 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-19 07:33 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-19 07:33 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-19 07:33 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-19 07:33 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-19 07:33 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-19 07:33 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-19 07:33 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-19 07:33 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-19 07:33 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-19 07:33 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-19 07:33 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-19 07:33 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-19 07:33 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-19 07:33 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-19 07:33 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-19 07:33 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-19 07:33 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-19 07:33 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-19 07:33 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-19 07:33 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-19 07:33 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-19 07:33 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-19 07:33 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-19 07:33 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-16 15:18 - 2019-05-16 15:18 - 000012957 _____ C:\Users\admin\Downloads\27413-2019-05-15_10-00.pdf
2019-05-15 21:42 - 2019-05-15 21:57 - 772219586 _____ C:\Users\admin\Downloads\Hra o trůny (Game of Thrones) S08E05 CZtit. (frpli).avi
2019-05-14 12:08 - 2019-05-14 12:08 - 021254208 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup556.exe
2019-05-12 18:20 - 2019-05-12 18:20 - 000058760 _____ C:\Users\admin\Downloads\10824.frx.pdf
2019-05-12 17:54 - 2019-05-12 17:54 - 000168407 _____ C:\Users\admin\Downloads\VINNÝ LÍSTEK Osika Praha ceny - AKTUALIZACE.pdf
2019-05-12 17:16 - 2019-05-12 17:16 - 000014036 _____ C:\Users\admin\Downloads\27413-2019-05-12_10-00.pdf
2019-05-09 17:29 - 2019-05-09 17:30 - 021205512 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup555 (1).exe
2019-05-07 21:54 - 2019-05-07 22:06 - 1713119078 _____ C:\Users\admin\Downloads\Hra o trůny - Game of Thrones S08E04 (CZ tit.).mkv
2019-05-04 23:16 - 2019-05-04 23:17 - 021205512 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup555.exe
2019-05-03 22:40 - 2019-05-03 22:40 - 000301835 _____ C:\Users\admin\Downloads\Vypis_z_uctu-2701008645_20190401-20190430_cislo-4.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-02 21:23 - 2018-07-13 19:29 - 000000000 ____D C:\Users\admin\Desktop\Články
2019-06-02 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-02 21:22 - 2017-08-28 11:48 - 000000000 ____D C:\Users\admin\Desktop\TV
2019-06-02 21:19 - 2018-10-11 22:40 - 000000000 ____D C:\FRST
2019-06-02 21:16 - 2018-06-08 13:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-02 16:19 - 2018-06-18 12:00 - 000000000 ____D C:\Users\admin\AppData\Local\AVAST Software
2019-06-02 16:18 - 2017-12-17 23:30 - 000000000 ___RD C:\Users\admin\iCloudDrive
2019-06-02 16:18 - 2014-09-15 14:29 - 000000000 ____D C:\Users\admin\Documents\Youcam
2019-06-02 16:16 - 2017-12-17 23:41 - 000000000 ____D C:\Users\admin\Desktop\Foto ICloud
2019-06-02 16:14 - 2018-10-14 22:18 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-06-02 16:14 - 2016-03-08 12:33 - 000000000 __SHD C:\Users\admin\IntelGraphicsProfiles
2019-06-02 16:13 - 2018-06-08 14:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-02 16:12 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-06-02 16:06 - 2018-05-16 23:40 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2019-06-02 14:47 - 2016-04-22 19:58 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2019-06-02 14:07 - 2018-07-23 10:47 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-02 13:56 - 2018-06-18 11:52 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-06-02 12:58 - 2018-06-08 13:31 - 000970576 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-02 12:58 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-02 12:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-02 12:54 - 2014-01-20 13:29 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2019-06-02 12:52 - 2018-06-08 13:36 - 000000000 ____D C:\Users\admin
2019-06-02 12:49 - 2015-04-23 10:48 - 000000000 ____D C:\Users\admin\AppData\Roaming\Media Player Classic
2019-06-02 12:47 - 2018-12-19 14:59 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-02 12:47 - 2018-12-19 14:59 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-02 12:47 - 2018-07-23 10:47 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-06-02 12:47 - 2018-06-18 11:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-06-02 12:47 - 2018-06-08 14:04 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-06-02 12:47 - 2018-06-08 14:04 - 000003304 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16ECC96E-C0BE-4948-BFA1-BD22B4C4616C}
2019-06-02 12:47 - 2018-06-08 14:04 - 000003194 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-06-02 12:47 - 2018-06-08 14:04 - 000002958 _____ C:\WINDOWS\System32\Tasks\Registration
2019-06-02 12:47 - 2018-06-08 14:04 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1322162875-1540301060-204253963-1000
2019-06-02 12:47 - 2018-06-08 14:04 - 000002536 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2019-06-02 12:47 - 2018-06-08 14:04 - 000002536 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2019-06-02 12:47 - 2018-06-08 14:04 - 000002536 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2019-06-02 12:47 - 2018-06-08 14:04 - 000002160 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2019-05-31 17:26 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-30 11:34 - 2018-06-18 11:51 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-29 10:12 - 2017-10-21 14:04 - 000000000 ____D C:\Users\admin\Desktop\Práce
2019-05-28 20:15 - 2019-04-17 15:10 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-28 20:15 - 2019-04-17 15:10 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-28 20:15 - 2018-06-18 12:02 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-28 20:15 - 2018-06-18 12:02 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-05-28 13:34 - 2018-10-04 14:37 - 000000000 ____D C:\Users\admin\Desktop\PFUK
2019-05-27 17:39 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-27 17:38 - 2018-10-23 06:32 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000225096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-27 17:37 - 2019-02-21 09:03 - 000549200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2019-05-27 17:37 - 2019-01-19 00:15 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-27 17:37 - 2019-01-07 16:11 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-27 17:37 - 2019-01-07 16:11 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-27 17:37 - 2018-06-18 11:51 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-27 17:37 - 2018-06-18 11:51 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-21 20:49 - 2015-03-17 10:29 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 20:49 - 2015-03-17 10:29 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-21 15:41 - 2018-06-08 13:36 - 000002363 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-21 15:41 - 2016-03-08 12:42 - 000000000 ___RD C:\Users\admin\OneDrive
2019-05-20 14:29 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-19 08:11 - 2018-06-08 13:24 - 000506984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-17 19:21 - 2017-09-30 19:18 - 000000000 ____D C:\Program Files\rempl
2019-05-16 17:30 - 2017-05-02 23:09 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 22:18 - 2014-09-15 15:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 22:06 - 2014-09-15 15:19 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 14:14 - 2015-09-04 12:06 - 000000000 ____D C:\Users\admin\Documents\Soubory aplikace Outlook
2019-05-14 14:13 - 2017-12-17 23:30 - 000000000 ____D C:\Users\admin\AppData\Local\F57C5AFD-60D2-41BC-BC15-353BADA8F863.aplzod
2019-05-08 11:47 - 2017-02-09 12:08 - 000000000 ____D C:\Users\admin\Desktop\Osika
2019-05-04 01:53 - 2018-11-16 22:31 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2018-11-16 22:31 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-03 22:07 - 2015-02-19 17:28 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Adobe
==================== Files in the root of some directories =======
2018-07-30 10:12 - 2018-07-30 10:12 - 000000040 _____ () C:\Users\admin\AppData\Roaming\cdr.ini
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by admin (02-06-2019 21:26:01)
Running from C:\Users\admin\Downloads
Windows 10 Pro Version 1803 17134.765 (X64) (2018-06-08 12:06:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
admin (S-1-5-21-1322162875-1540301060-204253963-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-1322162875-1540301060-204253963-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1322162875-1540301060-204253963-503 - Limited - Disabled)
Guest (S-1-5-21-1322162875-1540301060-204253963-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1322162875-1540301060-204253963-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.4 (HKLM-x32\...\{17CEAB50-0275-4D5E-9C11-CF2963C59FA1}) (Version: 4.4.6.2295 - Open Media LLC)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.132 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
AVG (HKLM\...\AVG) (Version: 3491 - AVG Technologies)
AVG 2013 (HKLM\...\{12079D47-A4AB-4AE5-A957-C2062D328F35}) (Version: 13.0.3495 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\{799B578C-3A0D-4FCA-9712-143B84ABAC35}) (Version: 13.0.4257 - AVG Technologies) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Camtasia 9 (HKLM\...\{33E08945-3D7B-40BB-B34F-1A3C8B9650DE}) (Version: 9.1.2.3011 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{34ab05ac-3089-417f-828e-c2da3d5b4e09}) (Version: 9.1.2.3011 - TechSmith Corporation)
Camtasia 9 (HKLM-x32\...\{d298a2fc-0b3a-45ab-9711-d5ca8a3bda00}) (Version: 9.1.1.2546 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
CDA to MP3 Converter v3.3 build 1228 (HKLM-x32\...\{22AC6A90-A99A-4E41-BADC-AC05C811C2C8}_is1) (Version: - Hoo Technologies)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2523 - CDBurnerXP)
CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E1ACF120-CD69-47F0-B202-9A4B95C436D8}) (Version: 5.1.5 - Hewlett-Packard)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version: - Eusing Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C178F0A7-86C8-4BE0-8401-3BC4F6E12F81}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
iCloud (HKLM\...\{29C6B346-C29C-40CE-89EB-DF7C149E0EB9}) (Version: 7.7.0.27 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6498.0 - IDT)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.00.57 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{9F1EE6A3-7BDE-48CC-BC81-1EA3D21D94E3}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
K-Lite Codec Pack 9.9.5 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
LibreOffice 5.4.7.2 (HKLM\...\{26D12F93-E454-4637-9A5C-D52F6B4CC0DD}) (Version: 5.4.7.2 - The Document Foundation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Ralink Bluetooth Stack (HKLM\...\{C079427A-BB28-5168-3DB1-DC6608D226D4}) (Version: 11.0.748.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.33.1 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21242 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
UFR II Printer Driver Uninstaller (HKLM\...\Canon UFR II Printer Driver) (Version: 6, 3, 0, 0 - Canon Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)
Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.140.300.0_x86__kgqvnymyfvs32 [2019-05-28] (king.com)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.5.2.0_x64__6e5tt8cgb93ep [2019-02-04] (Canon Inc.)
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-04-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1322162875-1540301060-204253963-1000_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-30] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-10-01] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-30] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\admin\Desktop\Foto\Nabídka Start\Programy\RarZilla Free Unrar\RarZilla Free Unrar Updates.lnk -> hxxp://www.philipp-winterberg.com/software/rar ... e_unrar.ph
Shortcut: C:\Users\admin\Desktop\Foto\Nabídka Start\Programy\RarZilla Free Unrar\Thanks.lnk -> hxxp://www.philipp-winterberg.com/gratitude.ph
==================== Loaded Modules (Whitelisted) ==============
2013-10-14 11:25 - 2013-10-14 11:25 - 002541056 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 11:24 - 2013-10-14 11:24 - 000627200 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-10-14 11:23 - 2013-10-14 11:23 - 000109568 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 11:22 - 2013-10-14 11:22 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 11:30 - 2013-10-14 11:30 - 000065024 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2013-10-14 11:22 - 2013-10-14 11:22 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2015-08-17 10:47 - 2013-12-17 00:15 - 003815936 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNLB0MUI_DBB31.DLL
2013-08-29 19:31 - 2013-08-29 19:31 - 000092160 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
2013-10-14 11:34 - 2013-10-14 11:34 - 000765440 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2013-10-14 11:23 - 2013-10-14 11:23 - 000690176 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2013-10-14 11:25 - 2013-10-14 11:25 - 001097216 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2018-04-30 17:00 - 2018-04-30 17:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000517120 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-27 14:32 - 2013-08-27 14:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2018-06-08 13:41 - 2018-06-08 13:41 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2018-06-08 13:41 - 2018-06-08 13:41 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2013-10-14 11:29 - 2013-10-14 11:29 - 000087552 _____ (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
2013-10-14 11:35 - 2013-10-14 11:35 - 001297296 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 000306064 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 000599952 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 000208272 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ldapdrv.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 002075536 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2018-12-31 12:45 - 2016-10-17 19:29 - 003842048 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 19\Program32\sciter32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-04 10:15 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFilename3 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{022A10C4-D045-443A-AF88-FB3EEC4893D9}] => (Allow) LPort=8318
FirewallRules: [{3C70A23A-42C8-42AE-B5BD-475D0BD13CDA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7833BFDF-EFA0-44E2-A561-DAB06FC896F6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B3C8E27-0263-4CD4-AF8F-05A34B76528D}] => (Allow) LPort=2869
FirewallRules: [{1FF13871-5BEF-4293-8982-7051805EEBA5}] => (Allow) LPort=1900
FirewallRules: [{B1D99D95-CCAD-4155-B62B-E9278F6E1EAD}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{58E02D41-AB81-41CB-AB4A-F51D74FCD8F7}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{E6354540-9AEA-4E1F-8CC1-C70E58DC6493}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{6C636E9B-A4A9-42D5-85B9-050C5B10D9A2}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{29774C27-D4FA-46E2-AC3A-51BB0C448B9F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{41A2D49C-BFD9-4E44-A0F4-68DA4A9E4787}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{294A29C3-E669-4D54-84D8-31BFB5C1D786}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{08CADD4B-18B1-4A94-9D4B-B87D7FE9F673}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{6D5F2FB6-56D4-4C8B-AF34-BF7CED9C7BAA}C:\program files (x86)\microsoft office\office14\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6D8EC373-6BBD-45CF-9890-BCC74F0F36C8}C:\program files (x86)\microsoft office\office14\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39282A5F-0809-4A81-8B7C-9C87E51BB255}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{27288146-2A0C-46E6-AFEA-6AC33BD8363B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{952C1CD4-2921-4886-BE6B-F45BC18D66A5}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1D76EDCC-55E7-421E-A616-09C34D521AE8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{BA7EBA53-A17A-43BA-82A2-3F67099FA345}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{35E75F12-DF56-47B9-A088-B190BF451144}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{057DEB0A-B0D0-441E-BC4D-B7416E699762}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E8EF4CB-707F-45E9-860A-21935FC38DDD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ECDC0253-CECB-4EB7-BB87-203AB4E118D0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{83B4664F-70EB-4596-AC5B-CE3BC3186F9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F707712B-352F-4390-B8F6-36C8AC6B175F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{0B0B63FF-83A6-455E-98E2-CA5E0B11CCF0}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DF31640D-0B01-44D9-A1C7-9CF1B8620357}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{6F653604-4EB7-423C-8D1E-0A9AB8265188}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
19-05-2019 07:23:13 Windows Update
26-05-2019 16:51:55 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/02/2019 04:12:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.17134.677, time stamp: 0xb4a88dff
Faulting module name: combase.dll, version: 10.0.17134.619, time stamp: 0xa54ce84e
Exception code: 0xc0000005
Fault offset: 0x00000000000b055c
Faulting process id: 0x146c
Faulting application start time: 0x01d519318b96866a
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\WINDOWS\System32\combase.dll
Report Id: f68c0db9-1155-4f10-aff2-176e5538e691
Faulting package full name:
Faulting package-relative application ID:
Error: (06/02/2019 04:06:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sznpp_64.exe, version: 2.1.32.0, time stamp: 0x5ae9c366
Faulting module name: sznpp_64.exe, version: 2.1.32.0, time stamp: 0x5ae9c366
Exception code: 0xc0000005
Fault offset: 0x00000000000140dc
Faulting process id: 0xb44
Faulting application start time: 0x01d5194c61c8e798
Faulting application path: C:\Users\admin\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
Faulting module path: C:\Users\admin\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
Report Id: 034a2902-3e6b-45ec-846d-8702dba0321a
Faulting package full name:
Faulting package-relative application ID:
Error: (06/02/2019 11:18:17 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
Error: (06/02/2019 11:18:14 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (06/02/2019 11:12:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3562
Error: (06/02/2019 11:12:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3562
Error: (06/02/2019 11:12:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/02/2019 09:34:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (5164,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\admin\AppData\Local\Microsoft\Windows\WebCache\V01.log.
System errors:
=============
Error: (06/02/2019 09:24:04 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 09:16:38 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 04:24:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel(R) Management and Security Application Local Management Service service hung on starting.
Error: (06/02/2019 04:19:01 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 04:18:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
Error: (06/02/2019 04:17:53 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 04:13:55 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (06/02/2019 04:12:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Windows Defender:
===================================
Date: 2018-06-11 13:05:01.899
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {96B93285-592F-412D-8D74-509FAB4C204E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-11 12:23:21.181
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7A92C388-E8F2-4B76-ABA7-7C94727D7710}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-09 16:53:31.148
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5EEE4226-EA5D-4194-9B53-4DE3E7D65EB2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-09 16:00:49.898
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C6353759-F4BF-42FA-9172-E99B51EE422C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-09 15:33:23.180
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {06FC532C-9ED1-4B51-9431-45FD7983C1BA}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-06-02 13:00:42.455
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.454
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.454
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.417
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.412
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-05-20 08:34:44.967
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.864
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.738
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.412
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.363
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.316
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:40.536
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:39.447
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.10 01/09/2014
Motherboard: Hewlett-Packard 21B7
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 60%
Total physical RAM: 4016.36 MB
Available physical RAM: 1568.43 MB
Total Virtual: 8112.36 MB
Available Virtual: 5269.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:447.92 GB) (Free:79.47 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:17.55 GB) (Free:1.87 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{a7783f44-2d1b-11e4-bfff-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.14 GB) NTFS
\\?\Volume{a7783f47-2d1b-11e4-bfff-806e6f6e6963}\ (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 72C974A0)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End of Addition.txt ============================
Ran by admin (administrator) on FORNTB-009-W7 (Hewlett-Packard HP 350 G1) (02-06-2019 21:19:07)
Running from C:\Users\admin\Downloads
Loaded Profiles: admin (Available Profiles: admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.765 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1904.31.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-02] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [BingSvc] => C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-22] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [AvastBrowserAutoLaunch_87BAEF0CF97F906CE964583298891759] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Providers\Internet Print Provider: inetpp.dll [174080 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: win32spl.dll [836608 2018-09-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> themeui.dll [2018-09-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> shell32.dll [2018-11-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\Installer\chrmstp.exe [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2013-09-02] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-10-14] (Softex Inc..) [File not signed]
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> wlgpclnt.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{169EBF44-942F-4C43-87CE-13C93996EBBE}] -> AppManagementConfiguration.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> fdeploy.dll [2018-08-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{2BFCC077-22D2-48DE-BDE1-2F618D9B476D}] -> AppManagementConfiguration.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> gptext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{6490DB9D-2802-4956-BCCB-EC84EA0887BB}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> dmenrollengine.dll [2019-04-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> scecli.dll [2018-10-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> hvsigpext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> dot3gpclnt.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> appmgmts.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> gptext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{D7300225-081C-4CED-9FAD-BFCF9EC3D1D3}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{F312195E-3D9D-447A-A3F5-08DFFA24735E}] -> dggpext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> gptext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> gptext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FC491EF1-C4AA-4CE1-B329-414B101DB823}] -> dggpext.dll [2018-04-12] (Microsoft Windows -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01726808-97B5-4498-8E68-2D8C3C9A1D7D} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {0657093F-564C-448B-A74F-97589F8FA3BD} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {087AE7E4-B189-4661-BC81-52160F211E5C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {0F531CED-9974-4F1E-AD5F-E826D800193C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10B70C05-F4D2-4121-8D94-C4C0D298C0A5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {169276CB-5B14-4ADF-80AE-2680F1BE405F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18BFAC69-71D9-4E74-9719-B2D0A899A7F8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {253D637F-4669-402F-AE0F-9A663EDB87FD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {26331321-5788-4B0B-AD7A-61E9FFF65355} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {29BA28CF-5689-4798-977B-4CE63B351F86} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {34EDF480-91D9-45B4-A8CC-115ED5648ACE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {4643E492-39A9-4B92-BC87-18F7979402C1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4CFD15A4-AF0B-445D-9CDC-F5707DC4FC4D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5528F22C-2470-4715-ACAE-E274EF6898C7} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {62573B62-C559-4528-9136-AA80E1ABCD40} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6915A6A8-1829-4D75-8433-ACC252915CA6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70432B1C-4693-4BFF-9458-CFF2AACBD3E8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72577089-87C8-488D-890A-EB6510DC56CE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {73148C51-B84D-4F23-AD18-957542E7C4B5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {83795B87-BDC9-4F80-A96D-48ED113712D9} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {84749AF0-88A8-45D0-9E63-F45B2DD5E693} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {854FE963-10B3-4500-BC21-B81681F2587E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {87DDBFA2-3106-4405-A140-41D8092CBBEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {88100568-D69B-4940-8FC5-E698438E7030} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-17] (Google Inc -> Google Inc.)
Task: {887C724C-0E79-4ACD-982F-22E2AF371A7A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {900E7AC8-94C5-47E8-B8FE-2BC75373679E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-17] (Google Inc -> Google Inc.)
Task: {90450433-BAEA-47BC-B4ED-897E21BB979F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {96B4F5D5-F1C7-47C8-9428-7195BC374884} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {9C4F4ACB-5122-40E1-9D7E-99555BC2F2C1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613FBA38-A3DF-4AB8-9674-5604984A299A} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A249E1B8-2C34-4C69-8127-7550463B0820} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A92118EB-5AE1-45B3-92C9-2F96F3335541} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {B022837A-D68D-4D72-BD86-0621C6ED6E64} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B24BD218-53BC-49ED-BEAE-3383B26420BE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {B90BE79B-7E58-4B09-A881-E68F1019C471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [603008 2012-11-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {BA8388E5-91E3-4B65-9B75-72280DC93C98} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {BDBB012E-2EBB-4C2F-91EC-96CDEA0B0E29} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BE71EBB2-37C2-47B6-8660-273FFABB4794} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [38784 2012-03-21] (Hewlett-Packard Company -> )
Task: {C03B2D84-E7E6-47FF-B266-99FA40464BED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {C32AE2F2-7202-4E51-BF9B-C86F484EDFEB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1796072148-3433743337-3639312054-4191UA => C:\Users\iveta.cerna\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-17] (Google Inc -> Google Inc.)
Task: {C46B36B6-55EF-4C16-A0CF-2EA48A96A8DC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C4BF7D14-7F4C-490F-8FBD-DAE3517B2ECC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C4E2B49B-D2CB-40F5-9BF5-360F38142F01} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C737D1C6-13EF-4CEA-B7D4-C0498757E839} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416 2014-01-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CB7576FC-46D5-4830-89D9-DE1C82925B77} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe [40448 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {CD4E589C-D5EA-4846-A292-3BF3484159DA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CEC47082-9496-4A8E-A88A-8A73C9AF55D8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {D27C7A75-C63B-4C3B-B3BB-57B33835ADB0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2E1826F-44F5-4A60-938B-5961FFC33A0E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {D707BA21-1FBE-493D-B338-3BA1F0A3E464} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D7FF04F3-D441-4E10-BC94-96B956474614} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1344312 2013-09-10] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {DA62CF65-FD26-496E-9B53-CF381BB958C4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {DB8BA814-4A31-4FDB-9D9D-F0D440D815D9} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {E2106D6A-B341-44C6-824B-526B50282435} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [541496 2013-08-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {ECE01E21-00FD-42F2-B426-B67ED24AABCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [541496 2013-08-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {EF42A52E-24F3-44D8-87AF-D618A1712891} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1B688A1-075E-4A67-ABF7-459D71672E61} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2bd50bca-f6b3-469e-8d23-02a0d9b22f7f}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-06-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2019-06-02]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-06]
CHR Extension: (Bing) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-06-02]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Skype) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-10-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-14]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-24]
CHR HKU\S-1-5-21-1322162875-1540301060-204253963-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [416512 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-01] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [549200 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225096 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R1 Avgtdia; C:\WINDOWS\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\WINDOWS\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink -> CyberLink)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2018-04-12] (Microsoft Windows -> MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-10-26] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated -> Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313384 2018-06-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-02 16:08 - 2019-06-02 16:08 - 007025360 _____ (Malwarebytes) C:\Users\admin\Desktop\adwcleaner_7.3.exe
2019-06-02 15:02 - 2019-06-02 15:07 - 000042089 _____ C:\Users\admin\Downloads\Addition.txt
2019-06-02 14:55 - 2019-06-02 21:23 - 000041541 _____ C:\Users\admin\Downloads\FRST.txt
2019-06-02 14:52 - 2019-06-02 14:53 - 002433536 _____ (Farbar) C:\Users\admin\Downloads\FRST64 (1).exe
2019-06-02 14:28 - 2019-06-02 14:30 - 342465644 _____ C:\Users\admin\Downloads\B5300070-D5BC-4C5C-9C68-A38228B19EE4 (1).MOV
2019-06-02 12:31 - 2019-06-02 12:34 - 342465644 _____ C:\Users\admin\Downloads\B5300070-D5BC-4C5C-9C68-A38228B19EE4.MOV
2019-06-02 11:20 - 2019-06-02 11:20 - 000193395 _____ C:\Users\admin\Downloads\WhatsApp Image 2019-06-01 at 19.29.28.jpeg
2019-06-02 11:20 - 2019-06-02 11:20 - 000107541 _____ C:\Users\admin\Downloads\WhatsApp Image 2019-06-01 at 20.46.01.jpeg
2019-05-29 23:11 - 2019-05-29 23:13 - 195244778 _____ C:\Users\admin\Downloads\Soubor_002.mov
2019-05-29 23:05 - 2019-05-29 23:06 - 033127622 _____ C:\Users\admin\Downloads\Daft Punk_nácvik chorošky.mp4
2019-05-28 19:59 - 2019-05-28 19:59 - 000077340 _____ C:\Users\admin\Downloads\smlouva-2019-05-28-.pdf
2019-05-28 14:11 - 2019-05-28 14:11 - 000013244 _____ C:\Users\admin\Downloads\27413-2019-05-28_10-00.pdf
2019-05-27 17:39 - 2019-05-27 17:38 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-25 21:06 - 2019-05-25 21:07 - 021315608 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup557.exe
2019-05-21 21:07 - 2019-05-21 21:19 - 1891554104 _____ C:\Users\admin\Downloads\Hra o truny Game of Thrones S08E06 1080i CZ Titulky.ts
2019-05-20 14:44 - 2019-05-20 14:44 - 000012733 _____ C:\Users\admin\Downloads\27413-2019-05-20_10-00.pdf
2019-05-19 09:51 - 2019-05-19 09:51 - 021254208 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup556 (1).exe
2019-05-19 07:37 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-19 07:37 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-19 07:37 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-19 07:36 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-19 07:36 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-19 07:36 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-19 07:36 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-19 07:36 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-19 07:36 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-19 07:36 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-19 07:36 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-19 07:36 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-19 07:36 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-19 07:36 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-19 07:36 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-19 07:35 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-19 07:35 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-19 07:35 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-19 07:35 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-19 07:35 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-19 07:35 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-19 07:35 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-19 07:35 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-19 07:35 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-19 07:35 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-19 07:35 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-19 07:35 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-19 07:35 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-19 07:35 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-19 07:35 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-19 07:35 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-19 07:35 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-19 07:35 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-19 07:35 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-19 07:35 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-19 07:35 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-19 07:35 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-19 07:35 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-19 07:35 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-19 07:35 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-19 07:35 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-19 07:35 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-19 07:35 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-19 07:35 - 2019-05-03 07:54 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-19 07:35 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-19 07:35 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-19 07:35 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-19 07:35 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-19 07:35 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-19 07:35 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-19 07:35 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-19 07:35 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-19 07:35 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-19 07:35 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-19 07:35 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-19 07:35 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-19 07:35 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-19 07:35 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-19 07:35 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-19 07:35 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-19 07:35 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-19 07:35 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-19 07:35 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-19 07:35 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-19 07:34 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-19 07:34 - 2019-05-03 14:14 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-05-19 07:34 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-19 07:34 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-19 07:34 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-19 07:34 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-19 07:34 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-19 07:34 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-19 07:34 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-19 07:34 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-19 07:34 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-19 07:34 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-19 07:34 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-19 07:34 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-19 07:34 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-19 07:34 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-19 07:34 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-19 07:34 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-19 07:34 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-19 07:34 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-19 07:34 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-19 07:34 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-19 07:34 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-19 07:34 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-19 07:34 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-19 07:34 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-19 07:34 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-19 07:34 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-19 07:34 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-19 07:34 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-19 07:34 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-19 07:34 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-19 07:34 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-19 07:34 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-19 07:34 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-19 07:34 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-19 07:34 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-19 07:34 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-19 07:34 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-19 07:34 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-19 07:34 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-19 07:34 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-19 07:34 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-19 07:34 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-19 07:34 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-19 07:34 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-19 07:34 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-19 07:34 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-19 07:34 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-19 07:34 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-19 07:34 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-19 07:34 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-19 07:34 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-19 07:34 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-19 07:34 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-19 07:34 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-19 07:34 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-19 07:34 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-19 07:34 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-19 07:34 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-19 07:34 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-19 07:34 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-19 07:34 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-19 07:34 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-19 07:33 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-19 07:33 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-19 07:33 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-19 07:33 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-19 07:33 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-19 07:33 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-19 07:33 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-19 07:33 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-19 07:33 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-19 07:33 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-19 07:33 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-19 07:33 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-19 07:33 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-19 07:33 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-19 07:33 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-19 07:33 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-19 07:33 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-19 07:33 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-19 07:33 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-19 07:33 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-19 07:33 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-19 07:33 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-19 07:33 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-19 07:33 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-19 07:33 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-19 07:33 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-19 07:33 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-19 07:33 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-19 07:33 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-19 07:33 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-19 07:33 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-19 07:33 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-19 07:33 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-19 07:33 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-19 07:33 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-19 07:33 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-19 07:33 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-19 07:33 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-19 07:33 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-19 07:33 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-19 07:33 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-19 07:33 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-19 07:33 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-19 07:33 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-19 07:33 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-19 07:33 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-19 07:33 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-19 07:33 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-19 07:33 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-19 07:33 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-19 07:33 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-19 07:33 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-19 07:33 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-19 07:33 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-16 15:18 - 2019-05-16 15:18 - 000012957 _____ C:\Users\admin\Downloads\27413-2019-05-15_10-00.pdf
2019-05-15 21:42 - 2019-05-15 21:57 - 772219586 _____ C:\Users\admin\Downloads\Hra o trůny (Game of Thrones) S08E05 CZtit. (frpli).avi
2019-05-14 12:08 - 2019-05-14 12:08 - 021254208 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup556.exe
2019-05-12 18:20 - 2019-05-12 18:20 - 000058760 _____ C:\Users\admin\Downloads\10824.frx.pdf
2019-05-12 17:54 - 2019-05-12 17:54 - 000168407 _____ C:\Users\admin\Downloads\VINNÝ LÍSTEK Osika Praha ceny - AKTUALIZACE.pdf
2019-05-12 17:16 - 2019-05-12 17:16 - 000014036 _____ C:\Users\admin\Downloads\27413-2019-05-12_10-00.pdf
2019-05-09 17:29 - 2019-05-09 17:30 - 021205512 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup555 (1).exe
2019-05-07 21:54 - 2019-05-07 22:06 - 1713119078 _____ C:\Users\admin\Downloads\Hra o trůny - Game of Thrones S08E04 (CZ tit.).mkv
2019-05-04 23:16 - 2019-05-04 23:17 - 021205512 _____ (Piriform Software Ltd) C:\Users\admin\Downloads\ccsetup555.exe
2019-05-03 22:40 - 2019-05-03 22:40 - 000301835 _____ C:\Users\admin\Downloads\Vypis_z_uctu-2701008645_20190401-20190430_cislo-4.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-02 21:23 - 2018-07-13 19:29 - 000000000 ____D C:\Users\admin\Desktop\Články
2019-06-02 21:23 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-02 21:22 - 2017-08-28 11:48 - 000000000 ____D C:\Users\admin\Desktop\TV
2019-06-02 21:19 - 2018-10-11 22:40 - 000000000 ____D C:\FRST
2019-06-02 21:16 - 2018-06-08 13:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-02 16:19 - 2018-06-18 12:00 - 000000000 ____D C:\Users\admin\AppData\Local\AVAST Software
2019-06-02 16:18 - 2017-12-17 23:30 - 000000000 ___RD C:\Users\admin\iCloudDrive
2019-06-02 16:18 - 2014-09-15 14:29 - 000000000 ____D C:\Users\admin\Documents\Youcam
2019-06-02 16:16 - 2017-12-17 23:41 - 000000000 ____D C:\Users\admin\Desktop\Foto ICloud
2019-06-02 16:14 - 2018-10-14 22:18 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-06-02 16:14 - 2016-03-08 12:33 - 000000000 __SHD C:\Users\admin\IntelGraphicsProfiles
2019-06-02 16:13 - 2018-06-08 14:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-02 16:12 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-06-02 16:06 - 2018-05-16 23:40 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2019-06-02 14:47 - 2016-04-22 19:58 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2019-06-02 14:07 - 2018-07-23 10:47 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-02 13:56 - 2018-06-18 11:52 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-06-02 12:58 - 2018-06-08 13:31 - 000970576 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-02 12:58 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-02 12:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-02 12:54 - 2014-01-20 13:29 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2019-06-02 12:52 - 2018-06-08 13:36 - 000000000 ____D C:\Users\admin
2019-06-02 12:49 - 2015-04-23 10:48 - 000000000 ____D C:\Users\admin\AppData\Roaming\Media Player Classic
2019-06-02 12:47 - 2018-12-19 14:59 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-02 12:47 - 2018-12-19 14:59 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-02 12:47 - 2018-07-23 10:47 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-06-02 12:47 - 2018-06-18 11:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-06-02 12:47 - 2018-06-08 14:04 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-06-02 12:47 - 2018-06-08 14:04 - 000003304 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16ECC96E-C0BE-4948-BFA1-BD22B4C4616C}
2019-06-02 12:47 - 2018-06-08 14:04 - 000003194 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-06-02 12:47 - 2018-06-08 14:04 - 000002958 _____ C:\WINDOWS\System32\Tasks\Registration
2019-06-02 12:47 - 2018-06-08 14:04 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1322162875-1540301060-204253963-1000
2019-06-02 12:47 - 2018-06-08 14:04 - 000002536 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2019-06-02 12:47 - 2018-06-08 14:04 - 000002536 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2019-06-02 12:47 - 2018-06-08 14:04 - 000002536 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2019-06-02 12:47 - 2018-06-08 14:04 - 000002160 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2019-05-31 17:26 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-30 11:34 - 2018-06-18 11:51 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-29 10:12 - 2017-10-21 14:04 - 000000000 ____D C:\Users\admin\Desktop\Práce
2019-05-28 20:15 - 2019-04-17 15:10 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-28 20:15 - 2019-04-17 15:10 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-28 20:15 - 2018-06-18 12:02 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-28 20:15 - 2018-06-18 12:02 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-05-28 13:34 - 2018-10-04 14:37 - 000000000 ____D C:\Users\admin\Desktop\PFUK
2019-05-27 17:39 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-27 17:38 - 2018-10-23 06:32 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000225096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-27 17:38 - 2018-06-18 11:51 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-27 17:37 - 2019-02-21 09:03 - 000549200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2019-05-27 17:37 - 2019-01-19 00:15 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-27 17:37 - 2019-01-07 16:11 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-27 17:37 - 2019-01-07 16:11 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-27 17:37 - 2018-06-18 11:51 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-27 17:37 - 2018-06-18 11:51 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-21 20:49 - 2015-03-17 10:29 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 20:49 - 2015-03-17 10:29 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-21 15:41 - 2018-06-08 13:36 - 000002363 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-21 15:41 - 2016-03-08 12:42 - 000000000 ___RD C:\Users\admin\OneDrive
2019-05-20 14:29 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-19 08:11 - 2018-06-08 13:24 - 000506984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-05-19 08:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-17 19:21 - 2017-09-30 19:18 - 000000000 ____D C:\Program Files\rempl
2019-05-16 17:30 - 2017-05-02 23:09 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 22:18 - 2014-09-15 15:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 22:06 - 2014-09-15 15:19 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 14:14 - 2015-09-04 12:06 - 000000000 ____D C:\Users\admin\Documents\Soubory aplikace Outlook
2019-05-14 14:13 - 2017-12-17 23:30 - 000000000 ____D C:\Users\admin\AppData\Local\F57C5AFD-60D2-41BC-BC15-353BADA8F863.aplzod
2019-05-08 11:47 - 2017-02-09 12:08 - 000000000 ____D C:\Users\admin\Desktop\Osika
2019-05-04 01:53 - 2018-11-16 22:31 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2018-11-16 22:31 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-03 22:07 - 2015-02-19 17:28 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Adobe
==================== Files in the root of some directories =======
2018-07-30 10:12 - 2018-07-30 10:12 - 000000040 _____ () C:\Users\admin\AppData\Roaming\cdr.ini
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by admin (02-06-2019 21:26:01)
Running from C:\Users\admin\Downloads
Windows 10 Pro Version 1803 17134.765 (X64) (2018-06-08 12:06:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
admin (S-1-5-21-1322162875-1540301060-204253963-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-1322162875-1540301060-204253963-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1322162875-1540301060-204253963-503 - Limited - Disabled)
Guest (S-1-5-21-1322162875-1540301060-204253963-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1322162875-1540301060-204253963-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.4 (HKLM-x32\...\{17CEAB50-0275-4D5E-9C11-CF2963C59FA1}) (Version: 4.4.6.2295 - Open Media LLC)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.132 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
AVG (HKLM\...\AVG) (Version: 3491 - AVG Technologies)
AVG 2013 (HKLM\...\{12079D47-A4AB-4AE5-A957-C2062D328F35}) (Version: 13.0.3495 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\{799B578C-3A0D-4FCA-9712-143B84ABAC35}) (Version: 13.0.4257 - AVG Technologies) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Camtasia 9 (HKLM\...\{33E08945-3D7B-40BB-B34F-1A3C8B9650DE}) (Version: 9.1.2.3011 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{34ab05ac-3089-417f-828e-c2da3d5b4e09}) (Version: 9.1.2.3011 - TechSmith Corporation)
Camtasia 9 (HKLM-x32\...\{d298a2fc-0b3a-45ab-9711-d5ca8a3bda00}) (Version: 9.1.1.2546 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
CDA to MP3 Converter v3.3 build 1228 (HKLM-x32\...\{22AC6A90-A99A-4E41-BADC-AC05C811C2C8}_is1) (Version: - Hoo Technologies)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2523 - CDBurnerXP)
CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E1ACF120-CD69-47F0-B202-9A4B95C436D8}) (Version: 5.1.5 - Hewlett-Packard)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version: - Eusing Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C178F0A7-86C8-4BE0-8401-3BC4F6E12F81}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
iCloud (HKLM\...\{29C6B346-C29C-40CE-89EB-DF7C149E0EB9}) (Version: 7.7.0.27 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6498.0 - IDT)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.00.57 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{9F1EE6A3-7BDE-48CC-BC81-1EA3D21D94E3}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
K-Lite Codec Pack 9.9.5 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
LibreOffice 5.4.7.2 (HKLM\...\{26D12F93-E454-4637-9A5C-D52F6B4CC0DD}) (Version: 5.4.7.2 - The Document Foundation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Ralink Bluetooth Stack (HKLM\...\{C079427A-BB28-5168-3DB1-DC6608D226D4}) (Version: 11.0.748.2 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.33.1 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21242 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
UFR II Printer Driver Uninstaller (HKLM\...\Canon UFR II Printer Driver) (Version: 6, 3, 0, 0 - Canon Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)
Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.140.300.0_x86__kgqvnymyfvs32 [2019-05-28] (king.com)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.5.2.0_x64__6e5tt8cgb93ep [2019-02-04] (Canon Inc.)
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-14] (Microsoft Corporation)
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-04-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1322162875-1540301060-204253963-1000_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-30] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-10-01] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-30] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\admin\Desktop\Foto\Nabídka Start\Programy\RarZilla Free Unrar\RarZilla Free Unrar Updates.lnk -> hxxp://www.philipp-winterberg.com/software/rar ... e_unrar.ph
Shortcut: C:\Users\admin\Desktop\Foto\Nabídka Start\Programy\RarZilla Free Unrar\Thanks.lnk -> hxxp://www.philipp-winterberg.com/gratitude.ph
==================== Loaded Modules (Whitelisted) ==============
2013-10-14 11:25 - 2013-10-14 11:25 - 002541056 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 11:24 - 2013-10-14 11:24 - 000627200 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-10-14 11:23 - 2013-10-14 11:23 - 000109568 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 11:22 - 2013-10-14 11:22 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 11:30 - 2013-10-14 11:30 - 000065024 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2013-10-14 11:22 - 2013-10-14 11:22 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2015-08-17 10:47 - 2013-12-17 00:15 - 003815936 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNLB0MUI_DBB31.DLL
2013-08-29 19:31 - 2013-08-29 19:31 - 000092160 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
2013-10-14 11:34 - 2013-10-14 11:34 - 000765440 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2013-10-14 11:23 - 2013-10-14 11:23 - 000690176 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2013-10-14 11:25 - 2013-10-14 11:25 - 001097216 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2018-04-30 17:00 - 2018-04-30 17:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000517120 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2013-08-30 21:18 - 2013-08-30 21:18 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-27 14:32 - 2013-08-27 14:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2018-06-08 13:41 - 2018-06-08 13:41 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2018-06-08 13:41 - 2018-06-08 13:41 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2013-10-14 11:29 - 2013-10-14 11:29 - 000087552 _____ (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
2013-10-14 11:35 - 2013-10-14 11:35 - 001297296 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 000306064 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 000599952 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 000208272 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ldapdrv.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 002075536 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2018-12-31 12:45 - 2016-10-17 19:29 - 003842048 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 19\Program32\sciter32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-04 10:15 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFilename3 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{022A10C4-D045-443A-AF88-FB3EEC4893D9}] => (Allow) LPort=8318
FirewallRules: [{3C70A23A-42C8-42AE-B5BD-475D0BD13CDA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7833BFDF-EFA0-44E2-A561-DAB06FC896F6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B3C8E27-0263-4CD4-AF8F-05A34B76528D}] => (Allow) LPort=2869
FirewallRules: [{1FF13871-5BEF-4293-8982-7051805EEBA5}] => (Allow) LPort=1900
FirewallRules: [{B1D99D95-CCAD-4155-B62B-E9278F6E1EAD}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{58E02D41-AB81-41CB-AB4A-F51D74FCD8F7}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{E6354540-9AEA-4E1F-8CC1-C70E58DC6493}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{6C636E9B-A4A9-42D5-85B9-050C5B10D9A2}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{29774C27-D4FA-46E2-AC3A-51BB0C448B9F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{41A2D49C-BFD9-4E44-A0F4-68DA4A9E4787}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{294A29C3-E669-4D54-84D8-31BFB5C1D786}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{08CADD4B-18B1-4A94-9D4B-B87D7FE9F673}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{6D5F2FB6-56D4-4C8B-AF34-BF7CED9C7BAA}C:\program files (x86)\microsoft office\office14\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6D8EC373-6BBD-45CF-9890-BCC74F0F36C8}C:\program files (x86)\microsoft office\office14\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39282A5F-0809-4A81-8B7C-9C87E51BB255}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{27288146-2A0C-46E6-AFEA-6AC33BD8363B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{952C1CD4-2921-4886-BE6B-F45BC18D66A5}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1D76EDCC-55E7-421E-A616-09C34D521AE8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{BA7EBA53-A17A-43BA-82A2-3F67099FA345}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{35E75F12-DF56-47B9-A088-B190BF451144}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{057DEB0A-B0D0-441E-BC4D-B7416E699762}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E8EF4CB-707F-45E9-860A-21935FC38DDD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ECDC0253-CECB-4EB7-BB87-203AB4E118D0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{83B4664F-70EB-4596-AC5B-CE3BC3186F9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F707712B-352F-4390-B8F6-36C8AC6B175F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{0B0B63FF-83A6-455E-98E2-CA5E0B11CCF0}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DF31640D-0B01-44D9-A1C7-9CF1B8620357}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{6F653604-4EB7-423C-8D1E-0A9AB8265188}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
19-05-2019 07:23:13 Windows Update
26-05-2019 16:51:55 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/02/2019 04:12:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.17134.677, time stamp: 0xb4a88dff
Faulting module name: combase.dll, version: 10.0.17134.619, time stamp: 0xa54ce84e
Exception code: 0xc0000005
Fault offset: 0x00000000000b055c
Faulting process id: 0x146c
Faulting application start time: 0x01d519318b96866a
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\WINDOWS\System32\combase.dll
Report Id: f68c0db9-1155-4f10-aff2-176e5538e691
Faulting package full name:
Faulting package-relative application ID:
Error: (06/02/2019 04:06:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: sznpp_64.exe, version: 2.1.32.0, time stamp: 0x5ae9c366
Faulting module name: sznpp_64.exe, version: 2.1.32.0, time stamp: 0x5ae9c366
Exception code: 0xc0000005
Fault offset: 0x00000000000140dc
Faulting process id: 0xb44
Faulting application start time: 0x01d5194c61c8e798
Faulting application path: C:\Users\admin\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
Faulting module path: C:\Users\admin\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
Report Id: 034a2902-3e6b-45ec-846d-8702dba0321a
Faulting package full name:
Faulting package-relative application ID:
Error: (06/02/2019 11:18:17 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
Error: (06/02/2019 11:18:14 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (06/02/2019 11:12:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3562
Error: (06/02/2019 11:12:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3562
Error: (06/02/2019 11:12:09 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/02/2019 09:34:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (5164,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\admin\AppData\Local\Microsoft\Windows\WebCache\V01.log.
System errors:
=============
Error: (06/02/2019 09:24:04 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 09:16:38 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 04:24:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel(R) Management and Security Application Local Management Service service hung on starting.
Error: (06/02/2019 04:19:01 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 04:18:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
Error: (06/02/2019 04:17:53 PM) (Source: DCOM) (EventID: 10016) (User: FORNTB-009-W7)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FORNTB-009-W7\admin SID (S-1-5-21-1322162875-1540301060-204253963-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/02/2019 04:13:55 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (06/02/2019 04:12:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Windows Defender:
===================================
Date: 2018-06-11 13:05:01.899
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {96B93285-592F-412D-8D74-509FAB4C204E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-11 12:23:21.181
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7A92C388-E8F2-4B76-ABA7-7C94727D7710}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-09 16:53:31.148
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5EEE4226-EA5D-4194-9B53-4DE3E7D65EB2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-09 16:00:49.898
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C6353759-F4BF-42FA-9172-E99B51EE422C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-09 15:33:23.180
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {06FC532C-9ED1-4B51-9431-45FD7983C1BA}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-06-02 13:00:42.455
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.454
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.454
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.417
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-06-02 13:00:42.412
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1427.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-05-20 08:34:44.967
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.864
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.738
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.412
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.363
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:44.316
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:40.536
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2019-05-20 08:34:39.447
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.10 01/09/2014
Motherboard: Hewlett-Packard 21B7
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 60%
Total physical RAM: 4016.36 MB
Available physical RAM: 1568.43 MB
Total Virtual: 8112.36 MB
Available Virtual: 5269.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:447.92 GB) (Free:79.47 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:17.55 GB) (Free:1.87 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{a7783f44-2d1b-11e4-bfff-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.14 GB) NTFS
\\?\Volume{a7783f47-2d1b-11e4-bfff-806e6f6e6963}\ (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 72C974A0)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== End of Addition.txt ============================
Re: Velmi pomalý NTB
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [BingSvc] => C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-22] (Microsoft Corporation -> © 2015 Microsoft Corporation) CHR HomePage: Default -> msn.com CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR HKU\S-1-5-21-1322162875-1540301060-204253963-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
emmanaruby
- Návštěvník
- Příspěvky: 114
- Registrován: 18 čer 2010 14:34
Re: Velmi pomalý NTB
Fix result of Farbar Recovery Scan Tool (x64) Version: 05-06-2019 01
Ran by admin (06-06-2019 12:22:19) Run:2
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [BingSvc] => C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-22] (Microsoft Corporation -> � 2015 Microsoft Corporation)
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR HKU\S-1-5-21-1322162875-1540301060-204253963-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 25972
Average :
Sum : 178437259466
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
"HKU\S-1-5-21-1322162875-1540301060-204253963-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 84531232 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 274909996 B
Edge => 15240654 B
Chrome => 422970481 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 20624 B
LocalService => 0 B
NetworkService => 19046 B
NetworkService => 0 B
admin => 36334794 B
DefaultAppPool => 0 B
RecycleBin => 719985850 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:26:01 ====
Ran by admin (06-06-2019 12:22:19) Run:2
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\...\Run: [BingSvc] => C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-22] (Microsoft Corporation -> � 2015 Microsoft Corporation)
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR HKU\S-1-5-21-1322162875-1540301060-204253963-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 25972
Average :
Sum : 178437259466
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
"HKU\S-1-5-21-1322162875-1540301060-204253963-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
HKU\S-1-5-21-1322162875-1540301060-204253963-1000\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 84531232 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 274909996 B
Edge => 15240654 B
Chrome => 422970481 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 20624 B
LocalService => 0 B
NetworkService => 19046 B
NetworkService => 0 B
admin => 36334794 B
DefaultAppPool => 0 B
RecycleBin => 719985850 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:26:01 ====
Re: Velmi pomalý NTB
Plocha ma vyse 160 GB, co je prilis vela. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu. Ako to vyzera s PC? Nastala nejaka zmena alebo su este s PC nejake problemy?Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?