Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-09-2019 01
Ran by Vojta (administrator) on VOJTA-PC (LENOVO 6077AM1) (20-09-2019 06:32:42)
Running from C:\Users\Vojta\Desktop
Loaded Profiles: Vojta (Available Profiles: Vojta)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel) [File not signed] C:\Program Files\Intel\AMT\LMS.exe
(Intel) [File not signed] C:\Program Files\Intel\AMT\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-2091321983-474696320-977629267-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2091321983-474696320-977629267-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [221184 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {005BD7AB-90E8-40C3-8CB0-38C5C592E1AB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe Inc. -> Adobe)
Task: {3CBF6EE4-295D-4B7A-8393-AA5372894B96} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {5079534F-01F8-4001-A965-37176743753F} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [153768 2011-02-15] (Visan Industries -> )
Task: {5D434B00-1A6D-4C43-AF07-29118FFADA96} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-11] (Adobe Inc. -> Adobe)
Task: {5FCFA5FC-356A-4596-BEE8-33F7B47A7ABE} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [345824 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6184A915-3D13-4272-9E9F-5B332A94868B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {625E62E5-8815-4597-9750-89A6777D790D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {9AD64118-7F60-4C0A-A282-54CA2D65E5E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BB10A299-B9F6-4F1C-A2C2-5F022977F222} - System32\Tasks\SmartShare => C:\Program Files\LG Software\LG Smart Share\SmartShareStart.exe
Task: {E1885DD8-5E83-4395-B821-79BDC0FDB036} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {E7758F04-3AE4-4E82-B07E-AF986B46B771} - System32\Tasks\Pošta => C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe [845584 2018-04-11] (Microsoft Corporation -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BC2DAF9C-4130-4E26-A4A3-EF85916DF03C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D48461E7-DA8F-4718-8ACD-557293A42A76}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2091321983-474696320-977629267-1001 -> DefaultScope {E6BBF592-8669-4A08-9C75-67EE5631D7BE} URL = hxxps://
www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2091321983-474696320-977629267-1001 -> {E6BBF592-8669-4A08-9C75-67EE5631D7BE} URL = hxxps://
www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-10] (Oracle America, Inc. -> Oracle Corporation)
DPF: {CAFEEFAC-0018-0000-00101-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_101-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: v28pucrl.default
FF ProfilePath: C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\v28pucrl.default [2019-09-20]
FF Homepage: Mozilla\Firefox\Profiles\v28pucrl.default -> hxxps://
www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\v28pucrl.default -> Enabled:
_14Members_@download.totalrecipesearch.com
FF Extension: (SafeGuard) - C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\v28pucrl.default\Extensions\
extension@safeguard.ws.xpi [2019-09-07]
FF Extension: (Firefox ESR configurer for OLDJAWS screen reader ) - C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\v28pucrl.default\features\{e8ff60ec-8904-42a4-b855-6a13e850f05d}\
jaws-esr@mozilla.org.xpi [2019-09-10] [Legacy]
FF Extension: (Firefox ESR configurer for OLDJAWS screen reader ) - C:\Program Files\Mozilla Firefox\browser\features\
jaws-esr@mozilla.org.xpi [2019-09-09] [Legacy] [not signed]
FF Extension: (Google Slides Offline) - C:\Program Files\Mozilla Firefox\browser\features\{1F811EFA-5187-46DC-8F9F-766102E95F2D}.xpi [2019-08-14] [not signed]
FF HKLM\...\Firefox\Extensions: [
quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [143776 2017-02-11] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-07-24] (Adobe Inc. -> Adobe Systems)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1142464 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-01-19] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-01-19] (Disc Soft Ltd -> Disc Soft Ltd)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2016-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-20 06:32 - 2019-09-20 06:33 - 000013435 _____ C:\Users\Vojta\Desktop\FRST.txt
2019-09-20 06:32 - 2019-09-20 06:32 - 000000000 ____D C:\Users\Vojta\Desktop\FRST-OlderVersion
2019-09-18 18:53 - 2019-09-18 18:53 - 000030329 _____ C:\Users\Vojta\Desktop\sfcdetails.txt
2019-09-16 21:06 - 2019-09-17 07:25 - 000000000 ____D C:\KVRT_Data
2019-09-16 21:04 - 2019-09-16 21:06 - 168071976 _____ (AO Kaspersky Lab) C:\Users\Vojta\Downloads\KVRT.exe
2019-09-11 08:04 - 2019-08-29 04:56 - 003966904 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-09-11 08:04 - 2019-08-29 04:56 - 000191416 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-09-11 08:04 - 2019-08-29 04:56 - 000191416 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-09-11 08:04 - 2019-08-29 04:56 - 000068832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-09-11 08:04 - 2019-08-29 04:55 - 004061112 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-09-11 08:04 - 2019-08-29 04:55 - 001315912 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-09-11 08:04 - 2019-08-29 04:55 - 000138168 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-09-11 08:04 - 2019-08-29 04:55 - 000137440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-09-11 08:04 - 2019-08-29 04:52 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:27 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-09-11 08:04 - 2019-08-29 04:27 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-09-11 08:04 - 2019-08-29 04:27 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-09-11 08:04 - 2019-08-29 04:27 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-09-11 08:04 - 2019-08-29 04:27 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-09-11 08:04 - 2019-08-29 04:27 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-09-11 08:04 - 2019-08-29 04:25 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-09-11 08:04 - 2019-08-29 04:25 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-09-11 08:04 - 2019-08-29 04:24 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-09-11 08:04 - 2019-08-29 04:22 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-09-11 08:04 - 2019-08-29 04:22 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-09-11 08:04 - 2019-08-29 04:22 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-09-11 08:04 - 2019-08-29 04:22 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-09-11 08:04 - 2019-08-29 04:22 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-09-11 08:04 - 2019-08-29 04:22 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-09-11 08:04 - 2019-08-29 04:21 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-09-11 08:04 - 2019-08-29 04:21 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-09-11 08:04 - 2019-08-29 04:21 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-09-11 08:04 - 2019-08-29 04:21 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-09-11 08:04 - 2019-08-29 04:21 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-09-11 08:04 - 2019-08-29 04:21 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-09-11 08:04 - 2019-08-29 04:21 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-09-11 08:04 - 2019-08-29 04:21 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-09-11 08:04 - 2019-08-29 04:21 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-09-11 08:04 - 2019-08-29 04:21 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-09-11 08:04 - 2019-08-29 04:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-09-11 08:04 - 2019-08-29 04:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-09-11 08:04 - 2019-08-27 21:59 - 000341896 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-09-11 08:04 - 2019-08-27 05:21 - 020290560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-09-11 08:04 - 2019-08-27 05:15 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-09-11 08:04 - 2019-08-27 05:14 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-09-11 08:04 - 2019-08-27 05:03 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-09-11 08:04 - 2019-08-27 05:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-09-11 08:04 - 2019-08-27 05:02 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-09-11 08:04 - 2019-08-27 05:02 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-09-11 08:04 - 2019-08-27 05:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-09-11 08:04 - 2019-08-27 04:59 - 002301952 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-09-11 08:04 - 2019-08-27 04:56 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-09-11 08:04 - 2019-08-27 04:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-09-11 08:04 - 2019-08-27 04:54 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-09-11 08:04 - 2019-08-27 04:53 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-09-11 08:04 - 2019-08-27 04:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-09-11 08:04 - 2019-08-27 04:53 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-09-11 08:04 - 2019-08-27 04:53 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-09-11 08:04 - 2019-08-27 04:47 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-09-11 08:04 - 2019-08-27 04:45 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-09-11 08:04 - 2019-08-27 04:40 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-09-11 08:04 - 2019-08-27 04:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-09-11 08:04 - 2019-08-27 04:39 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-09-11 08:04 - 2019-08-27 04:38 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2019-09-11 08:04 - 2019-08-27 04:37 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-09-11 08:04 - 2019-08-27 04:36 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-09-11 08:04 - 2019-08-27 04:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-09-11 08:04 - 2019-08-27 04:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-09-11 08:04 - 2019-08-27 04:30 - 004112384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-09-11 08:04 - 2019-08-27 04:28 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-09-11 08:04 - 2019-08-27 04:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-09-11 08:04 - 2019-08-27 04:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-09-11 08:04 - 2019-08-27 04:27 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-09-11 08:04 - 2019-08-27 04:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-09-11 08:04 - 2019-08-27 04:23 - 013791744 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-09-11 08:04 - 2019-08-27 04:09 - 004387840 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-09-11 08:04 - 2019-08-27 04:06 - 001331712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-09-11 08:04 - 2019-08-27 04:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-09-11 08:04 - 2019-08-23 00:07 - 000530688 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-09-11 08:04 - 2019-08-21 03:59 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-09-11 08:04 - 2019-08-21 03:56 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-09-11 08:04 - 2019-08-21 03:56 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-09-11 08:04 - 2019-08-21 03:56 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-09-11 08:04 - 2019-08-21 01:26 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys
2019-09-11 08:04 - 2019-08-21 01:20 - 002406912 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-09-11 08:04 - 2019-08-21 01:19 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-09-11 08:04 - 2019-08-20 04:47 - 001251840 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-09-11 08:04 - 2019-08-15 09:59 - 000583680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-09-11 08:04 - 2019-08-14 19:58 - 000253880 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-09-11 08:04 - 2019-08-14 19:54 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2019-09-11 08:04 - 2019-08-14 19:53 - 000253440 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2019-09-11 08:04 - 2019-08-14 06:57 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2019-09-11 08:04 - 2019-08-14 00:17 - 000732600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-09-11 08:04 - 2019-08-14 00:17 - 000221624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-09-11 08:04 - 2019-08-14 00:17 - 000137144 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-09-11 08:04 - 2019-08-14 00:13 - 000812032 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-09-11 08:04 - 2019-08-14 00:13 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2019-09-11 08:04 - 2019-08-14 00:13 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-09-11 08:04 - 2019-08-14 00:12 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-09-11 08:04 - 2019-08-14 00:12 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2019-09-11 08:04 - 2019-08-13 04:58 - 001312256 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2019-09-11 08:04 - 2019-08-13 04:58 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2019-09-11 08:04 - 2019-08-13 04:58 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2019-09-11 08:04 - 2019-08-13 04:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2019-09-11 08:04 - 2019-08-13 04:50 - 006135808 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-09-11 08:04 - 2019-08-13 02:56 - 002703360 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-09-11 08:04 - 2019-08-13 02:56 - 001460224 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-09-11 08:04 - 2019-08-13 02:56 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-09-11 08:04 - 2019-08-13 02:56 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-09-11 08:04 - 2019-08-13 02:56 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-09-11 08:04 - 2019-08-13 02:56 - 000366080 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-09-11 08:04 - 2019-08-13 02:56 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-09-11 08:04 - 2019-08-13 02:56 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-09-11 08:02 - 2019-08-16 03:02 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-09-11 08:01 - 2019-09-11 08:01 - 000076632 _____ C:\Users\Vojta\Documents\tdss vp1.rar
2019-09-11 07:59 - 2019-09-11 07:59 - 000237472 _____ C:\Users\Vojta\Documents\tdss vp1.txt
2019-09-11 07:47 - 2019-09-11 07:57 - 000475034 _____ C:\TDSSKiller.3.1.0.28_11.09.2019_07.47.49_log.txt
2019-09-11 07:45 - 2019-09-11 07:46 - 000004684 _____ C:\TDSSKiller.3.1.0.28_11.09.2019_07.45.19_log.txt
2019-09-11 07:44 - 2019-09-11 07:44 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Vojta\Desktop\tdsskiller.exe
2019-09-09 11:04 - 2019-09-09 11:04 - 000002060 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-09 11:04 - 2019-09-09 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-09 11:04 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-09-09 11:02 - 2019-09-09 11:03 - 064333800 _____ (Malwarebytes ) C:\Users\Vojta\Downloads\mb3-setup-37469.37469-3.8.3.2965-1.0.613-1.0.11270.exe
2019-09-09 10:58 - 2019-09-20 06:32 - 001450496 _____ (Farbar) C:\Users\Vojta\Desktop\FRST.exe
2019-09-08 19:26 - 2019-09-08 19:26 - 000000000 _____ C:\Users\Vojta\Downloads\FRST.exe.q0kcpm6.partial
2019-09-08 19:09 - 2019-09-08 19:50 - 000000000 ____D C:\Users\tata
2019-09-07 14:47 - 2019-09-08 21:00 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\uTorrent Web
2019-09-07 14:45 - 2019-09-07 14:45 - 000018030 _____ C:\Users\Vojta\Downloads\[CzT]Airport_CEO_v_0_23_0_0_2017_.torrent
2019-09-07 12:45 - 2019-09-07 12:45 - 000006471 _____ C:\Users\Vojta\Downloads\[CzT]Papers_Please_v1_1_65_2013_CZ_.torrent
2019-09-07 09:18 - 2019-09-07 09:18 - 007622344 _____ (Malwarebytes) C:\Users\Vojta\Desktop\adwcleaner_7.4.1.exe
2019-09-06 17:22 - 2019-09-20 06:32 - 000000000 ____D C:\FRST
2019-09-06 17:13 - 2019-09-06 17:13 - 000000000 ___HD C:\Windows\PIF
2019-08-30 14:56 - 2019-08-30 14:56 - 000000214 _____ C:\Windows\ntbtlog.txt
2019-08-30 13:56 - 2019-08-30 13:56 - 000000000 ____D C:\Program Files\JARRUgEbUkUn
2019-08-23 16:06 - 2019-08-23 16:06 - 000467680 _____ C:\Users\Vojta\Documents\Objednávka Dmychadla a náhradní díly.mht
2019-08-22 15:31 - 2019-09-08 21:00 - 000000000 ____D C:\Program Files\WiperSoft
2019-08-22 15:30 - 2019-08-22 15:30 - 002427504 _____ (Wiper Software, UAB) C:\Users\Vojta\Downloads\WiperSoft-installer.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-20 06:32 - 2017-04-20 18:09 - 000000000 ____D C:\Users\Vojta\AppData\LocalLow\Mozilla
2019-09-19 12:01 - 2016-01-07 21:04 - 000000256 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2019-09-19 08:51 - 2009-07-14 06:34 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-09-19 08:51 - 2009-07-14 06:34 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-09-19 08:43 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-16 07:51 - 2016-01-07 18:43 - 000000000 ____D C:\Windows\system32\Macromed
2019-09-13 09:47 - 2018-08-15 22:12 - 000000000 ____D C:\Windows\rescache
2019-09-13 08:38 - 2019-08-13 08:21 - 000000008 __RSH C:\Users\Vojta\ntuser.pol
2019-09-13 08:38 - 2017-12-22 22:28 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-09-13 08:38 - 2016-01-07 15:51 - 000000000 ____D C:\Users\Vojta
2019-09-13 08:35 - 2009-07-14 04:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-09-11 23:20 - 2011-04-12 03:37 - 000671796 _____ C:\Windows\system32\perfh005.dat
2019-09-11 23:20 - 2011-04-12 03:37 - 000142392 _____ C:\Windows\system32\perfc005.dat
2019-09-11 23:20 - 2010-11-20 23:01 - 001591750 _____ C:\Windows\system32\PerfStringBackup.INI
2019-09-11 23:20 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-09-11 23:13 - 2009-07-14 06:33 - 000417792 _____ C:\Windows\system32\FNTCACHE.DAT
2019-09-11 23:10 - 2016-01-11 18:46 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-09-11 09:39 - 2016-01-07 18:43 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-09-11 09:39 - 2016-01-07 18:43 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-09-09 22:28 - 2017-09-07 15:59 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-09-09 11:04 - 2018-11-15 20:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-09 10:52 - 2016-12-07 13:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-09-08 21:00 - 2019-08-13 08:19 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\CoreTempApp
2019-09-08 21:00 - 2019-08-12 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2019-09-08 21:00 - 2019-07-16 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gazstone.com
2019-09-08 21:00 - 2018-12-23 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-09-08 21:00 - 2017-12-22 22:50 - 000000000 ____D C:\A Bootable USB
2019-09-08 21:00 - 2016-08-29 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-09-08 21:00 - 2016-02-11 21:34 - 000000000 ____D C:\AdwCleaner
2019-09-08 21:00 - 2016-01-09 19:59 - 000000000 ____D C:\Office
2019-09-08 21:00 - 2016-01-07 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-09-08 21:00 - 2016-01-07 19:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-09-08 21:00 - 2016-01-07 19:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-09-08 21:00 - 2013-03-01 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-09-08 21:00 - 2013-03-01 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2019-09-08 21:00 - 2013-03-01 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2019-09-08 21:00 - 2011-04-12 03:46 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-09-08 21:00 - 2009-07-14 06:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-09-08 21:00 - 2009-07-14 04:37 - 000000000 __RHD C:\Users\Public\Libraries
2019-09-08 21:00 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\registration
2019-09-08 20:08 - 2016-01-07 19:03 - 000000000 ____D C:\Users\Vojta\AppData\Local\Mozilla
2019-09-07 18:58 - 2016-01-25 14:18 - 000000000 _____ C:\Users\Vojta\AppData\Roaming\FileOut.cns
2019-09-07 18:58 - 2016-01-25 14:18 - 000000000 _____ C:\Users\Vojta\AppData\Roaming\FileIn.cns
2019-09-06 09:37 - 2017-04-18 09:31 - 000000000 ____D C:\Users\Vojta\Documents\Poznámkové bloky aplikace OneNote
2019-09-06 09:36 - 2016-12-31 19:43 - 000000000 ____D C:\Users\Vojta\.android
2019-09-06 09:36 - 2016-08-29 20:18 - 000000000 ____D C:\Users\Vojta\.oracle_jre_usage
2019-08-30 14:57 - 2016-12-15 12:50 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-08-22 11:29 - 2019-08-13 08:19 - 000000000 ____D C:\Users\Vojta\AppData\Local\Mail.Ru
2019-08-22 11:29 - 2019-08-13 08:15 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\uTorrent
2019-08-22 11:24 - 2016-01-07 15:51 - 000001082 _____ C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
==================== Files in the root of some directories ================
2016-01-25 14:18 - 2019-09-07 18:58 - 000000000 _____ () C:\Users\Vojta\AppData\Roaming\FileIn.cns
2016-01-25 14:18 - 2019-09-07 18:58 - 000000000 _____ () C:\Users\Vojta\AppData\Roaming\FileOut.cns
2016-02-14 12:53 - 2016-02-14 19:55 - 000038214 _____ () C:\Users\Vojta\AppData\Roaming\Hodnoty oddělené čárkami (DOS).ADR
2016-01-15 11:33 - 2016-11-12 18:06 - 000036995 _____ () C:\Users\Vojta\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
2016-01-15 11:39 - 2016-01-24 17:19 - 000021173 _____ () C:\Users\Vojta\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML
2018-07-13 12:09 - 2018-07-13 12:09 - 000003584 _____ () C:\Users\Vojta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-21 19:11 - 2019-01-26 14:45 - 000007633 _____ () C:\Users\Vojta\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-09-10 13:23
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-09-2019 01
Ran by Vojta (20-09-2019 06:34:41)
Running from C:\Users\Vojta\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2016-01-07 13:51:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2091321983-474696320-977629267-500 - Administrator - Disabled)
Guest (S-1-5-21-2091321983-474696320-977629267-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2091321983-474696320-977629267-1006 - Limited - Enabled)
Vojta (S-1-5-21-2091321983-474696320-977629267-1001 - Administrator - Enabled) => C:\Users\Vojta
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_BASICR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0405-0000-0000000FF1CE}_BASICR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_BASICR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_BASICR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_BASICR_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_BASICR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_BASICR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_BASICR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20036 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.255 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_BASICR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_BASICR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ATI Catalyst Install Manager (HKLM\...\{F8B54C40-8BF5-DB84-81C8-CAE26896DB1C}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP Deskjet 3050A J611 series Nápověda (HKLM\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Support Assistant (HKLM\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{79CA8D8A-8371-4146-8920-C1405318E65E}) (Version: 12.10.49.21 - Hewlett-Packard Company)
HPDiagnosticAlert (HKLM\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Image Plugin (HKLM\...\{FDC8065B-80DE-4466-B90B-2581F6D77DFF}) (Version: 3.05.0001 - Snap-on Business Solutions)
Integration Assistant 3 (HKLM\...\{3715EF4B-E9E6-462F-858A-F2E8F1C77170}) (Version: 3.07.0000 - Snap-on Business Solutions, Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java(TM) 6 Update 16 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216016FF}) (Version: 6.0.160 - Sun Microsystems, Inc.)
Junk Mail filter update (HKLM\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
LaunchEpc (HKLM\...\{9D8650A4-F0F6-48CD-8332-9A03397FDFE5}) (Version: 1.05.0000 - Snap-on Business Solutions, Inc.)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Basic 2007 (HKLM\...\BASICR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Train Simulator (HKLM\...\Train Simulator 1.0) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Cleaner (HKLM\...\{A1DC4723-0BB7-4E49-9786-B4E6326B3FF1}) (Version: 2.02.0000 - gazstone.com)
Mozilla Firefox 60.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 60.9.0 ESR (x86 cs)) (Version: 60.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.9.0.7183 - Mozilla)
MSTS Patch 1.7.00819 (HKLM\...\{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}) (Version: 1.7.081920 - George)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Roblox Player (HKLM\...\roblox-player) (Version: - Roblox Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1230 - SUPERAntiSpyware.com)
Train Store (Czech Language Pack) (HKLM\...\Train Store (Czech Language Pack)) (Version: - )
Train Store V3.2 (HKLM\...\Train Store V3.2) (Version: - )
Trať Bratislava-Brno-Praha pro MSTS verze BP86.02-T9-12.4.2011 (HKLM\...\Trať Bratislava-Brno-Praha pro MSTS_is1) (Version: - Zbyněk Šemora)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WiperSoft 1.2.1147.32 (HKLM\...\{AB1C8C91-4D8E-4C28-80E7-FD135FB90515}}_is1) (Version: 1.2.1147.32 - WiperSoft)
Základní software zařízení HP Deskjet 3050A J611 series (HKLM\...\{0188AB09-99C9-4396-B565-7EEE0DE76488}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2018-11-28 19:57 - 2018-11-28 19:57 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-09-13 08:36 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-2091321983-474696320-977629267-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Deskjet 3050A J611 series (NET) => "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1CK431V005PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NetSoftware => "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{729301BF-3776-475E-91C3-A2FE297DD0CB}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CE861F3A-70B2-4D26-A232-671316178975}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E907DA2-BD83-4945-9C30-8813D0A12EF2}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E3C8E682-A023-477A-9D2E-1C0208FFBCC1}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9246F05-833C-46E9-8F87-EFE6812BCA40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E96B0D08-33BA-4FBA-AB5E-21286CFF598D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F5A86084-A933-45BF-B5A3-56B2BC7238DF}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F730AED4-8BD1-488C-990C-2525A29F4F39}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{AE161FF4-D142-4266-BBB1-F8C582DF55D4}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6237B069-5D72-49E7-AF1E-0906038ABB7E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BC3A48F9-E569-43E2-AB00-D11F1FDD149F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
==================== Restore Points =========================
13-09-2019 08:34:13 Restore Point Created by FRST
16-09-2019 07:48:17 Windows Update
19-09-2019 08:18:32 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/19/2019 12:01:04 PM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
Error: (09/19/2019 12:00:30 PM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
Error: (09/19/2019 12:00:24 PM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
Error: (09/19/2019 12:00:04 PM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
Error: (09/19/2019 11:59:39 AM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
Error: (09/19/2019 11:57:44 AM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
Error: (09/19/2019 11:57:22 AM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
Error: (09/19/2019 11:56:23 AM) (Source: LMS) (EventID: 2) (User: NT AUTHORITY)
Description: LMS Service lost connection to HECI driver
System errors:
=============
Error: (09/19/2019 08:44:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (09/19/2019 08:43:27 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.
Error: (09/19/2019 08:22:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace bezpečnostních informací pro produkt Microsoft Security Essentials - KB2310138 (verze 1.301.1684.0).
Error: (09/19/2019 08:19:16 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Fáze aktualizace: Instalovat
Zdrojová cesta:
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby: Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.
Error: (09/19/2019 08:18:37 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.301.1608.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Stahovat
Zdrojová cesta:
http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (09/19/2019 08:18:37 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.301.1608.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Instalovat
Zdrojová cesta:
http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (09/19/2019 08:18:37 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.301.1608.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Instalovat
Zdrojová cesta:
http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (09/18/2019 06:58:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
==================== Memory info ===========================
BIOS: LENOVO 2RKT37AUS 01/25/2008
Motherboard: LENOVO LENOVO
Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
Percentage of memory in use: 53%
Total physical RAM: 3045.3 MB
Available physical RAM: 1410.46 MB
Total Virtual: 3043.67 MB
Available Virtual: 1405.43 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:83.1 GB) (Free:49.6 GB) NTFS
Drive e: (Data) (Fixed) (Total:60.61 GB) (Free:41.53 GB) NTFS
\\?\Volume{b5570759-b543-11e5-9b67-806e6f6e6963}\ (System) (Fixed) (Total:5.33 GB) (Free:0.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 62541143)
Partition 1: (Active) - (Size=5.3 GB) - (Type=27)
Partition 2: (Not Active) - (Size=83.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=60.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Skus v KVRT kliknut vpravo hore na Report, vlavo vybrat cas skenu a vpravo rozbalit polozku Scan. Ak tam bude cesta k danemu suboru a nazov detekcie (v stlpci Information), urob screenshot.