Nelze načíst stránku FB a i jiné

Zpráva

L.a.c.i · #1 Příspěvek od **L.a.c.i** » 19 čer 2019 08:36

Ahoj,

vždy když spustím FB tak mi prohlížeč zamrzne a nejde mi načíst jedná se i o další stránky např. Aukro, kde se mi nezobrazují určité věci. Jedná se o všechny prohlížeče.
Nedávno jsem něco stáhl a do PC mi skočil nejspíš nějaký Malware (Mail.Ru).
Můžete prosím poradit děkuji.

Viz. log níže. (Addition)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by obchodb (19-06-2019 10:01:48)
Running from C:\Users\obchodb\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-02-03 12:58:57)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1528981461-131533015-88995806-500 - Administrator - Enabled)
Guest (S-1-5-21-1528981461-131533015-88995806-501 - Limited - Disabled)
Install (S-1-5-21-1528981461-131533015-88995806-1000 - Administrator - Disabled) => C:\Users\Install
obchodb (S-1-5-21-1528981461-131533015-88995806-1001 - Administrator - Enabled) => C:\Users\obchodb

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{BC741628-0AFC-405C-8946-DD46D1005A0A}) (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Autodesk CMMDriverForPPro 2017 (HKLM\...\Autodesk CMMDriverForPPro17100) (Version: 17.1.00 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Manufacturing Automation Utility 2017 FCS Licence (HKLM\...\{FE3DF541-7434-4839-8912-61D8C8C09F76}) (Version: 0.0.2 - Autodesk)
Autodesk Manufacturing Data Exchange Utility 2017 (HKLM\...\Autodesk Manufacturing Data Exchange Utility 8.6.10) (Version: 8.6.10 - Autodesk)
Autodesk Manufacturing Data Exchange Utility Premium 2017 FCS Licence (HKLM\...\{B2DAAFB6-BC75-47BB-BAA8-CAFC3BACAD01}) (Version: 0.0.2 - Autodesk)
Autodesk PowerShape 2017 (HKLM\...\Autodesk PowerShape17136) (Version: 17.1.36 - Autodesk)
Autodesk PowerShape Ultimate 2017 FCS Licence (HKLM\...\{C96A85C0-EB64-4788-826F-AE453D475A38}) (Version: 0.0.2 - Autodesk)
Autodesk PowerShapeTutorials 2017 (64-bit) (HKLM\...\Autodesk PowerShapeTutorials17100) (Version: 17.1.00 - Autodesk)
Autodesk PS-Catalogs 2017 (HKLM\...\Autodesk PS-Catalogs17136) (Version: 17.1.36 - Autodesk)
Autodesk PSDoc 2017 (HKLM\...\Autodesk PSDoc17100) (Version: 17.1.00 - Autodesk)
Autodesk TrodeExtension 2017 (HKLM\...\Autodesk TrodeExtension17100) (Version: 17.1.00 - Autodesk)
BMDExcelAddIn (HKLM-x32\...\{A19BA299-0E8D-4A8E-8113-CBB39573EEC9}) (Version: 3.3.7 - BMD Systemhaus GmbH)
BMDNTCS (HKLM-x32\...\BMDNTCS) (Version: 2015.18.02.03 - BMD Systemhaus GmbH)
BMDOutlookAddIn (HKLM-x32\...\{BF154B60-05C6-4C3D-933C-44B31FF4D756}) (Version: 3.3.7 - BMD Systemhaus GmbH)
BMDPowerPointAddIn (HKLM-x32\...\{EC6C1F25-1FF4-4EA6-B9C5-60503322FE4B}) (Version: 3.3.7 - BMD Systemhaus GmbH)
BMDWordAddIn (HKLM-x32\...\{471B7546-771A-4EBB-A5F9-C3AF6C3789EB}) (Version: 3.3.7 - BMD Systemhaus GmbH)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Delcam Exchange 2016 R3 (64-bit) (HKLM\...\Delcam Exchange 8.4.10) (Version: 8.4.10 - Delcam)
Delcam PowerSHAPE-e 2016 (64-bit) (HKLM\...\Delcam PowerSHAPE-e16130) (Version: 16.1.30 - Delcam)
Delcam PS-Tutorials 2011 R2 (CR 11220) (HKLM-x32\...\{A7CE1581-DA83-4AC5-AA1D-F484F6E70097}) (Version: 11.2.20 - Delcam)
Delcam PS-Tutorials 2011 R3 (64-bit) (HKLM-x32\...\Delcam PS-Tutorials11300) (Version: 11.3.00 - Delcam)
Delcam TrodeExtension 2014 R2 (64-bit) (HKLM\...\Delcam TrodeExtension14200) (Version: 14.2.00 - Delcam)
Dofus (HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\2744A393-554C-4E35-A24F-DEF0392B4484-2) (Version: - Ankama)
eDrawings 2017 x64 (HKLM\...\{F36E59AF-DC22-43D9-A469-93A6267D6BAA}) (Version: 17.0.5048 - Společnost Dassault Systemes SolidWorks Corp)
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Google Chrome (HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet 200 color M251 (HKLM-x32\...\{6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD}) (Version: 5.0.12200.1036 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM251DSService (HKLM-x32\...\{413E98C3-2CA1-4D04-AFC2-8D8D873A3178}) (Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (HKLM-x32\...\{6BA4598F-9ECC-453D-B6F7-ABAEEFA35561}) (Version: 3.0.26.12 - HP) Hidden
HPLaserJet200color-M251_HelpLearnCenter_SI (HKLM-x32\...\{DDEBEA89-2B5A-4E5B-8702-369882BB3F52}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM-x32\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 020.021.004 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{0C779D9C-FD0F-4A53-86BE-3D53E58B2900}) (Version: 004.005.0001 - HP) Hidden
HPLJUTM251 (HKLM-x32\...\{663A3950-CA55-4541-8B46-646BD548641D}) (Version: 3.00.0003 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{180D6813-95E0-415C-B58A-5B9493DE2DDA}) (Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM251LaserJetService (HKLM-x32\...\{09C0DA15-AB94-43BC-9B02-57DF3FEB469F}) (Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{46A99EAE-98DA-4BE5-94C3-D41BA4C266DA}) (Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM251 (HKLM-x32\...\{A1EF28FB-74A8-4157-91E9-9C164CAB10F8}) (Version: 050.034.00131 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
LJDXPHelperUI (HKLM-x32\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 020.021.004 - HP) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2013 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 15.0.5137.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5137.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5137.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.5137.1000 - Microsoft Corporation) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
Screen Grab Pro (HKLM-x32\...\{581125F9-D1C6-4797-93BB-47A992D69AA8}) (Version: - )
Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
SQLXML4 (HKLM\...\{7C903D14-7EF4-4B71-BF78-2BCAFC499EB1}) (Version: 9.00.1399.06 - Microsoft Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
VariCAD 2015-1.03 CZ (HKLM\...\VariCAD_20141014_CZ) (Version: - )
VariCADViewercz (HKLM-x32\...\{A57A3C28-2389-4B5E-BFD7-0F9F7B1093A4}) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.1.0 - Azureus Software, Inc.)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{13CE5476-8CB1-486E-828F-AEC327D972C7}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDWordAddIn\BMDArchivWord2010.DLL (BMD Systemhaus Gmbh -> )
CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{5C4A741A-FFAC-4FCC-AF19-79046F1717FC}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDOutlookAddIn\BMDArchivOutlook2010.DLL (BMD Systemhaus Gmbh -> )
CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{610994E2-22F6-43C7-AD8F-DFF817978BF3}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDExcelAddIn\BMDArchivExcel2010.DLL (BMD Systemhaus Gmbh -> )
CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{7B6E085C-5620-44CD-A5A9-2ED6615B1883}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDPowerPointAddIn\BMDArchivPowerPoint2010.DLL (BMD Systemhaus Gmbh -> )
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2017-01-18 10:25 - 2014-09-03 02:29 - 000134144 _____ () [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2017-01-18 10:25 - 2014-09-03 02:29 - 000912384 _____ () [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2013-05-07 11:51 - 2013-05-07 11:51 - 000299520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2013-10-09 01:48 - 2013-10-09 01:48 - 000299520 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2015-02-04 14:12 - 2013-03-08 00:07 - 000067584 _____ (CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 000041472 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 000073728 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 001218560 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2011-04-13 17:08 - 2011-04-13 17:08 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2011-04-13 17:08 - 2011-04-13 17:08 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 000164864 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
2012-05-02 22:02 - 2012-05-02 22:02 - 000034816 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2018-04-30 17:00 - 2018-04-30 17:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2015-02-02 15:02 - 2013-04-26 04:24 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2013-02-13 13:46 - 2013-02-13 13:46 - 000731648 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2015-02-04 13:07 - 2013-04-22 11:27 - 000016896 _____ (KONICA MINOLTA, INC.) [File not signed] C:\Windows\System32\KOAYTJ_L.DLL
2015-02-04 14:12 - 2013-03-08 00:07 - 000009728 _____ (Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\CobStringList.dll
2015-02-04 14:12 - 2013-03-08 00:27 - 002684928 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbEngine.dll
2015-02-04 14:12 - 2013-03-08 00:27 - 004407808 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
2015-02-04 14:12 - 2013-03-08 00:26 - 000720896 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2015-04-02 10:54 - 2015-04-02 10:54 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2015-02-04 13:08 - 2013-05-21 09:21 - 000083968 _____ (Monotype Imaging Inc.) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\KOAYTJ_P.dll
2017-01-18 10:25 - 2014-09-03 02:29 - 009994752 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\icudt.dll
2015-04-02 10:53 - 2015-10-13 14:36 - 001359360 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\BMDNTCS\BMDNTCSClients\SLECHTA-SERVER\libeay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\
HKU\S-1-5-21-1528981461-131533015-88995806-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\obchodb\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.130.104.222 - 95.216.188.196
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3B53123F-DCC6-4D5B-BBD2-D8E9C019ED7C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies SA -> Skype Technologies S.A.)
FirewallRules: [{68EFA81B-CBD7-4C57-BFC3-BB043703E551}] => (Allow) C:\Users\Install\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{180A51A6-C67D-4029-B066-68DB3C41AD32}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{022232B2-E6D8-4734-927D-887E92F0B448}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet 200 color M251\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4B41D667-C245-416B-B363-F6836EE96796}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet 200 color M251\bin\EWSProxy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{29EF9DF5-6716-4F75-9F4B-2436557D5ED6}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos) [File not signed]
FirewallRules: [UDP Query User{D1B13BAE-3984-4E8B-9142-56BA4CE00E11}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos) [File not signed]
FirewallRules: [{F33CDFB2-DE15-4573-A5EB-1572F97E16B6}] => (Allow) C:\Program Files (x86)\PicosmosTools\PFInstOnline.exe No File
FirewallRules: [{27662337-313F-4AA0-977F-DB7BA19698FC}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{ED4B9178-E0D4-4615-8D9E-75DF3CF64C85}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{B40F3915-9D8E-4C88-B41D-8EFE28D50F4E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{9A8ECB3F-AEE1-4271-9EBE-33488F540664}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{105B8B19-E32F-4D5A-A4CC-1BE3829835DA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{17747178-04FE-4103-A2FE-5A1BA8EE629A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{D416A6EB-7472-4860-A058-5D4FE6A51C48}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{D283787A-05B5-4DDA-8DA2-7228B0E306C3}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)

==================== Restore Points =========================

07-06-2019 06:21:24 Windows Update
10-06-2019 06:35:35 Windows Update
12-06-2019 15:17:25 Windows Update
17-06-2019 06:19:08 Windows Update

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/19/2019 08:55:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:55:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:49:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:41:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:33:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 06:24:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/18/2019 10:30:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bmdntcs.exe, verze: 2018.21.17.28, časové razítko: 0x5b61a1ac
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x3683fd26
ID chybujícího procesu: 0x1a24
Čas spuštění chybující aplikace: 0x01d5258dd56cf2e3
Cesta k chybující aplikaci: C:\ProgramData\BMDNTCS\BMDNTCSClients\SLECHTA-SERVER\bmdntcs.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4b48eaee-91a3-11e9-b637-d8cb8a1c1bff

Error: (06/18/2019 06:09:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

System errors:
=============
Error: (06/19/2019 08:43:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BBUpdate byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/19/2019 08:43:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/19/2019 08:43:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Desktop App Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/19/2019 07:52:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (06/19/2019 07:52:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/19/2019 07:52:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (06/19/2019 07:52:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (06/19/2019 07:52:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP LaserJet Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
===================================
Date: 2016-10-13 03:23:25.057
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{B0CEE649-617E-46CD-A83F-404B4B9CD88E}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-08-12 03:03:37.885
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208273
Název:SoftwareBundler:Win32/InstalleRex
ID:208273
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\obchodb\Downloads\sygic map 6.67.exe;interface:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};interface:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\Wow6432Node\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0;regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\Wow6432Node\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};typelib:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040};typelibversion:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-08-12 03:03:32.533
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208273
Název:SoftwareBundler:Win32/InstalleRex
ID:208273
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\obchodb\Downloads\sygic map 6.67.exe;interface:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0;typelib:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040};typelibversion:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2018-07-04 07:00:20.697
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-04 07:00:20.584
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V2.8 07/17/2014
Motherboard: MSI B85-G41 PC Mate(MS-7850)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 71%
Total physical RAM: 8120 MB
Available physical RAM: 2312.35 MB
Total Virtual: 16238.14 MB
Available Virtual: 10054.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.32 GB) (Free:815.86 GB) NTFS
Drive o: (DATA) (Network) (Total:477.58 GB) (Free:123.17 GB) NTFS

\\?\Volume{45ade242-aba3-11e4-9ef8-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6CB2DE53)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#2 Příspěvek od **JaRon** » 19 čer 2019 09:06

ahoj,
na zaciatok pouzi navod https://forum.viry.cz/viewtopic.php?f=1 ... e#p1521242
oba kroky
a napis, ci pomohlo, alebo pokracujeme ?

L.a.c.i · #3 Příspěvek od **L.a.c.i** » 19 čer 2019 09:35

Zoek-results

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by obchodb on st 19.06.2019 at 10:12:00,01.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\obchodb\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

19.6.2019 10:13:48 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Mail.Ru deleted successfully
C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\PROGRA~3\FlashSys deleted successfully
C:\Users\obchodb\AppData\Roaming\PowerSHAPE deleted successfully
C:\Users\Install\AppData\Local\VirtualStore deleted successfully
C:\Users\obchodb\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\obchodb\AppData\Local\EmieSiteList deleted successfully
C:\Users\obchodb\AppData\Local\EmieUserList deleted successfully
C:\Users\obchodb\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1528981461-131533015-88995806-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8E8F97CD-60B5-456F-A201-73065652D099} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Install\AppData\Roaming\Mozilla\Firefox\Profiles\s1ce4pj5.default\prefs.js:

Added to C:\Users\Install\AppData\Roaming\Mozilla\Firefox\Profiles\s1ce4pj5.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\obchodb\AppData\Roaming\Mozilla\Firefox\Profiles\1si36765.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\obchodb\AppData\Roaming\Mozilla\Firefox\Profiles\1si36765.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mail.Ru not found
C:\PROGRA~3\{7c364af1-3b50-d31a-7c36-64af13b52bc4} deleted
C:\Users\obchodb\AppData\Roaming\varicad-work.ini deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\obchodb\Documents\Add-in Express deleted
"C:\Users\obchodb\AppData\Roaming\D2Info0" deleted
"C:\Users\obchodb\AppData\Roaming\DofusAppId0_1" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Install\AppData\Roaming\Mozilla\Firefox\Profiles\s1ce4pj5.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\obchodb\AppData\Roaming\Mozilla\Firefox\Profiles\1si36765.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\obchodb\AppData\Roaming\Mozilla\Firefox\Profiles\1si36765.default
- C:\Program Files x86\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - [?]
- C:\Program Files x86\VideoLAN\VLC\npvlc.dll - [?]
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
- C:\Program Files x86\Intel\IntelR Management Engine Components\IPT\npIntelWebAPIIPT.dll - [?]
- C:\Program Files x86\Intel\IntelR Management Engine Components\IPT\npIntelWebAPIUpdater.dll - [?]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
beliehdniadoecbonbhlcgbdldccfigp - No path found[]
iepoegkaoeljnbhagabakjodgpfniimo - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bgjpfhpjcgdppjbgnpnjllokbmcdllig - No path found[]
olfeabkoenfaoljndfecamgilllcpiak - No path found[]

Seznam doplněk - Email - obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam doplněk - Esko - obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{FFEBBF0A-C22C-4172-89FF-45215A135AC7}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{15595EA5-7C28-4998-995A-614BAC6CCA27} - http://slovnik.seznam.cz/?q={searchTerm ... arch_37180
HKCU\SearchScopes\{273F0966-9648-46CD-A677-5D86A60858FE} - http://slovnik.seznam.cz/?q={searchTerm ... arch_37180
HKCU\SearchScopes\{30A396BB-86B4-4156-B918-E3538DDBD1B2} - http://encyklopedie.seznam.cz/search?q= ... arch_37180
HKCU\SearchScopes\{48A208FF-AE74-4BCA-9A99-0AED2D0C3EB7} - http://search.seznam.cz/?q={searchTerms ... arch_37180
HKCU\SearchScopes\{B0B06A35-DFFA-44E3-86EA-4286B0FCF749} - http://www.mapy.cz/?query={searchTerms} ... arch_37180
HKCU\SearchScopes\{B92C75B7-55A1-4FE8-9DF8-E4D561994550} - http://www.zbozi.cz/?q={searchTerms}&r= ... arch_37180
HKCU\SearchScopes\{BF65A74C-CCF1-4F17-92CE-64CC725EADBC} - http://www.novinky.cz/hledej?w={searchT ... arch_37180
HKCU\SearchScopes\{C8EF8986-0314-4875-993C-212738276B08} - http://www.firmy.cz/?q={searchTerms}&so ... arch_37180
HKCU\SearchScopes\{CFE1C2A1-0040-4348-94FE-198147EB67BF} - http://tv.seznam.cz/hledej?w={searchTer ... arch_37180

==== Reset Google Chrome ======================

C:\Users\Install\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Install\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Install\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Install\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0F45DF9-0FF7-4C45-A119-1EBA27E6DD50} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\9FD54F0A7FF054C41A91E1AB726EDD05 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Install\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Install\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\obchodb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\obchodb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Install\AppData\Local\Mozilla\Firefox\Profiles\s1ce4pj5.default\cache2 emptied successfully
C:\Users\obchodb\AppData\Local\Mozilla\Firefox\Profiles\1si36765.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Install\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=37 folders=34 29104371 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Install\AppData\Local\Temp emptied successfully
C:\Users\obchodb\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\obchodb\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 19.06.2019 at 10:33:29,58 ======================

L.a.c.i · #4 Příspěvek od **L.a.c.i** » 19 čer 2019 09:43

a zde ještě JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64
Ran by obchodb (Administrator) on st 19.06.2019 at 10:39:30,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 3

Successfully deleted: C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)
Successfully deleted: C:\Users\obchodb\AppData\Roaming\Mozilla\Firefox\Profiles\1si36765.default\user.js (File)

Registry: 3

Successfully deleted: HKCU\Software\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Registry Key)
Successfully deleted: HKCU\Software\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{48A208FF-AE74-4BCA-9A99-0AED2D0C3EB7} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 19.06.2019 at 10:41:22,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Stále nefunguje opět tam naskočí když zapnu chrome hned ty ruský s***čky do rozšíření a nejdou odstranit.

#5 Příspěvek od **JaRon** » 19 čer 2019 10:11

OK,
pokracujeme - vycisti PC s ADWCleanerom - log sem

L.a.c.i · #6 Příspěvek od **L.a.c.i** » 19 čer 2019 10:35

L.a.c.i · #7 Příspěvek od **L.a.c.i** » 19 čer 2019 10:38

Ano to už jsem zkoušel ADWčko normálně detekuje. Dám vyčistit a restart PC, ale při zapnutí prohlížeče okamžitě naskočí znovu do rozšíření a je zase aktivní. Viz. příloha.

#8 Příspěvek od **JaRon** » 19 čer 2019 11:58

vloz oba logy FRST - pozriem

L.a.c.i · #9 Příspěvek od **L.a.c.i** » 19 čer 2019 14:08

Jasný máš je tady

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2019
Ran by obchodb (administrator) on OBCHODB-PC (MSI MS-7850) (19-06-2019 15:05:05)
Running from C:\Users\obchodb\Downloads
Loaded Profiles: obchodb (Available Profiles: Install & obchodb)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(BMD Systemhaus Gmbh -> BMD Systemhaus GmbH) C:\ProgramData\BMDNTCS\BMDNTCSClients\SLECHTA-SERVER\BMDNTCS.exe
(CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [177928 2019-04-17] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2013-03-08] (Luis Cobian, CobianSoft) [File not signed]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BMDNetClient_SLECHTA-SERVER] => C:\ProgramData\BMDNTCS\BMDNTCSClients\SLECHTA-SERVER\BMDNetClient.exe [81787080 2018-08-02] (BMD Systemhaus Gmbh -> BMD Systemhaus GmbH)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\MountPoints2: {6f4d9049-97ef-11e5-a4bc-d8cb8a1c1bff} - K:\setup.exe
HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\MountPoints2: {78a9ee72-dc77-11e6-8508-d8cb8a1c1bff} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\MountPoints2: {995317f4-003e-11e5-ab2a-d8cb8a1c1bff} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\MountPoints2: {a174584d-454f-11e9-82f7-d8cb8a1c1bff} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\MountPoints2: {cd8bf89a-1f3a-11e7-b756-d8cb8a1c1bff} - K:\HiSuiteDownLoader.exe
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [102400 2005-06-15] (TechSmith Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03018164-88CB-448A-A94A-AAD72812DA49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {0A4063A5-3838-4FB4-B5B0-4618B8F0F917} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-12] (Adobe Inc. -> Adobe)
Task: {9DCC05F7-E064-4BE5-8FDC-104C9DFC729B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-12] (Adobe Inc. -> Adobe)
Task: {9F02C457-7F8E-42D7-A7E7-42A701AECDDF} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [42912 2012-06-15] (Hewlett-Packard Company -> Hewlett Packard)
Task: {A344B465-874D-4BE0-8360-D328B02A5C48} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {D360E9DB-380B-4AE3-882F-B0B467555EDE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7C10B8E-16FA-46AB-9014-ED1E6B332B81} - System32\Tasks\zaloha => C:\bat\zalohy\zalohuj.bat [1449 2019-01-21] () [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 172.16.0.5 172.16.10.1
Tcpip\..\Interfaces\{023737A3-11FD-46B7-847A-13C32A569830}: [NameServer] 185.130.104.222,95.216.188.196,116.203.6.218,185.4.64.13
Tcpip\..\Interfaces\{023737A3-11FD-46B7-847A-13C32A569830}: [DhcpNameServer] 192.168.0.1 172.16.0.5 172.16.10.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {15595EA5-7C28-4998-995A-614BAC6CCA27} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {273F0966-9648-46CD-A677-5D86A60858FE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {30A396BB-86B4-4156-B918-E3538DDBD1B2} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {B0B06A35-DFFA-44E3-86EA-4286B0FCF749} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {B92C75B7-55A1-4FE8-9DF8-E4D561994550} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {BF65A74C-CCF1-4F17-92CE-64CC725EADBC} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {C8EF8986-0314-4875-993C-212738276B08} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {CFE1C2A1-0040-4348-94FE-198147EB67BF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies SA -> Skype Technologies)

FireFox:
========
FF DefaultProfile: 1si36765.default
FF ProfilePath: C:\Users\obchodb\AppData\Roaming\Mozilla\Firefox\Profiles\1si36765.default [2019-06-19]
FF Homepage: Mozilla\Firefox\Profiles\1si36765.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\1si36765.default -> about:newtab
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=chxtnhp15.1.4.3&q={searchTerms}&fr=chxtnhp15.1.4.3
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default [2019-06-19]
CHR Extension: (Prezentace) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-19]
CHR Extension: (Dokumenty) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-19]
CHR Extension: (Disk Google) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-19]
CHR Extension: (YouTube) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-19]
CHR Extension: (Tabulky) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-19]
CHR Extension: (Gmail) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-19]
CHR Extension: (Chrome Media Router) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-19]
CHR HKLM-x32\...\Chrome\Extension: [beliehdniadoecbonbhlcgbdldccfigp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.43K5GLIGZUB7F5BBDCAFQJ4ZRE - C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk, Inc -> Autodesk Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-08] (CobianSoft, Luis Cobian) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2359312 2019-04-17] (ESET, spol. s r.o. -> ESET)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [15376384 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [638976 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2013-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [15376384 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [145600 2019-03-19] (ESET, spol. s r.o. -> ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188240 2019-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [110000 2019-03-19] (ESET, spol. s r.o. -> ESET)
R1 ibinldr; C:\Windows\System32\drivers\ibinldr.sys [129120 2019-05-23] (ANAX CORP LIMITED -> ) [File not signed]
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [46016 2012-07-24] (Intel(R) Smart Connect software -> )
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-19 10:38 - 2019-06-19 10:39 - 001663040 _____ (Malwarebytes) C:\Users\obchodb\Downloads\JRT.exe
2019-06-19 10:29 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2019-06-19 10:11 - 2019-06-19 10:26 - 000000000 ____D C:\zoek_backup
2019-06-19 10:11 - 2019-06-19 10:11 - 002038755 _____ C:\Users\obchodb\Downloads\zoek.exe
2019-06-19 10:01 - 2019-06-19 10:06 - 000037159 _____ C:\Users\obchodb\Downloads\Addition.txt
2019-06-19 09:57 - 2019-06-19 15:05 - 000020637 _____ C:\Users\obchodb\Downloads\FRST.txt
2019-06-19 09:55 - 2019-06-19 15:05 - 000000000 ____D C:\FRST
2019-06-19 09:55 - 2019-06-19 09:55 - 002418688 _____ (Farbar) C:\Users\obchodb\Downloads\FRST64.exe
2019-06-19 07:58 - 2019-06-19 07:59 - 002427504 _____ (Wiper Software, UAB) C:\Users\obchodb\Downloads\WiperSoft-installer.exe
2019-06-19 07:55 - 2019-06-19 07:55 - 000002369 _____ C:\Users\obchodb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 07:55 - 2019-06-19 07:55 - 000002332 _____ C:\Users\obchodb\Desktop\Google Chrome.lnk
2019-06-19 07:27 - 2019-06-19 07:29 - 000000000 ____D C:\AdwCleaner
2019-06-19 07:27 - 2019-06-19 07:27 - 007025360 _____ (Malwarebytes) C:\Users\obchodb\Downloads\AdwCleaner.exe
2019-06-19 06:56 - 2019-06-19 07:09 - 053876992 _____ (Google Inc.) C:\Users\obchodb\Downloads\72.0.3626.81_chrome_installer.exe
2019-06-14 12:25 - 2019-06-14 12:25 - 048295712 _____ C:\Users\obchodb\Downloads\7015U100.zip
2019-06-12 10:22 - 2019-06-12 10:22 - 000000000 ____D C:\Users\obchodb\Desktop\Nová složka (3)
2019-06-12 06:59 - 2019-06-04 01:11 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-12 06:59 - 2019-06-04 01:11 - 000474112 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-12 06:59 - 2019-06-04 01:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-12 06:59 - 2019-05-27 09:19 - 000396896 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-12 06:59 - 2019-05-27 08:29 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-12 06:59 - 2019-05-25 03:42 - 025733632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-12 06:59 - 2019-05-25 03:33 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-06-12 06:59 - 2019-05-25 03:33 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-06-12 06:59 - 2019-05-25 03:22 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-12 06:59 - 2019-05-25 03:21 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-06-12 06:59 - 2019-05-25 03:20 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-12 06:59 - 2019-05-25 03:20 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-06-12 06:59 - 2019-05-25 03:20 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-06-12 06:59 - 2019-05-25 03:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-06-12 06:59 - 2019-05-25 03:14 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-06-12 06:59 - 2019-05-25 03:13 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-06-12 06:59 - 2019-05-25 03:11 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-06-12 06:59 - 2019-05-25 03:10 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-06-12 06:59 - 2019-05-25 03:10 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-06-12 06:59 - 2019-05-25 03:10 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-06-12 06:59 - 2019-05-25 03:10 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-06-12 06:59 - 2019-05-25 03:09 - 005776384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-12 06:59 - 2019-05-25 03:07 - 020275712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-12 06:59 - 2019-05-25 03:04 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-06-12 06:59 - 2019-05-25 03:02 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-06-12 06:59 - 2019-05-25 02:56 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-06-12 06:59 - 2019-05-25 02:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-06-12 06:59 - 2019-05-25 02:55 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-06-12 06:59 - 2019-05-25 02:55 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-06-12 06:59 - 2019-05-25 02:52 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-06-12 06:59 - 2019-05-25 02:52 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-06-12 06:59 - 2019-05-25 02:50 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-06-12 06:59 - 2019-05-25 02:48 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-06-12 06:59 - 2019-05-25 02:45 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-12 06:59 - 2019-05-25 02:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-06-12 06:59 - 2019-05-25 02:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-06-12 06:59 - 2019-05-25 02:44 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-06-12 06:59 - 2019-05-25 02:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-06-12 06:59 - 2019-05-25 02:42 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-12 06:59 - 2019-05-25 02:40 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-06-12 06:59 - 2019-05-25 02:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-06-12 06:59 - 2019-05-25 02:39 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-06-12 06:59 - 2019-05-25 02:38 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-12 06:59 - 2019-05-25 02:38 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-12 06:59 - 2019-05-25 02:38 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-06-12 06:59 - 2019-05-25 02:37 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-06-12 06:59 - 2019-05-25 02:37 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-06-12 06:59 - 2019-05-25 02:36 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-12 06:59 - 2019-05-25 02:36 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-06-12 06:59 - 2019-05-25 02:36 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-06-12 06:59 - 2019-05-25 02:34 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-12 06:59 - 2019-05-25 02:30 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-12 06:59 - 2019-05-25 02:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-06-12 06:59 - 2019-05-25 02:27 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-06-12 06:59 - 2019-05-25 02:26 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-06-12 06:59 - 2019-05-25 02:26 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-06-12 06:59 - 2019-05-25 02:24 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-06-12 06:59 - 2019-05-25 02:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-06-12 06:59 - 2019-05-25 02:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-06-12 06:59 - 2019-05-25 02:22 - 004492800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-12 06:59 - 2019-05-25 02:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-06-12 06:59 - 2019-05-25 02:17 - 013706240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-12 06:59 - 2019-05-25 02:17 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-12 06:59 - 2019-05-25 02:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-06-12 06:59 - 2019-05-25 02:15 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-12 06:59 - 2019-05-25 02:15 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-06-12 06:59 - 2019-05-25 02:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-12 06:59 - 2019-05-25 02:05 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-06-12 06:59 - 2019-05-25 02:04 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-12 06:59 - 2019-05-25 02:03 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-06-12 06:59 - 2019-05-25 02:02 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-12 06:59 - 2019-05-25 01:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-12 06:59 - 2019-05-25 01:59 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-12 06:59 - 2019-05-25 01:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-06-12 06:59 - 2019-05-25 01:56 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-06-12 06:59 - 2019-05-23 04:06 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-06-12 06:59 - 2019-05-23 04:06 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-06-12 06:59 - 2019-05-23 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-12 06:59 - 2019-05-23 03:58 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-06-12 06:59 - 2019-05-23 03:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-06-12 06:59 - 2019-05-23 03:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-12 06:59 - 2019-05-23 02:31 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-12 06:59 - 2019-05-23 02:05 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-12 06:59 - 2019-05-23 02:05 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-12 06:59 - 2019-05-17 20:21 - 000372456 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-06-12 06:59 - 2019-05-16 17:22 - 004057312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-06-12 06:59 - 2019-05-16 17:22 - 003963624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-06-12 06:59 - 2019-05-16 17:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-06-12 06:59 - 2019-05-16 17:19 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-06-12 06:59 - 2019-05-16 17:18 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-06-12 06:59 - 2019-05-16 17:18 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-12 06:59 - 2019-05-16 17:17 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-06-12 06:59 - 2019-05-16 17:10 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-12 06:59 - 2019-05-16 17:10 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-12 06:59 - 2019-05-16 17:09 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-12 06:59 - 2019-05-16 17:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-12 06:59 - 2019-05-16 17:09 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-06-12 06:59 - 2019-05-16 17:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-06-12 06:59 - 2019-05-16 17:08 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-12 06:59 - 2019-05-16 17:06 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-12 06:59 - 2019-05-16 17:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-06-12 06:59 - 2019-05-16 16:39 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-12 06:59 - 2019-05-13 16:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-12 06:59 - 2019-05-13 16:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-12 06:59 - 2019-05-13 16:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-12 06:59 - 2019-05-13 16:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-06-12 06:59 - 2019-05-09 17:17 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-06-12 06:59 - 2019-05-09 17:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-06-12 06:59 - 2019-05-09 17:17 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-06-12 06:59 - 2019-05-09 17:17 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-06-12 06:59 - 2019-05-09 17:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-06-12 06:59 - 2019-05-09 17:09 - 000114400 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-06-12 06:59 - 2019-05-09 17:07 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-06-12 06:59 - 2019-05-09 17:06 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-06-12 06:59 - 2019-05-09 17:06 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-06-12 06:59 - 2019-05-09 17:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-06-12 06:59 - 2019-05-09 17:06 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-06-12 06:59 - 2019-05-09 17:06 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-06-12 06:59 - 2019-05-09 17:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-06-12 06:59 - 2019-05-09 16:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-06-12 06:59 - 2019-05-09 16:40 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-06-12 06:59 - 2019-04-30 04:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-12 06:59 - 2019-04-30 03:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-12 06:59 - 2019-04-25 17:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-12 06:59 - 2019-04-25 17:06 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-12 06:59 - 2019-04-24 17:11 - 001893096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-12 06:59 - 2019-04-24 17:09 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-06-12 06:59 - 2019-04-24 17:09 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-12 06:59 - 2019-04-12 15:05 - 000994384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000064248 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000016120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000014288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000014072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012536 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000011504 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-06-12 06:59 - 2019-04-09 17:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-06-12 06:59 - 2019-04-09 17:05 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-06-12 06:59 - 2019-04-09 17:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-12 06:59 - 2019-04-09 17:05 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-06-12 06:59 - 2019-04-09 16:53 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-12 06:59 - 2019-04-09 16:52 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-12 06:58 - 2019-05-23 04:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-06-12 06:58 - 2019-05-23 03:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 16:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-06-12 06:58 - 2019-05-16 16:53 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-06-12 06:58 - 2019-05-16 16:48 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-12 06:58 - 2019-05-16 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-06-12 06:58 - 2019-05-16 16:47 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-06-12 06:58 - 2019-05-16 16:47 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-06-12 06:58 - 2019-05-16 16:47 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-06-12 06:58 - 2019-05-16 16:45 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-06-12 06:58 - 2019-05-16 16:45 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 16:45 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 16:45 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 16:45 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 16:41 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-06-12 06:58 - 2019-05-16 16:41 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-06-12 06:58 - 2019-05-16 16:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-06-12 06:58 - 2019-05-16 16:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-06-12 06:58 - 2019-05-16 16:38 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-06-12 06:58 - 2019-05-16 16:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-06-12 06:58 - 2019-05-16 16:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-06-12 06:58 - 2019-05-16 16:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-06-12 06:58 - 2019-05-09 17:18 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-06-12 06:58 - 2019-05-09 17:18 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-06-12 06:58 - 2019-05-09 17:18 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-06-12 06:58 - 2019-05-09 17:18 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-06-12 06:58 - 2019-05-09 17:18 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-06-12 06:58 - 2019-05-09 17:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-06-12 06:58 - 2019-05-09 17:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-06-12 06:58 - 2019-05-09 17:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-06-12 06:58 - 2019-05-09 17:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-06-12 06:58 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-06-12 06:58 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-06-12 06:58 - 2019-05-09 17:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-06-12 06:58 - 2019-05-09 17:02 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-06-12 06:58 - 2019-05-09 16:49 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-06-12 06:58 - 2019-05-09 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-06-12 06:58 - 2019-05-09 16:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-06-12 06:58 - 2019-05-09 16:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-06-12 06:58 - 2019-04-09 17:05 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-06-12 06:58 - 2019-04-09 17:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-06-12 06:58 - 2019-04-09 17:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-06-12 06:58 - 2019-04-09 17:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-12 06:58 - 2019-04-09 17:03 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-06-12 06:58 - 2019-04-09 16:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-06-12 06:58 - 2019-04-09 16:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-12 06:58 - 2019-04-09 16:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-06-12 06:58 - 2019-04-09 16:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-12 06:58 - 2019-04-09 16:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-06-10 08:09 - 2019-06-10 08:09 - 000000000 ____D C:\Users\obchodb\AppData\Local\prunld3348
2019-06-10 08:08 - 2019-06-10 08:11 - 000000000 ____D C:\Users\obchodb\AppData\Local\Mail.Ruxxxxxxxxxxxxxxxxxx
2019-06-10 08:08 - 2019-06-10 08:08 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
2019-06-10 08:08 - 2019-06-10 08:08 - 000000000 ____D C:\ProgramData\PDTCTA6QJB8M9YUSIYTO3OBTM
2019-06-07 11:41 - 2019-06-07 11:41 - 009510466 _____ C:\Users\obchodb\Desktop\tm___3g0_853_600_a__1_v1_1.jt
2019-06-06 11:20 - 2019-06-06 11:20 - 000442122 _____ C:\Users\obchodb\Downloads\SKMBT_C224e19060617440.pdf
2019-05-27 12:59 - 2019-05-27 12:59 - 030113771 _____ C:\Users\obchodb\Desktop\zasilka-NDD2527ARSEFEEAU.zip
2019-05-24 14:41 - 2019-05-30 07:53 - 000034631 _____ C:\Users\obchodb\Desktop\Toolcost breakdown - KOITO.xlsx
2019-05-23 08:08 - 2019-05-23 08:08 - 000129120 _____ C:\Windows\system32\Drivers\ibinldr.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-19 11:38 - 2015-02-04 13:36 - 000001775 _____ C:\Users\obchodb\Desktop\Zálohy na serveru.lnk
2019-06-19 10:55 - 2018-10-15 13:34 - 000000000 ____D C:\Users\obchodb\Desktop\POZAK
2019-06-19 10:41 - 2009-07-14 06:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-19 10:41 - 2009-07-14 06:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-19 10:32 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-19 10:26 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-06-19 10:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-06-19 09:17 - 2015-02-03 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-19 08:44 - 2015-02-03 15:11 - 000000000 ____D C:\Program Files\totalcmd
2019-06-19 07:19 - 2015-09-29 07:14 - 000000000 ____D C:\Users\obchodb\AppData\Local\ESET
2019-06-19 07:11 - 2015-02-03 15:21 - 000000000 ____D C:\Program Files (x86)\Google
2019-06-18 14:32 - 2018-08-14 08:31 - 000000000 ____D C:\Users\obchodb\Desktop\Wordy
2019-06-18 07:47 - 2018-10-15 13:34 - 000000000 ____D C:\Users\obchodb\Desktop\Nabídky
2019-06-17 06:24 - 2017-04-06 07:01 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-13 07:29 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-06-13 05:44 - 2011-04-12 10:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2019-06-13 05:44 - 2011-04-12 10:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2019-06-13 05:44 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-13 05:44 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-06-13 05:39 - 2009-07-14 06:45 - 000341376 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-13 05:35 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-06-13 05:35 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-06-12 15:25 - 2014-02-20 15:07 - 000000000 ____D C:\Windows\system32\MRT
2019-06-12 15:22 - 2014-02-20 15:07 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-12 08:21 - 2017-08-25 09:50 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-06-12 08:21 - 2017-08-25 09:50 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-06-12 08:21 - 2017-08-25 09:50 - 000004548 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-12 08:21 - 2017-08-25 09:50 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-06-12 08:21 - 2017-08-25 09:50 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-06-12 08:21 - 2017-08-25 09:50 - 000000000 ____D C:\Windows\system32\Macromed
2019-06-10 08:13 - 2018-11-09 07:31 - 000000000 ____D C:\Users\obchodb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plays.tv, Inc
2019-06-10 08:13 - 2018-10-01 07:20 - 000000000 ____D C:\Users\obchodb\AppData\Roaming\Plays
2019-06-10 08:13 - 2018-10-01 07:20 - 000000000 ____D C:\Users\obchodb\AppData\Local\Plays
2019-06-03 07:07 - 2018-10-01 07:20 - 000000000 ____D C:\Users\obchodb\AppData\Local\SquirrelTemp
2019-05-28 06:43 - 2014-02-21 14:08 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-28 06:42 - 2015-02-03 16:12 - 000000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories ================

2015-02-04 13:47 - 2019-01-21 13:42 - 000000600 _____ () C:\Users\obchodb\AppData\Local\PUTTY.RND
2018-06-15 09:46 - 2018-06-15 09:46 - 000007605 _____ () C:\Users\obchodb\AppData\Local\Resmon.ResmonCfg

==================== FLock ================

2015-02-02 14:44 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-06-12 07:30
==================== End of FRST.txt ============================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by obchodb (19-06-2019 15:06:23)
Running from C:\Users\obchodb\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-02-03 12:58:57)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1528981461-131533015-88995806-500 - Administrator - Enabled)
Guest (S-1-5-21-1528981461-131533015-88995806-501 - Limited - Disabled)
Install (S-1-5-21-1528981461-131533015-88995806-1000 - Administrator - Disabled) => C:\Users\Install
obchodb (S-1-5-21-1528981461-131533015-88995806-1001 - Administrator - Enabled) => C:\Users\obchodb

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{BC741628-0AFC-405C-8946-DD46D1005A0A}) (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Autodesk CMMDriverForPPro 2017 (HKLM\...\Autodesk CMMDriverForPPro17100) (Version: 17.1.00 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Manufacturing Automation Utility 2017 FCS Licence (HKLM\...\{FE3DF541-7434-4839-8912-61D8C8C09F76}) (Version: 0.0.2 - Autodesk)
Autodesk Manufacturing Data Exchange Utility 2017 (HKLM\...\Autodesk Manufacturing Data Exchange Utility 8.6.10) (Version: 8.6.10 - Autodesk)
Autodesk Manufacturing Data Exchange Utility Premium 2017 FCS Licence (HKLM\...\{B2DAAFB6-BC75-47BB-BAA8-CAFC3BACAD01}) (Version: 0.0.2 - Autodesk)
Autodesk PowerShape 2017 (HKLM\...\Autodesk PowerShape17136) (Version: 17.1.36 - Autodesk)
Autodesk PowerShape Ultimate 2017 FCS Licence (HKLM\...\{C96A85C0-EB64-4788-826F-AE453D475A38}) (Version: 0.0.2 - Autodesk)
Autodesk PowerShapeTutorials 2017 (64-bit) (HKLM\...\Autodesk PowerShapeTutorials17100) (Version: 17.1.00 - Autodesk)
Autodesk PS-Catalogs 2017 (HKLM\...\Autodesk PS-Catalogs17136) (Version: 17.1.36 - Autodesk)
Autodesk PSDoc 2017 (HKLM\...\Autodesk PSDoc17100) (Version: 17.1.00 - Autodesk)
Autodesk TrodeExtension 2017 (HKLM\...\Autodesk TrodeExtension17100) (Version: 17.1.00 - Autodesk)
BMDExcelAddIn (HKLM-x32\...\{A19BA299-0E8D-4A8E-8113-CBB39573EEC9}) (Version: 3.3.7 - BMD Systemhaus GmbH)
BMDNTCS (HKLM-x32\...\BMDNTCS) (Version: 2015.18.02.03 - BMD Systemhaus GmbH)
BMDOutlookAddIn (HKLM-x32\...\{BF154B60-05C6-4C3D-933C-44B31FF4D756}) (Version: 3.3.7 - BMD Systemhaus GmbH)
BMDPowerPointAddIn (HKLM-x32\...\{EC6C1F25-1FF4-4EA6-B9C5-60503322FE4B}) (Version: 3.3.7 - BMD Systemhaus GmbH)
BMDWordAddIn (HKLM-x32\...\{471B7546-771A-4EBB-A5F9-C3AF6C3789EB}) (Version: 3.3.7 - BMD Systemhaus GmbH)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Delcam Exchange 2016 R3 (64-bit) (HKLM\...\Delcam Exchange 8.4.10) (Version: 8.4.10 - Delcam)
Delcam PowerSHAPE-e 2016 (64-bit) (HKLM\...\Delcam PowerSHAPE-e16130) (Version: 16.1.30 - Delcam)
Delcam PS-Tutorials 2011 R2 (CR 11220) (HKLM-x32\...\{A7CE1581-DA83-4AC5-AA1D-F484F6E70097}) (Version: 11.2.20 - Delcam)
Delcam PS-Tutorials 2011 R3 (64-bit) (HKLM-x32\...\Delcam PS-Tutorials11300) (Version: 11.3.00 - Delcam)
Delcam TrodeExtension 2014 R2 (64-bit) (HKLM\...\Delcam TrodeExtension14200) (Version: 14.2.00 - Delcam)
Dofus (HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\2744A393-554C-4E35-A24F-DEF0392B4484-2) (Version: - Ankama)
eDrawings 2017 x64 (HKLM\...\{F36E59AF-DC22-43D9-A469-93A6267D6BAA}) (Version: 17.0.5048 - Společnost Dassault Systemes SolidWorks Corp)
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Google Chrome (HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet 200 color M251 (HKLM-x32\...\{6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD}) (Version: 5.0.12200.1036 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM251DSService (HKLM-x32\...\{413E98C3-2CA1-4D04-AFC2-8D8D873A3178}) (Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (HKLM-x32\...\{6BA4598F-9ECC-453D-B6F7-ABAEEFA35561}) (Version: 3.0.26.12 - HP) Hidden
HPLaserJet200color-M251_HelpLearnCenter_SI (HKLM-x32\...\{DDEBEA89-2B5A-4E5B-8702-369882BB3F52}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM-x32\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 020.021.004 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{0C779D9C-FD0F-4A53-86BE-3D53E58B2900}) (Version: 004.005.0001 - HP) Hidden
HPLJUTM251 (HKLM-x32\...\{663A3950-CA55-4541-8B46-646BD548641D}) (Version: 3.00.0003 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{180D6813-95E0-415C-B58A-5B9493DE2DDA}) (Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM251LaserJetService (HKLM-x32\...\{09C0DA15-AB94-43BC-9B02-57DF3FEB469F}) (Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{46A99EAE-98DA-4BE5-94C3-D41BA4C266DA}) (Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM251 (HKLM-x32\...\{A1EF28FB-74A8-4157-91E9-9C164CAB10F8}) (Version: 050.034.00131 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
LJDXPHelperUI (HKLM-x32\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 020.021.004 - HP) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2013 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 15.0.5137.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5137.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5137.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.5137.1000 - Microsoft Corporation) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
Screen Grab Pro (HKLM-x32\...\{581125F9-D1C6-4797-93BB-47A992D69AA8}) (Version: - )
Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
SQLXML4 (HKLM\...\{7C903D14-7EF4-4B71-BF78-2BCAFC499EB1}) (Version: 9.00.1399.06 - Microsoft Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
VariCAD 2015-1.03 CZ (HKLM\...\VariCAD_20141014_CZ) (Version: - )
VariCADViewercz (HKLM-x32\...\{A57A3C28-2389-4B5E-BFD7-0F9F7B1093A4}) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.1.0 - Azureus Software, Inc.)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{13CE5476-8CB1-486E-828F-AEC327D972C7}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDWordAddIn\BMDArchivWord2010.DLL (BMD Systemhaus Gmbh -> )
CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{5C4A741A-FFAC-4FCC-AF19-79046F1717FC}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDOutlookAddIn\BMDArchivOutlook2010.DLL (BMD Systemhaus Gmbh -> )
CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{610994E2-22F6-43C7-AD8F-DFF817978BF3}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDExcelAddIn\BMDArchivExcel2010.DLL (BMD Systemhaus Gmbh -> )
CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{7B6E085C-5620-44CD-A5A9-2ED6615B1883}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDPowerPointAddIn\BMDArchivPowerPoint2010.DLL (BMD Systemhaus Gmbh -> )
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2014-04-17 23:19 - 2014-04-17 23:19 - 000898048 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2014-04-17 23:18 - 2014-04-17 23:18 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2015-02-04 14:12 - 2013-03-08 00:07 - 000067584 _____ (CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 000041472 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 000073728 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 001218560 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2011-04-13 17:08 - 2011-04-13 17:08 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2011-04-13 17:08 - 2011-04-13 17:08 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 000164864 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
2012-05-02 22:02 - 2012-05-02 22:02 - 000034816 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2018-04-30 17:00 - 2018-04-30 17:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-02-13 13:46 - 2013-02-13 13:46 - 000731648 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2015-02-04 13:07 - 2013-04-22 11:27 - 000016896 _____ (KONICA MINOLTA, INC.) [File not signed] C:\Windows\System32\KOAYTJ_L.DLL
2015-02-04 14:12 - 2013-03-08 00:07 - 000009728 _____ (Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\CobStringList.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2015-04-02 10:54 - 2015-04-02 10:54 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2015-02-04 13:08 - 2013-05-21 09:21 - 000083968 _____ (Monotype Imaging Inc.) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\KOAYTJ_P.dll
2015-04-02 10:53 - 2015-10-13 14:36 - 001359360 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\BMDNTCS\BMDNTCSClients\SLECHTA-SERVER\libeay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-06-19 10:14 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\
HKU\S-1-5-21-1528981461-131533015-88995806-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\obchodb\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.130.104.222 - 95.216.188.196
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3B53123F-DCC6-4D5B-BBD2-D8E9C019ED7C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies SA -> Skype Technologies S.A.)
FirewallRules: [{68EFA81B-CBD7-4C57-BFC3-BB043703E551}] => (Allow) C:\Users\Install\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{180A51A6-C67D-4029-B066-68DB3C41AD32}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{022232B2-E6D8-4734-927D-887E92F0B448}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet 200 color M251\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4B41D667-C245-416B-B363-F6836EE96796}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet 200 color M251\bin\EWSProxy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{29EF9DF5-6716-4F75-9F4B-2436557D5ED6}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos) [File not signed]
FirewallRules: [UDP Query User{D1B13BAE-3984-4E8B-9142-56BA4CE00E11}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos) [File not signed]
FirewallRules: [{F33CDFB2-DE15-4573-A5EB-1572F97E16B6}] => (Allow) C:\Program Files (x86)\PicosmosTools\PFInstOnline.exe No File
FirewallRules: [{27662337-313F-4AA0-977F-DB7BA19698FC}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{ED4B9178-E0D4-4615-8D9E-75DF3CF64C85}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{B40F3915-9D8E-4C88-B41D-8EFE28D50F4E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{9A8ECB3F-AEE1-4271-9EBE-33488F540664}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{105B8B19-E32F-4D5A-A4CC-1BE3829835DA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{17747178-04FE-4103-A2FE-5A1BA8EE629A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{D416A6EB-7472-4860-A058-5D4FE6A51C48}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{D283787A-05B5-4DDA-8DA2-7228B0E306C3}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)

==================== Restore Points =========================

19-06-2019 10:13:30 zoek.exe restore point
19-06-2019 10:39:32 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/19/2019 10:34:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 08:55:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:55:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:49:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:41:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:33:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 06:24:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/18/2019 10:30:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bmdntcs.exe, verze: 2018.21.17.28, časové razítko: 0x5b61a1ac
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x3683fd26
ID chybujícího procesu: 0x1a24
Čas spuštění chybující aplikace: 0x01d5258dd56cf2e3
Cesta k chybující aplikaci: C:\ProgramData\BMDNTCS\BMDNTCSClients\SLECHTA-SERVER\bmdntcs.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4b48eaee-91a3-11e9-b637-d8cb8a1c1bff

System errors:
=============
Error: (06/19/2019 10:26:08 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2019 10:26:07 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2019 10:26:07 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2019 10:26:06 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2019 10:26:05 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2019 08:43:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BBUpdate byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/19/2019 08:43:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/19/2019 08:43:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Desktop App Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
===================================
Date: 2016-10-13 03:23:25.057
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{B0CEE649-617E-46CD-A83F-404B4B9CD88E}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-08-12 03:03:37.885
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208273
Název:SoftwareBundler:Win32/InstalleRex
ID:208273
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\obchodb\Downloads\sygic map 6.67.exe;interface:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};interface:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\Wow6432Node\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0;regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\Wow6432Node\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};typelib:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040};typelibversion:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-08-12 03:03:32.533
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208273
Název:SoftwareBundler:Win32/InstalleRex
ID:208273
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\obchodb\Downloads\sygic map 6.67.exe;interface:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0;typelib:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040};typelibversion:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2018-07-04 07:00:20.697
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-04 07:00:20.584
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V2.8 07/17/2014
Motherboard: MSI B85-G41 PC Mate(MS-7850)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 70%
Total physical RAM: 8120 MB
Available physical RAM: 2423.06 MB
Total Virtual: 16238.14 MB
Available Virtual: 9943.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.32 GB) (Free:817.75 GB) NTFS
Drive o: (DATA) (Network) (Total:477.58 GB) (Free:123.15 GB) NTFS

\\?\Volume{45ade242-aba3-11e4-9ef8-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6CB2DE53)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#10 Příspěvek od **JaRon** » 20 čer 2019 06:00

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\MountPoints2: {6f4d9049-97ef-11e5-a4bc-d8cb8a1c1bff} - K:\setup.exe
HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\MountPoints2: {78a9ee72-dc77-11e6-8508-d8cb8a1c1bff} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\MountPoints2: {995317f4-003e-11e5-ab2a-d8cb8a1c1bff} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\MountPoints2: {a174584d-454f-11e9-82f7-d8cb8a1c1bff} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\MountPoints2: {cd8bf89a-1f3a-11e7-b756-d8cb8a1c1bff} - K:\HiSuiteDownLoader.exe
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline ... 5.1.4.3&q={searchTerms}&fr=chxtnhp15.1.4.3
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
2019-06-10 08:08 - 2019-06-10 08:11 - 000000000 ____D C:\Users\obchodb\AppData\Local\Mail.Ruxxxxxxxxxxxxxxxxxx


EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

L.a.c.i · #11 Příspěvek od **L.a.c.i** » 21 čer 2019 08:12

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-06-2019
Ran by obchodb (administrator) on OBCHODB-PC (MSI MS-7850) (21-06-2019 09:07:29)
Running from C:\Users\obchodb\Downloads
Loaded Profiles: obchodb (Available Profiles: Install & obchodb)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [177928 2019-04-17] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2013-03-08] (Luis Cobian, CobianSoft) [File not signed]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [BMDNetClient_SLECHTA-SERVER] => C:\ProgramData\BMDNTCS\BMDNTCSClients\SLECHTA-SERVER\BMDNetClient.exe [81787080 2018-08-02] (BMD Systemhaus Gmbh -> BMD Systemhaus GmbH)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [102400 2005-06-15] (TechSmith Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03018164-88CB-448A-A94A-AAD72812DA49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {0A4063A5-3838-4FB4-B5B0-4618B8F0F917} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-12] (Adobe Inc. -> Adobe)
Task: {9DCC05F7-E064-4BE5-8FDC-104C9DFC729B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-12] (Adobe Inc. -> Adobe)
Task: {9F02C457-7F8E-42D7-A7E7-42A701AECDDF} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [42912 2012-06-15] (Hewlett-Packard Company -> Hewlett Packard)
Task: {A344B465-874D-4BE0-8360-D328B02A5C48} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {D360E9DB-380B-4AE3-882F-B0B467555EDE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7C10B8E-16FA-46AB-9014-ED1E6B332B81} - System32\Tasks\zaloha => C:\bat\zalohy\zalohuj.bat [1449 2019-01-21] () [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 172.16.0.5 172.16.10.1
Tcpip\..\Interfaces\{023737A3-11FD-46B7-847A-13C32A569830}: [NameServer] 185.130.104.222,95.216.188.196,116.203.6.218,185.4.64.13
Tcpip\..\Interfaces\{023737A3-11FD-46B7-847A-13C32A569830}: [DhcpNameServer] 192.168.0.1 172.16.0.5 172.16.10.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {15595EA5-7C28-4998-995A-614BAC6CCA27} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {273F0966-9648-46CD-A677-5D86A60858FE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {30A396BB-86B4-4156-B918-E3538DDBD1B2} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {B0B06A35-DFFA-44E3-86EA-4286B0FCF749} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {B92C75B7-55A1-4FE8-9DF8-E4D561994550} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {BF65A74C-CCF1-4F17-92CE-64CC725EADBC} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {C8EF8986-0314-4875-993C-212738276B08} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
SearchScopes: HKU\S-1-5-21-1528981461-131533015-88995806-1001 -> {CFE1C2A1-0040-4348-94FE-198147EB67BF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies SA -> Skype Technologies)

FireFox:
========
FF DefaultProfile: 1si36765.default
FF ProfilePath: C:\Users\obchodb\AppData\Roaming\Mozilla\Firefox\Profiles\1si36765.default [2019-06-21]
FF Homepage: Mozilla\Firefox\Profiles\1si36765.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\1si36765.default -> about:newtab
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=chxtnhp15.1.4.3&q={searchTerms}&fr=chxtnhp15.1.4.3
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default [2019-06-21]
CHR Extension: (No Name) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-19]
CHR Extension: (No Name) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-19]
CHR Extension: (No Name) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-19]
CHR Extension: (No Name) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-21]
CHR Extension: (No Name) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-19]
CHR Extension: (Chrome Media Router) - C:\Users\obchodb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
CHR HKLM-x32\...\Chrome\Extension: [beliehdniadoecbonbhlcgbdldccfigp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.43K5GLIGZUB7F5BBDCAFQJ4ZRE - C:\Users\obchodb\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk, Inc -> Autodesk Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-08] (CobianSoft, Luis Cobian) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2359312 2019-04-17] (ESET, spol. s r.o. -> ESET)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [15376384 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [638976 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2013-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [15376384 2014-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [145600 2019-03-19] (ESET, spol. s r.o. -> ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188240 2019-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [110000 2019-03-19] (ESET, spol. s r.o. -> ESET)
R1 ibinldr; C:\Windows\System32\drivers\ibinldr.sys [129120 2019-05-23] (ANAX CORP LIMITED -> ) [File not signed]
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [46016 2012-07-24] (Intel(R) Smart Connect software -> )
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-21 09:01 - 2019-06-21 09:02 - 000004166 _____ C:\Users\obchodb\Downloads\Fixlog.txt
2019-06-21 09:01 - 2019-06-21 09:01 - 000000000 ____D C:\Users\obchodb\Downloads\FRST-OlderVersion
2019-06-19 10:38 - 2019-06-19 10:39 - 001663040 _____ (Malwarebytes) C:\Users\obchodb\Downloads\JRT.exe
2019-06-19 10:29 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2019-06-19 10:11 - 2019-06-19 10:26 - 000000000 ____D C:\zoek_backup
2019-06-19 10:11 - 2019-06-19 10:11 - 002038755 _____ C:\Users\obchodb\Downloads\zoek.exe
2019-06-19 10:01 - 2019-06-19 15:07 - 000036229 _____ C:\Users\obchodb\Downloads\Addition.txt
2019-06-19 09:57 - 2019-06-21 09:08 - 000019256 _____ C:\Users\obchodb\Downloads\FRST.txt
2019-06-19 09:55 - 2019-06-21 09:07 - 000000000 ____D C:\FRST
2019-06-19 09:55 - 2019-06-21 09:01 - 002418688 _____ (Farbar) C:\Users\obchodb\Downloads\FRST64.exe
2019-06-19 07:58 - 2019-06-19 07:59 - 002427504 _____ (Wiper Software, UAB) C:\Users\obchodb\Downloads\WiperSoft-installer.exe
2019-06-19 07:55 - 2019-06-19 07:55 - 000002369 _____ C:\Users\obchodb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 07:55 - 2019-06-19 07:55 - 000002332 _____ C:\Users\obchodb\Desktop\Google Chrome.lnk
2019-06-19 07:27 - 2019-06-19 07:29 - 000000000 ____D C:\AdwCleaner
2019-06-19 07:27 - 2019-06-19 07:27 - 007025360 _____ (Malwarebytes) C:\Users\obchodb\Downloads\AdwCleaner.exe
2019-06-19 06:56 - 2019-06-19 07:09 - 053876992 _____ (Google Inc.) C:\Users\obchodb\Downloads\72.0.3626.81_chrome_installer.exe
2019-06-14 12:25 - 2019-06-14 12:25 - 048295712 _____ C:\Users\obchodb\Downloads\7015U100.zip
2019-06-12 10:22 - 2019-06-12 10:22 - 000000000 ____D C:\Users\obchodb\Desktop\Nová složka (3)
2019-06-12 06:59 - 2019-06-04 01:11 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-12 06:59 - 2019-06-04 01:11 - 000474112 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-12 06:59 - 2019-06-04 01:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-12 06:59 - 2019-05-27 09:19 - 000396896 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-12 06:59 - 2019-05-27 08:29 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-12 06:59 - 2019-05-25 03:42 - 025733632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-12 06:59 - 2019-05-25 03:33 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-06-12 06:59 - 2019-05-25 03:33 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-06-12 06:59 - 2019-05-25 03:22 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-12 06:59 - 2019-05-25 03:21 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-06-12 06:59 - 2019-05-25 03:20 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-12 06:59 - 2019-05-25 03:20 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-06-12 06:59 - 2019-05-25 03:20 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-06-12 06:59 - 2019-05-25 03:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-06-12 06:59 - 2019-05-25 03:14 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-06-12 06:59 - 2019-05-25 03:13 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-06-12 06:59 - 2019-05-25 03:11 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-06-12 06:59 - 2019-05-25 03:10 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-06-12 06:59 - 2019-05-25 03:10 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-06-12 06:59 - 2019-05-25 03:10 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-06-12 06:59 - 2019-05-25 03:10 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-06-12 06:59 - 2019-05-25 03:09 - 005776384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-12 06:59 - 2019-05-25 03:07 - 020275712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-12 06:59 - 2019-05-25 03:04 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-06-12 06:59 - 2019-05-25 03:02 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-06-12 06:59 - 2019-05-25 02:56 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-06-12 06:59 - 2019-05-25 02:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-06-12 06:59 - 2019-05-25 02:55 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-06-12 06:59 - 2019-05-25 02:55 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-06-12 06:59 - 2019-05-25 02:52 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-06-12 06:59 - 2019-05-25 02:52 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-06-12 06:59 - 2019-05-25 02:50 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-06-12 06:59 - 2019-05-25 02:48 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-06-12 06:59 - 2019-05-25 02:45 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-12 06:59 - 2019-05-25 02:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-06-12 06:59 - 2019-05-25 02:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-06-12 06:59 - 2019-05-25 02:44 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-06-12 06:59 - 2019-05-25 02:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-06-12 06:59 - 2019-05-25 02:42 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-12 06:59 - 2019-05-25 02:40 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-06-12 06:59 - 2019-05-25 02:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-06-12 06:59 - 2019-05-25 02:39 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-06-12 06:59 - 2019-05-25 02:38 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-12 06:59 - 2019-05-25 02:38 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-12 06:59 - 2019-05-25 02:38 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-06-12 06:59 - 2019-05-25 02:37 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-06-12 06:59 - 2019-05-25 02:37 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-06-12 06:59 - 2019-05-25 02:36 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-12 06:59 - 2019-05-25 02:36 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-06-12 06:59 - 2019-05-25 02:36 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-06-12 06:59 - 2019-05-25 02:34 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-12 06:59 - 2019-05-25 02:30 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-12 06:59 - 2019-05-25 02:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-06-12 06:59 - 2019-05-25 02:27 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-06-12 06:59 - 2019-05-25 02:26 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-06-12 06:59 - 2019-05-25 02:26 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-06-12 06:59 - 2019-05-25 02:24 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-06-12 06:59 - 2019-05-25 02:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-06-12 06:59 - 2019-05-25 02:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-06-12 06:59 - 2019-05-25 02:22 - 004492800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-12 06:59 - 2019-05-25 02:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-06-12 06:59 - 2019-05-25 02:17 - 013706240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-12 06:59 - 2019-05-25 02:17 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-12 06:59 - 2019-05-25 02:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-06-12 06:59 - 2019-05-25 02:15 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-12 06:59 - 2019-05-25 02:15 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-06-12 06:59 - 2019-05-25 02:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-12 06:59 - 2019-05-25 02:05 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-06-12 06:59 - 2019-05-25 02:04 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-12 06:59 - 2019-05-25 02:03 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-06-12 06:59 - 2019-05-25 02:02 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-12 06:59 - 2019-05-25 01:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-12 06:59 - 2019-05-25 01:59 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-12 06:59 - 2019-05-25 01:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-06-12 06:59 - 2019-05-25 01:56 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-06-12 06:59 - 2019-05-23 04:06 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-06-12 06:59 - 2019-05-23 04:06 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-06-12 06:59 - 2019-05-23 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-12 06:59 - 2019-05-23 03:58 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-06-12 06:59 - 2019-05-23 03:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-06-12 06:59 - 2019-05-23 03:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-12 06:59 - 2019-05-23 02:31 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-12 06:59 - 2019-05-23 02:05 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-12 06:59 - 2019-05-23 02:05 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-12 06:59 - 2019-05-17 20:21 - 000372456 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-06-12 06:59 - 2019-05-16 17:22 - 004057312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-06-12 06:59 - 2019-05-16 17:22 - 003963624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-06-12 06:59 - 2019-05-16 17:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-06-12 06:59 - 2019-05-16 17:19 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-06-12 06:59 - 2019-05-16 17:18 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-06-12 06:59 - 2019-05-16 17:18 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-12 06:59 - 2019-05-16 17:17 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-06-12 06:59 - 2019-05-16 17:10 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-12 06:59 - 2019-05-16 17:10 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-12 06:59 - 2019-05-16 17:09 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-12 06:59 - 2019-05-16 17:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-12 06:59 - 2019-05-16 17:09 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-06-12 06:59 - 2019-05-16 17:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-06-12 06:59 - 2019-05-16 17:08 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-12 06:59 - 2019-05-16 17:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-12 06:59 - 2019-05-16 17:06 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-12 06:59 - 2019-05-16 17:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-06-12 06:59 - 2019-05-16 16:39 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-12 06:59 - 2019-05-13 16:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-12 06:59 - 2019-05-13 16:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-12 06:59 - 2019-05-13 16:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-12 06:59 - 2019-05-13 16:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-06-12 06:59 - 2019-05-09 17:18 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-06-12 06:59 - 2019-05-09 17:17 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-06-12 06:59 - 2019-05-09 17:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-06-12 06:59 - 2019-05-09 17:17 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-06-12 06:59 - 2019-05-09 17:17 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-06-12 06:59 - 2019-05-09 17:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-06-12 06:59 - 2019-05-09 17:09 - 000114400 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-06-12 06:59 - 2019-05-09 17:07 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-06-12 06:59 - 2019-05-09 17:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-06-12 06:59 - 2019-05-09 17:06 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-06-12 06:59 - 2019-05-09 17:06 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-06-12 06:59 - 2019-05-09 17:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-06-12 06:59 - 2019-05-09 17:06 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-06-12 06:59 - 2019-05-09 17:06 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-06-12 06:59 - 2019-05-09 17:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-06-12 06:59 - 2019-05-09 16:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-06-12 06:59 - 2019-05-09 16:40 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-06-12 06:59 - 2019-04-30 04:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-12 06:59 - 2019-04-30 03:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-12 06:59 - 2019-04-25 17:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-12 06:59 - 2019-04-25 17:06 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-12 06:59 - 2019-04-24 17:11 - 001893096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-12 06:59 - 2019-04-24 17:09 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-06-12 06:59 - 2019-04-24 17:09 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-12 06:59 - 2019-04-12 15:05 - 000994384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000064248 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000016120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000014288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000014072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012536 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:05 - 000011504 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-06-12 06:59 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-06-12 06:59 - 2019-04-09 17:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-06-12 06:59 - 2019-04-09 17:05 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-06-12 06:59 - 2019-04-09 17:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-12 06:59 - 2019-04-09 17:05 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-06-12 06:59 - 2019-04-09 16:53 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-12 06:59 - 2019-04-09 16:52 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-12 06:58 - 2019-05-23 04:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-06-12 06:58 - 2019-05-23 03:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-06-12 06:58 - 2019-05-16 17:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-06-12 06:58 - 2019-05-16 17:18 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-06-12 06:58 - 2019-05-16 17:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 16:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-06-12 06:58 - 2019-05-16 16:53 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-06-12 06:58 - 2019-05-16 16:48 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-12 06:58 - 2019-05-16 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-06-12 06:58 - 2019-05-16 16:47 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-06-12 06:58 - 2019-05-16 16:47 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-06-12 06:58 - 2019-05-16 16:47 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-06-12 06:58 - 2019-05-16 16:45 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-06-12 06:58 - 2019-05-16 16:45 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 16:45 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 16:45 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 16:45 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-06-12 06:58 - 2019-05-16 16:41 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-06-12 06:58 - 2019-05-16 16:41 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-06-12 06:58 - 2019-05-16 16:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-06-12 06:58 - 2019-05-16 16:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-06-12 06:58 - 2019-05-16 16:38 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-06-12 06:58 - 2019-05-16 16:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-06-12 06:58 - 2019-05-16 16:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-06-12 06:58 - 2019-05-16 16:35 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-06-12 06:58 - 2019-05-16 16:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-06-12 06:58 - 2019-05-16 16:34 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-06-12 06:58 - 2019-05-09 17:18 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-06-12 06:58 - 2019-05-09 17:18 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-06-12 06:58 - 2019-05-09 17:18 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-06-12 06:58 - 2019-05-09 17:18 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-06-12 06:58 - 2019-05-09 17:18 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-06-12 06:58 - 2019-05-09 17:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-06-12 06:58 - 2019-05-09 17:17 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-06-12 06:58 - 2019-05-09 17:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-06-12 06:58 - 2019-05-09 17:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-06-12 06:58 - 2019-05-09 17:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-06-12 06:58 - 2019-05-09 17:06 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-06-12 06:58 - 2019-05-09 17:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-06-12 06:58 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-06-12 06:58 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-06-12 06:58 - 2019-05-09 17:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-06-12 06:58 - 2019-05-09 17:02 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-06-12 06:58 - 2019-05-09 16:49 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-06-12 06:58 - 2019-05-09 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-06-12 06:58 - 2019-05-09 16:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-06-12 06:58 - 2019-05-09 16:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-06-12 06:58 - 2019-04-09 17:05 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-06-12 06:58 - 2019-04-09 17:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-06-12 06:58 - 2019-04-09 17:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-06-12 06:58 - 2019-04-09 17:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-12 06:58 - 2019-04-09 17:03 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-06-12 06:58 - 2019-04-09 16:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-06-12 06:58 - 2019-04-09 16:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-12 06:58 - 2019-04-09 16:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-06-12 06:58 - 2019-04-09 16:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-12 06:58 - 2019-04-09 16:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-06-10 08:09 - 2019-06-10 08:09 - 000000000 ____D C:\Users\obchodb\AppData\Local\prunld3348
2019-06-10 08:08 - 2019-06-10 08:08 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
2019-06-10 08:08 - 2019-06-10 08:08 - 000000000 ____D C:\ProgramData\PDTCTA6QJB8M9YUSIYTO3OBTM
2019-06-07 11:41 - 2019-06-07 11:41 - 009510466 _____ C:\Users\obchodb\Desktop\tm___3g0_853_600_a__1_v1_1.jt
2019-06-06 11:20 - 2019-06-06 11:20 - 000442122 _____ C:\Users\obchodb\Downloads\SKMBT_C224e19060617440.pdf
2019-05-27 12:59 - 2019-05-27 12:59 - 030113771 _____ C:\Users\obchodb\Desktop\zasilka-NDD2527ARSEFEEAU.zip
2019-05-24 14:41 - 2019-05-30 07:53 - 000034631 _____ C:\Users\obchodb\Desktop\Toolcost breakdown - KOITO.xlsx
2019-05-23 08:08 - 2019-05-23 08:08 - 000129120 _____ C:\Windows\system32\Drivers\ibinldr.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-21 09:04 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-21 09:02 - 2019-01-17 09:27 - 000000000 ____D C:\Users\obchodb\AppData\LocalLow\Temp
2019-06-21 05:01 - 2009-07-14 06:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-21 05:01 - 2009-07-14 06:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-20 13:22 - 2011-04-12 10:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2019-06-20 13:22 - 2011-04-12 10:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2019-06-20 13:22 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-20 13:22 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-06-19 11:38 - 2015-02-04 13:36 - 000001775 _____ C:\Users\obchodb\Desktop\Zálohy na serveru.lnk
2019-06-19 10:55 - 2018-10-15 13:34 - 000000000 ____D C:\Users\obchodb\Desktop\POZAK
2019-06-19 10:26 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-06-19 10:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-06-19 09:17 - 2015-02-03 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-19 08:44 - 2015-02-03 15:11 - 000000000 ____D C:\Program Files\totalcmd
2019-06-19 07:19 - 2015-09-29 07:14 - 000000000 ____D C:\Users\obchodb\AppData\Local\ESET
2019-06-19 07:11 - 2015-02-03 15:21 - 000000000 ____D C:\Program Files (x86)\Google
2019-06-18 14:32 - 2018-08-14 08:31 - 000000000 ____D C:\Users\obchodb\Desktop\Wordy
2019-06-18 07:47 - 2018-10-15 13:34 - 000000000 ____D C:\Users\obchodb\Desktop\Nabídky
2019-06-17 06:24 - 2017-04-06 07:01 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-13 07:29 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-06-13 05:39 - 2009-07-14 06:45 - 000341376 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-13 05:35 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-06-13 05:35 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-06-12 15:25 - 2014-02-20 15:07 - 000000000 ____D C:\Windows\system32\MRT
2019-06-12 15:22 - 2014-02-20 15:07 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-12 08:21 - 2017-08-25 09:50 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-06-12 08:21 - 2017-08-25 09:50 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-06-12 08:21 - 2017-08-25 09:50 - 000004548 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-12 08:21 - 2017-08-25 09:50 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-06-12 08:21 - 2017-08-25 09:50 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-06-12 08:21 - 2017-08-25 09:50 - 000000000 ____D C:\Windows\system32\Macromed
2019-06-10 08:13 - 2018-11-09 07:31 - 000000000 ____D C:\Users\obchodb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plays.tv, Inc
2019-06-10 08:13 - 2018-10-01 07:20 - 000000000 ____D C:\Users\obchodb\AppData\Roaming\Plays
2019-06-10 08:13 - 2018-10-01 07:20 - 000000000 ____D C:\Users\obchodb\AppData\Local\Plays
2019-06-03 07:07 - 2018-10-01 07:20 - 000000000 ____D C:\Users\obchodb\AppData\Local\SquirrelTemp
2019-05-28 06:43 - 2014-02-21 14:08 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-28 06:42 - 2015-02-03 16:12 - 000000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories ================

2015-02-04 13:47 - 2019-01-21 13:42 - 000000600 _____ () C:\Users\obchodb\AppData\Local\PUTTY.RND
2018-06-15 09:46 - 2018-06-15 09:46 - 000007605 _____ () C:\Users\obchodb\AppData\Local\Resmon.ResmonCfg

==================== FLock ================

2015-02-02 14:44 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-06-12 07:30
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-06-2019
Ran by obchodb (21-06-2019 09:09:40)
Running from C:\Users\obchodb\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-02-03 12:58:57)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1528981461-131533015-88995806-500 - Administrator - Enabled)
Guest (S-1-5-21-1528981461-131533015-88995806-501 - Limited - Disabled)
Install (S-1-5-21-1528981461-131533015-88995806-1000 - Administrator - Disabled) => C:\Users\Install
obchodb (S-1-5-21-1528981461-131533015-88995806-1001 - Administrator - Enabled) => C:\Users\obchodb

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{BC741628-0AFC-405C-8946-DD46D1005A0A}) (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Autodesk CMMDriverForPPro 2017 (HKLM\...\Autodesk CMMDriverForPPro17100) (Version: 17.1.00 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Manufacturing Automation Utility 2017 FCS Licence (HKLM\...\{FE3DF541-7434-4839-8912-61D8C8C09F76}) (Version: 0.0.2 - Autodesk)
Autodesk Manufacturing Data Exchange Utility 2017 (HKLM\...\Autodesk Manufacturing Data Exchange Utility 8.6.10) (Version: 8.6.10 - Autodesk)
Autodesk Manufacturing Data Exchange Utility Premium 2017 FCS Licence (HKLM\...\{B2DAAFB6-BC75-47BB-BAA8-CAFC3BACAD01}) (Version: 0.0.2 - Autodesk)
Autodesk PowerShape 2017 (HKLM\...\Autodesk PowerShape17136) (Version: 17.1.36 - Autodesk)
Autodesk PowerShape Ultimate 2017 FCS Licence (HKLM\...\{C96A85C0-EB64-4788-826F-AE453D475A38}) (Version: 0.0.2 - Autodesk)
Autodesk PowerShapeTutorials 2017 (64-bit) (HKLM\...\Autodesk PowerShapeTutorials17100) (Version: 17.1.00 - Autodesk)
Autodesk PS-Catalogs 2017 (HKLM\...\Autodesk PS-Catalogs17136) (Version: 17.1.36 - Autodesk)
Autodesk PSDoc 2017 (HKLM\...\Autodesk PSDoc17100) (Version: 17.1.00 - Autodesk)
Autodesk TrodeExtension 2017 (HKLM\...\Autodesk TrodeExtension17100) (Version: 17.1.00 - Autodesk)
BMDExcelAddIn (HKLM-x32\...\{A19BA299-0E8D-4A8E-8113-CBB39573EEC9}) (Version: 3.3.7 - BMD Systemhaus GmbH)
BMDNTCS (HKLM-x32\...\BMDNTCS) (Version: 2015.18.02.03 - BMD Systemhaus GmbH)
BMDOutlookAddIn (HKLM-x32\...\{BF154B60-05C6-4C3D-933C-44B31FF4D756}) (Version: 3.3.7 - BMD Systemhaus GmbH)
BMDPowerPointAddIn (HKLM-x32\...\{EC6C1F25-1FF4-4EA6-B9C5-60503322FE4B}) (Version: 3.3.7 - BMD Systemhaus GmbH)
BMDWordAddIn (HKLM-x32\...\{471B7546-771A-4EBB-A5F9-C3AF6C3789EB}) (Version: 3.3.7 - BMD Systemhaus GmbH)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Delcam Exchange 2016 R3 (64-bit) (HKLM\...\Delcam Exchange 8.4.10) (Version: 8.4.10 - Delcam)
Delcam PowerSHAPE-e 2016 (64-bit) (HKLM\...\Delcam PowerSHAPE-e16130) (Version: 16.1.30 - Delcam)
Delcam PS-Tutorials 2011 R2 (CR 11220) (HKLM-x32\...\{A7CE1581-DA83-4AC5-AA1D-F484F6E70097}) (Version: 11.2.20 - Delcam)
Delcam PS-Tutorials 2011 R3 (64-bit) (HKLM-x32\...\Delcam PS-Tutorials11300) (Version: 11.3.00 - Delcam)
Delcam TrodeExtension 2014 R2 (64-bit) (HKLM\...\Delcam TrodeExtension14200) (Version: 14.2.00 - Delcam)
Dofus (HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\2744A393-554C-4E35-A24F-DEF0392B4484-2) (Version: - Ankama)
eDrawings 2017 x64 (HKLM\...\{F36E59AF-DC22-43D9-A469-93A6267D6BAA}) (Version: 17.0.5048 - Společnost Dassault Systemes SolidWorks Corp)
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Google Chrome (HKU\S-1-5-21-1528981461-131533015-88995806-1001\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet 200 color M251 (HKLM-x32\...\{6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD}) (Version: 5.0.12200.1036 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM251DSService (HKLM-x32\...\{413E98C3-2CA1-4D04-AFC2-8D8D873A3178}) (Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (HKLM-x32\...\{6BA4598F-9ECC-453D-B6F7-ABAEEFA35561}) (Version: 3.0.26.12 - HP) Hidden
HPLaserJet200color-M251_HelpLearnCenter_SI (HKLM-x32\...\{DDEBEA89-2B5A-4E5B-8702-369882BB3F52}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM-x32\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 020.021.004 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{0C779D9C-FD0F-4A53-86BE-3D53E58B2900}) (Version: 004.005.0001 - HP) Hidden
HPLJUTM251 (HKLM-x32\...\{663A3950-CA55-4541-8B46-646BD548641D}) (Version: 3.00.0003 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{180D6813-95E0-415C-B58A-5B9493DE2DDA}) (Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM251LaserJetService (HKLM-x32\...\{09C0DA15-AB94-43BC-9B02-57DF3FEB469F}) (Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{46A99EAE-98DA-4BE5-94C3-D41BA4C266DA}) (Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM251 (HKLM-x32\...\{A1EF28FB-74A8-4157-91E9-9C164CAB10F8}) (Version: 050.034.00131 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
LJDXPHelperUI (HKLM-x32\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 020.021.004 - HP) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2013 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 15.0.5137.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5137.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5137.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.5137.1000 - Microsoft Corporation) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
Screen Grab Pro (HKLM-x32\...\{581125F9-D1C6-4797-93BB-47A992D69AA8}) (Version: - )
Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
SQLXML4 (HKLM\...\{7C903D14-7EF4-4B71-BF78-2BCAFC499EB1}) (Version: 9.00.1399.06 - Microsoft Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
VariCAD 2015-1.03 CZ (HKLM\...\VariCAD_20141014_CZ) (Version: - )
VariCADViewercz (HKLM-x32\...\{A57A3C28-2389-4B5E-BFD7-0F9F7B1093A4}) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.1.0 - Azureus Software, Inc.)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{13CE5476-8CB1-486E-828F-AEC327D972C7}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDWordAddIn\BMDArchivWord2010.DLL (BMD Systemhaus Gmbh -> )
CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{5C4A741A-FFAC-4FCC-AF19-79046F1717FC}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDOutlookAddIn\BMDArchivOutlook2010.DLL (BMD Systemhaus Gmbh -> )
CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{610994E2-22F6-43C7-AD8F-DFF817978BF3}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDExcelAddIn\BMDArchivExcel2010.DLL (BMD Systemhaus Gmbh -> )
CustomCLSID: HKU\S-1-5-21-1528981461-131533015-88995806-1001_Classes\CLSID\{7B6E085C-5620-44CD-A5A9-2ED6615B1883}\InprocServer32 -> C:\Users\obchodb\AppData\Local\BMD Systemhaus GmbH\BMDPowerPointAddIn\BMDArchivPowerPoint2010.DLL (BMD Systemhaus Gmbh -> )
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2013-05-07 11:51 - 2013-05-07 11:51 - 000299520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2013-10-09 01:48 - 2013-10-09 01:48 - 000299520 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2015-02-04 14:12 - 2013-03-08 00:07 - 000067584 _____ (CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 000041472 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 000073728 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 001218560 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2011-04-13 17:08 - 2011-04-13 17:08 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2011-04-13 17:08 - 2011-04-13 17:08 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-05-02 22:02 - 2012-05-02 22:02 - 000164864 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
2012-05-02 22:02 - 2012-05-02 22:02 - 000034816 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2015-02-02 15:02 - 2013-04-26 04:24 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2013-02-13 13:46 - 2013-02-13 13:46 - 000731648 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2015-02-04 13:07 - 2013-04-22 11:27 - 000016896 _____ (KONICA MINOLTA, INC.) [File not signed] C:\Windows\System32\KOAYTJ_L.DLL
2015-02-04 14:12 - 2013-03-08 00:07 - 000009728 _____ (Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\CobStringList.dll
2015-02-04 14:12 - 2013-03-08 00:27 - 002684928 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbEngine.dll
2015-02-04 14:12 - 2013-03-08 00:27 - 004407808 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
2015-02-04 14:12 - 2013-03-08 00:26 - 000720896 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2015-04-02 10:54 - 2015-04-02 10:54 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2015-02-04 13:08 - 2013-05-21 09:21 - 000083968 _____ (Monotype Imaging Inc.) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\KOAYTJ_P.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-06-19 10:14 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\
HKU\S-1-5-21-1528981461-131533015-88995806-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\obchodb\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.130.104.222 - 95.216.188.196
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3B53123F-DCC6-4D5B-BBD2-D8E9C019ED7C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies SA -> Skype Technologies S.A.)
FirewallRules: [{68EFA81B-CBD7-4C57-BFC3-BB043703E551}] => (Allow) C:\Users\Install\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{180A51A6-C67D-4029-B066-68DB3C41AD32}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{022232B2-E6D8-4734-927D-887E92F0B448}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet 200 color M251\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4B41D667-C245-416B-B363-F6836EE96796}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet 200 color M251\bin\EWSProxy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{29EF9DF5-6716-4F75-9F4B-2436557D5ED6}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos) [File not signed]
FirewallRules: [UDP Query User{D1B13BAE-3984-4E8B-9142-56BA4CE00E11}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos) [File not signed]
FirewallRules: [{F33CDFB2-DE15-4573-A5EB-1572F97E16B6}] => (Allow) C:\Program Files (x86)\PicosmosTools\PFInstOnline.exe No File
FirewallRules: [{27662337-313F-4AA0-977F-DB7BA19698FC}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{ED4B9178-E0D4-4615-8D9E-75DF3CF64C85}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{B40F3915-9D8E-4C88-B41D-8EFE28D50F4E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{9A8ECB3F-AEE1-4271-9EBE-33488F540664}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe No File
FirewallRules: [{105B8B19-E32F-4D5A-A4CC-1BE3829835DA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{17747178-04FE-4103-A2FE-5A1BA8EE629A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe No File
FirewallRules: [{D416A6EB-7472-4860-A058-5D4FE6A51C48}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{D283787A-05B5-4DDA-8DA2-7228B0E306C3}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, Inc -> Copyright (c) 2018 Plays.tv, LLC)

==================== Restore Points =========================

19-06-2019 10:13:30 zoek.exe restore point
19-06-2019 10:39:32 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/21/2019 09:05:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/20/2019 07:55:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 10:34:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 08:55:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:55:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:49:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:41:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/19/2019 07:33:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

System errors:
=============
Error: (06/21/2019 09:07:22 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{023737A3-11FD-46B7-847A-13C32A569830} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.

Error: (06/20/2019 07:54:23 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (7:52:54, ‎20.‎6.‎2019) bylo neočekávané.

Error: (06/19/2019 09:23:42 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{023737A3-11FD-46B7-847A-13C32A569830} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.

Error: (06/19/2019 10:26:08 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2019 10:26:07 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2019 10:26:07 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2019 10:26:06 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2019 10:26:05 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Windows Defender:
===================================
Date: 2016-10-13 03:23:25.057
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{B0CEE649-617E-46CD-A83F-404B4B9CD88E}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-08-12 03:03:37.885
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208273
Název:SoftwareBundler:Win32/InstalleRex
ID:208273
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\obchodb\Downloads\sygic map 6.67.exe;interface:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};interface:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\Wow6432Node\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0;regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\Wow6432Node\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};typelib:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040};typelibversion:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-08-12 03:03:32.533
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=208273
Název:SoftwareBundler:Win32/InstalleRex
ID:208273
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\obchodb\Downloads\sygic map 6.67.exe;interface:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326};regkey:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0;typelib:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040};typelibversion:HKCU@S-1-5-21-1528981461-131533015-88995806-1001\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}\1.0
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2018-07-04 07:00:20.697
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-04 07:00:20.584
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V2.8 07/17/2014
Motherboard: MSI B85-G41 PC Mate(MS-7850)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 55%
Total physical RAM: 8120 MB
Available physical RAM: 3635.63 MB
Total Virtual: 16238.14 MB
Available Virtual: 11875.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.32 GB) (Free:817.12 GB) NTFS

\\?\Volume{45ade242-aba3-11e4-9ef8-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6CB2DE53)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#12 Příspěvek od **JaRon** » 21 čer 2019 08:27

mal si sice vlozit fixlog.txt, ale nevadi
nepises, ci problem pretrvava ?
ak ano, pozri video https://www.youtube.com/watch?v=j7pFp2VxB9E a pokial je problem iba v Chrome, aplikuj iba casti pren

VIRY.CZ

Nelze načíst stránku FB a i jiné

Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné

Re: Nelze načíst stránku FB a i jiné