VIRY.CZ

zdravím, po spuštění ntb dlouho trvá, než lze kliknout např. na prohlížeč a pak další dobu trvá než se spustí.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-06-2019
Ran by Client (03-07-2019 18:57:20)
Running from C:\Users\Client\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-02-02 11:10:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-944637591-687013849-2777917340-500 - Administrator - Disabled)
Client (S-1-5-21-944637591-687013849-2777917340-1000 - Administrator - Enabled) => C:\Users\Client
Guest (S-1-5-21-944637591-687013849-2777917340-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock Plus for IE (32-bit) (HKLM\...\{CBECBAA4-A9A1-48B6-88DC-5D5E800B0E52}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AuthenTec Fingerprint Software (HKLM\...\{83F136F0-2AE5-420C-A0B6-A440AD42591C}) (Version: 8.5.4.53 - Název společnosti:)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Balíček ovladače systému Windows - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/27/2009 4.2.0827.2009) (HKLM\...\F02860D720F53C6FCD75A013226E3E82F54FAB68) (Version: 08/27/2009 4.2.0827.2009 - Fujitsu America, Inc.)
Battery Utility (HKLM\...\{0294F00A-91AC-4FBF-BD14-0EE1583927AF}) (Version: 3.00.10.001 - Název společnosti:) Hidden
Battery Utility (HKLM\...\InstallShield_{0294F00A-91AC-4FBF-BD14-0EE1583927AF}) (Version: 3.00.10.001 - Název společnosti:)
Bluetooth Feature Pack 5.0 (HKLM\...\{0439D13F-C7CD-458A-90DE-44135CBD40B8}) (Version: 5.0.13 - CSR Plc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
FJ Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52008.0 - Sonix)
FUJITSU Battery Charging Control Update Tool (HKLM\...\{01A4BE67-357B-44C5-92F1-F543FB8643EF}) (Version: 2.0.2.0 - FUJITSU CLIENT COMPUTING LIMITED) Hidden
FUJITSU Battery Charging Control Utility (HKLM\...\InstallShield_{01A4BE67-357B-44C5-92F1-F543FB8643EF}) (Version: 2.0.2.0 - FUJITSU CLIENT COMPUTING LIMITED)
Fujitsu Button Utilities (HKLM\...\{207E8B60-07D2-4B7F-97FE-0DA448606861}) (Version: 7.02.0818.2009 - Fujitsu America, Incorporated)
Fujitsu Display Manager (HKLM\...\{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - Název společnosti:) Hidden
Fujitsu Display Manager (HKLM\...\InstallShield_{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - Název společnosti:)
Fujitsu Hotkey Utility (HKLM\...\{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu Hotkey Utility (HKLM\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (HKLM\...\{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Název společnosti:) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM\...\InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Název společnosti:)
Fujitsu System Extension Utility (HKLM\...\{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED)
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HappyFoto (HKLM\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM\...\{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM\...\InstallShield_{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
OZ711 SCR Driver (HKLM\...\{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro) Hidden
OZ711 SCR Driver (HKLM\...\InstallShield_{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pen Tablet (HKLM\...\Pen Tablet Driver) (Version: 5.1.1.11 - Wacom Technology Corp.)
Power Saving Utility (HKLM\...\{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.009 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM\...\InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.009 - FUJITSU LIMITED)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Security Panel (HKLM\...\InstallShield_{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Security Panel Application (HKLM\...\{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Security Panel Application for Supervisor (HKLM\...\{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Security Panel for Supervisor (HKLM\...\InstallShield_{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Shock Sensor Utility (HKLM\...\{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Název společnosti:) Hidden
Shock Sensor Utility (HKLM\...\InstallShield_{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Název společnosti:)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireless Selector (HKLM\...\{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED) Hidden
Wireless Selector (HKLM\...\InstallShield_{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Client\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Osoba 2 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2015-04-11 13:05 - 2012-02-17 20:55 - 000166912 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2015-02-03 15:45 - 2009-09-30 21:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2019-07-03 18:24 - 2019-07-03 18:44 - 000397312 _____ (ESET) [File not signed] c:\users\client\appdata\local\google\chrome\user data\swreporter\42.206.200.3\edls_32.dll
2009-08-17 22:08 - 2009-09-30 18:57 - 000069632 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjCuiSdk.dll
2009-08-18 21:37 - 2009-11-14 13:06 - 000024576 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
2009-08-18 21:38 - 2009-11-14 13:09 - 000020480 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\fjevents.exe
2015-02-02 14:06 - 2008-06-12 15:47 - 000057344 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjMnuIco.exe
2009-08-06 16:07 - 2009-11-16 01:29 - 000020480 _____ (Fujitsu Computer Systems) [File not signed] C:\Program Files\Fujitsu\Utils\FjLidMon.exe
2009-07-16 20:20 - 2009-10-12 13:48 - 000032768 _____ (Fujitsu PC Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjFBUCmn.dll
2015-02-03 15:45 - 2009-09-30 22:33 - 000262144 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2015-02-03 15:45 - 2009-09-30 21:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2015-02-03 15:45 - 2009-09-30 21:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2015-02-03 15:45 - 2009-09-30 22:34 - 002314240 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2010-10-19 15:21 - 2010-10-19 15:21 - 001269760 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
2010-10-19 15:06 - 2010-10-19 15:06 - 000487424 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
2010-10-31 04:52 - 2010-10-31 04:52 - 000043520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\FrWrkCSY.dll
2010-10-31 05:02 - 2010-10-31 05:02 - 000006656 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\WiTrCSY.dll
2010-10-19 15:03 - 2010-10-19 15:03 - 000655360 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2010-10-19 15:04 - 2010-10-19 15:04 - 000622592 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2010-10-19 15:04 - 2010-10-19 15:04 - 002285568 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2010-10-19 15:05 - 2010-10-19 15:05 - 000512000 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2010-10-19 15:07 - 2010-10-19 15:07 - 000503808 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2010-10-19 15:05 - 2010-10-19 15:05 - 000200704 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2010-10-31 04:58 - 2010-10-31 04:58 - 000106496 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\LangResources\CSY\PanTrCSY.dll
2010-10-19 15:17 - 2010-10-19 15:17 - 000876544 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2010-10-19 15:18 - 2010-10-19 15:18 - 000307200 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PanApi.dll
2010-10-19 15:10 - 2010-10-19 15:10 - 001626112 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2010-10-19 15:08 - 2010-10-19 15:08 - 000499712 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfQOSMgr.dll
2010-10-19 15:02 - 2010-10-19 15:02 - 000135168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2010-10-19 15:02 - 2010-10-19 15:02 - 000139264 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.dll
2010-10-19 15:16 - 2010-10-19 15:16 - 001146880 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2007-02-12 02:43 - 2007-02-12 02:43 - 000065536 _____ (O2Micro International) [File not signed] C:\Windows\system32\o2flash.exe
2010-10-19 14:39 - 2010-10-19 14:39 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2019-02-26 19:57 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-944637591-687013849-2777917340-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Client\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{47E232FA-1099-4017-A8F8-F447393319F5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C22701D-2520-4CCB-84D0-C5435539203B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{B350DF42-9C1E-4626-A848-BFD21B1FCB98}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D29DF108-2023-4486-B6BA-D742B352C94E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC480EAD-2853-4CB6-A610-62C1E49FEAC4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A674D906-7B82-42BE-9752-B5321AB33FC5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{814920D5-3853-4194-8FD3-34CA0A01FF5B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAC9AFBB-A13B-4787-9511-9F97F126FCD4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40DD0323-EA20-404A-9BF5-34DF63DED06A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54F2C6B2-3549-4CE2-818E-6270A9D06333}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

07-06-2019 20:07:04 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
19-06-2019 16:04:08 Naplánovaný kontrolní bod
20-06-2019 21:25:17 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2019 06:21:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device

Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device

Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device

Error: (07/03/2019 06:12:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/03/2019 06:09:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/24/2019 03:49:36 PM) (Source: FjLogEvt) (EventID: 52) (User: )
Description: FjLidMon.exe : Register: Unknown retc (1)

Error: (06/24/2019 03:36:25 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device


System errors:
=============
Error: (07/03/2019 06:12:42 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas. při pokusu o spuštění služby WSearch s argumenty za účelem spuštění serveru:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/03/2019 06:12:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/03/2019 06:12:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).

Error: (07/03/2019 06:10:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Server, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (07/03/2019 06:09:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Platforma WDF (Windows Driver Foundation) – platforma ovladače v uživatelském režimu byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (07/03/2019 06:09:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Automatická konfigurace sítě WLAN byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (07/03/2019 06:09:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Správce relací správce oken plochy byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (07/03/2019 06:09:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Klient služby Sledování distribuovaných odkazů byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2016-07-08 22:50:55.320
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C19C5084-5512-45AF-93A9-B8453F29E3BA}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

==================== Memory info ===========================

BIOS: FUJITSU // Phoenix Technologies Ltd. Version 1.19 11/29/2011
Motherboard: FUJITSU FJNB204
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 86%
Total physical RAM: 2995.5 MB
Available physical RAM: 394.06 MB
Total Virtual: 9137.87 MB
Available Virtual: 6302.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.05 GB) (Free:52.61 GB) NTFS

\\?\Volume{aa9b253a-aac9-11e4-9e65-806e6f6e6963}\ () (Fixed) (Total:1 GB) (Free:0.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 87C2420C)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-06-2019
Ran by Client (administrator) on CLIENT-PC (FUJITSU LIFEBOOK T900) (03-07-2019 19:01:59)
Running from C:\Users\Client\Desktop
Loaded Profiles: Client (Available Profiles: Client)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
(Cambridge Silicon Radio Ltd. -> CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjEvents.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\fjmnuico.exe
(Fujitsu Computer Systems) [File not signed] C:\Program Files\Fujitsu\Utils\FjLidMon.exe
(FUJITSU LIMITED -> ) C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\Client\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Client\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Client\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Client\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\snuvcdsm.exe
(Microsoft Windows Hardware Compatibility Publisher -> Sonix) C:\Windows\vsnp2uvc.exe
(O2Micro International) [File not signed] C:\Windows\System32\o2flash.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7703072 2009-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CSRSkype] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [346464 2009-08-20] (Cambridge Silicon Radio Ltd. -> CSR, plc)
HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [504160 2009-08-20] (Cambridge Silicon Radio Ltd. -> CSR, plc)
HKLM\...\Run: [ATSwpNav] => "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
HKLM\...\Run: [FJBATAID2] => C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe [107880 2009-10-16] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Sonix)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [24576 2009-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [] => [X]
HKLM\...\Run: [FjStrtAp] => C:\Program Files\Fujitsu\Utils\FjStrtAp.exe [20480 2009-10-12] (Fujitsu Computer Systems Corp.) [File not signed]
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1206544 2010-10-19] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-09-30] () [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-09] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [IndicatorUtility] => C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-06-16] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [144744 2009-07-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [SSUtility] => C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [193832 2007-12-14] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [128360 2009-07-23] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [226184 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [FUJ02B1_Apps] => C:\Program Files\Fujitsu\FUJ02B1\CheckBatteryPack.exe [380840 2018-09-13] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM\...\Run: [FUJ02E3_BatteryChargingControlUpdate] => C:\Program Files\Fujitsu\FUJ02E3_BatteryChargingControlUpdate\CheckBatteryFW.exe [433264 2019-04-09] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [FjBatteryLimitter] => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterRun.exe [361096 2018-11-21] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {627d7ffb-4de5-11e6-879f-002258c78025} - E:\autorun.exe
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {6bf6b3ea-8249-11e6-9711-002258c78025} - E:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {126CD0A5-905F-4F90-A365-AB8F5260195A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {33D9BBB1-89C6-4CB6-BBC9-0EE80BA7365C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {46B5CF64-C963-4C44-AC2B-C0F9A576EE5D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {515EBCAD-8055-4984-A474-2B3EAFDE1D5A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20166760 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {53EB5FD8-D0DC-404C-8FBE-7E0975463305} - System32\Tasks\Fujitsu\FjBatteryLimitter\Notify => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterNotify.exe [181904 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {54213060-202F-4A6D-A9BA-1AFCF68B0724} - System32\Tasks\Fujitsu\FjBatteryLimitter\Unlimit => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterBatu.exe [150160 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {5435DFE8-DCC1-45FD-B757-737BD8DF93E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {8300BA07-4E77-439D-B63B-2F5087D1B8BD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {83C58E82-6947-4613-81D9-74EE4342D989} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20166760 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {96A1248C-E37D-4644-BE02-8712896AF825} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-26] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9A84C94B-C692-423D-9CF0-6DDEA276FEAC} - System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Client\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SRW4P1E\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573[1].EXE" -d C:\Users\Client\Desktop
Task: {A34F728A-6025-43F7-B8B5-E23CBD418C79} - System32\Tasks\Fujitsu\FjBatteryLimitter\Limit => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterBatu.exe [150160 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {B1F00F6B-AB3F-407F-81B5-971B0D33A09C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6174E92-9CC9-4E2C-A640-50A3FF67851D} - System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => C:\Windows\system32\pcalua.exe -a "E:\notebook fujitsu t900\SMARTCARD_O2MICRO_V3.0.1.6D_WIN7_CA41534-5573.EXE" -d "E:\notebook fujitsu t900"
Task: {CB0CE3BD-325A-4350-BE18-B0107B61C1A8} - System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => C:\Windows\system32\pcalua.exe -a C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573\PROUnstl.exe -d C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573
Task: {CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {E210116B-F9B8-4EF1-80B2-E57503813C4B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2394504 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
Task: {EAAB0F48-3266-4E58-A0B0-9C38603A017D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {EF69E9FD-FEE4-4551-A21D-EFA3F32F6D07} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504376 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2BD29B8-AA0E-4985-B4CE-5CAD214B5125} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F874727D-7F51-42ED-934E-9F0391BF8CC7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1913648 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {FE577009-7166-4173-83A0-E22CF150E690} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-944637591-687013849-2777917340-1000] => 172.25.125.66:8080
AutoConfigURL: [S-1-5-21-944637591-687013849-2777917340-1000] => 172.25.125.66:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{767F1F43-85A0-45E8-B66F-2851A52C169C}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{FDA8B116-774B-4A30-8590-77568983CD84}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-944637591-687013849-2777917340-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00151-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=14275 ... 3ECHRH44FX"
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-27]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-27]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-29]
CHR Extension: (AdBlock) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-06]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-03]
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-07]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-05]
CHR Extension: (Avast SafePrice) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-05]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-07]
CHR Extension: (AdBlock) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-11]
CHR Extension: (Avast Online Security) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-11]
CHR Extension: (Adblock Super) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-07-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-11]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR Extension: (Chrome Media Router) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-05]
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-22]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-22]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5584416 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1819896 2009-11-19] (AuthenTec, Inc. -> AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [359864 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7314528 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [227600 2010-10-19] (Intel Corporation - Mobile Wireless Group -> )
R2 O2Flash; C:\Windows\system32\o2flash.exe [65536 2007-02-12] (O2Micro International) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [62824 2009-07-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62760 2008-10-09] (FUJITSU LIMITED -> )

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34488 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [173232 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225608 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171520 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56296 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139568 2019-06-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783024 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403680 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167360 2019-06-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312248 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 Fjbtndrv; C:\Windows\System32\DRIVERS\FjBtnDrv.sys [18816 2009-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Fujitsu America, Inc.)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [12776 2015-02-03] (FUJITSU LIMITED -> FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [25776 2018-09-13] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7122944 2010-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscr.sys [102560 2009-05-15] (O2Micro Inc. -> O2Micro)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3487104 2009-09-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WISDPen; C:\Windows\System32\DRIVERS\wisdpen.sys [36648 2009-08-24] (Wacom Technology Corp. -> Wacom Technology)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-03-2019
# Duration: 00:00:13
# OS: Windows 7 Professional
# Cleaned: 7
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\f62c78bcf98ee6f6ed29b0f63f66e8b2
Deleted HKCU\Software\Seznam.cz

***** [ Chromium (and derivatives) ] *****

Deleted DeadMouse

***** [ Chromium URLs ] *****

Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX
Deleted http://www.mystartsearch.com/?type=hp&t ... 3ECHRH44FX

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1902 octets] - [03/07/2019 19:59:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

http://leteckaposta.cz/894879914

NTB se zahřívá

Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-07-2019
Ran by Client (administrator) on CLIENT-PC (FUJITSU LIFEBOOK T900) (03-07-2019 21:09:47)
Running from C:\Users\Client\Desktop
Loaded Profiles: Client (Available Profiles: Client)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Cambridge Silicon Radio Ltd. -> CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
(Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjEvents.exe
(Fujitsu Computer Systems) [File not signed] C:\Program Files\Fujitsu\Utils\FjLidMon.exe
(FUJITSU LIMITED -> ) C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\snuvcdsm.exe
(Microsoft Windows Hardware Compatibility Publisher -> Sonix) C:\Windows\vsnp2uvc.exe
(O2Micro International) [File not signed] C:\Windows\System32\o2flash.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7703072 2009-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CSRSkype] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [346464 2009-08-20] (Cambridge Silicon Radio Ltd. -> CSR, plc)
HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [504160 2009-08-20] (Cambridge Silicon Radio Ltd. -> CSR, plc)
HKLM\...\Run: [ATSwpNav] => "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
HKLM\...\Run: [FJBATAID2] => C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe [107880 2009-10-16] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Sonix)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [24576 2009-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [] => [X]
HKLM\...\Run: [FjStrtAp] => C:\Program Files\Fujitsu\Utils\FjStrtAp.exe [20480 2009-10-12] (Fujitsu Computer Systems Corp.) [File not signed]
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1206544 2010-10-19] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-09-30] () [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-09] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [IndicatorUtility] => C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-06-16] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [144744 2009-07-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [SSUtility] => C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [193832 2007-12-14] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [128360 2009-07-23] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [226184 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [FUJ02B1_Apps] => C:\Program Files\Fujitsu\FUJ02B1\CheckBatteryPack.exe [380840 2018-09-13] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM\...\Run: [FUJ02E3_BatteryChargingControlUpdate] => C:\Program Files\Fujitsu\FUJ02E3_BatteryChargingControlUpdate\CheckBatteryFW.exe [433264 2019-04-09] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [FjBatteryLimitter] => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterRun.exe [361096 2018-11-21] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {627d7ffb-4de5-11e6-879f-002258c78025} - E:\autorun.exe
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {6bf6b3ea-8249-11e6-9711-002258c78025} - E:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {126CD0A5-905F-4F90-A365-AB8F5260195A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {33D9BBB1-89C6-4CB6-BBC9-0EE80BA7365C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {46B5CF64-C963-4C44-AC2B-C0F9A576EE5D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {515EBCAD-8055-4984-A474-2B3EAFDE1D5A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20166760 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {53EB5FD8-D0DC-404C-8FBE-7E0975463305} - System32\Tasks\Fujitsu\FjBatteryLimitter\Notify => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterNotify.exe [181904 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {54213060-202F-4A6D-A9BA-1AFCF68B0724} - System32\Tasks\Fujitsu\FjBatteryLimitter\Unlimit => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterBatu.exe [150160 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {5435DFE8-DCC1-45FD-B757-737BD8DF93E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4544064 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {8300BA07-4E77-439D-B63B-2F5087D1B8BD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {83C58E82-6947-4613-81D9-74EE4342D989} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20166760 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {96A1248C-E37D-4644-BE02-8712896AF825} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-26] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9A84C94B-C692-423D-9CF0-6DDEA276FEAC} - System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Client\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SRW4P1E\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573[1].EXE" -d C:\Users\Client\Desktop
Task: {A34F728A-6025-43F7-B8B5-E23CBD418C79} - System32\Tasks\Fujitsu\FjBatteryLimitter\Limit => C:\Program Files\Fujitsu\FjBatteryLimitter\FjBatteryLimitterBatu.exe [150160 2018-10-03] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
Task: {B1F00F6B-AB3F-407F-81B5-971B0D33A09C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6174E92-9CC9-4E2C-A640-50A3FF67851D} - System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => C:\Windows\system32\pcalua.exe -a "E:\notebook fujitsu t900\SMARTCARD_O2MICRO_V3.0.1.6D_WIN7_CA41534-5573.EXE" -d "E:\notebook fujitsu t900"
Task: {CB0CE3BD-325A-4350-BE18-B0107B61C1A8} - System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => C:\Windows\system32\pcalua.exe -a C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573\PROUnstl.exe -d C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573
Task: {CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {E210116B-F9B8-4EF1-80B2-E57503813C4B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2394504 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
Task: {EAAB0F48-3266-4E58-A0B0-9C38603A017D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {EF69E9FD-FEE4-4551-A21D-EFA3F32F6D07} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504376 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2BD29B8-AA0E-4985-B4CE-5CAD214B5125} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F874727D-7F51-42ED-934E-9F0391BF8CC7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1913648 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {FE577009-7166-4173-83A0-E22CF150E690} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Avast Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-944637591-687013849-2777917340-1000] => 172.25.125.66:8080
AutoConfigURL: [S-1-5-21-944637591-687013849-2777917340-1000] => 172.25.125.66:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{767F1F43-85A0-45E8-B66F-2851A52C169C}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{FDA8B116-774B-4A30-8590-77568983CD84}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-944637591-687013849-2777917340-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00151-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_151-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-27]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-27]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-29]
CHR Extension: (AdBlock) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-06]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-03]
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-07]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-05]
CHR Extension: (Avast SafePrice) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-05]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-07]
CHR Extension: (AdBlock) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-11]
CHR Extension: (Avast Online Security) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-02-11]
CHR Extension: (Adblock Super) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-07-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-11]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR Extension: (Chrome Media Router) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-05]
CHR Profile: C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-03]
CHR Extension: (Prezentace Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-22]
CHR Extension: (YouTube) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-22]
CHR Extension: (Tabulky Google) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Gmail) - C:\Users\Client\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5584416 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1819896 2009-11-19] (AuthenTec, Inc. -> AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [359864 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7314528 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [227600 2010-10-19] (Intel Corporation - Mobile Wireless Group -> )
R2 O2Flash; C:\Windows\system32\o2flash.exe [65536 2007-02-12] (O2Micro International) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [62824 2009-07-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62760 2008-10-09] (FUJITSU LIMITED -> )

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34488 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [173232 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225608 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171520 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56296 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139568 2019-06-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783024 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403680 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167360 2019-06-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312248 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 Fjbtndrv; C:\Windows\System32\DRIVERS\FjBtnDrv.sys [18816 2009-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Fujitsu America, Inc.)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [12776 2015-02-03] (FUJITSU LIMITED -> FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [25776 2018-09-13] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7122944 2010-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscr.sys [102560 2009-05-15] (O2Micro Inc. -> O2Micro)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3487104 2009-09-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WISDPen; C:\Windows\System32\DRIVERS\wisdpen.sys [36648 2009-08-24] (Wacom Technology Corp. -> Wacom Technology)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-03 21:09 - 2019-07-03 21:11 - 000028495 _____ C:\Users\Client\Desktop\FRST.txt
2019-07-03 21:09 - 2019-07-03 21:09 - 000000000 ____D C:\Users\Client\Desktop\FRST-OlderVersion
2019-07-03 19:57 - 2019-07-03 19:58 - 007025360 _____ (Malwarebytes) C:\Users\Client\Desktop\adwcleaner_7.3.exe
2019-07-03 18:50 - 2019-07-03 19:01 - 000000000 ____D C:\FRST
2019-07-03 18:47 - 2019-07-03 21:09 - 001772032 _____ (Farbar) C:\Users\Client\Desktop\FRST.exe
2019-06-19 12:14 - 2019-06-04 01:10 - 000751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-19 12:14 - 2019-06-04 01:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-19 12:14 - 2019-05-27 08:29 - 000348984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-19 12:14 - 2019-05-25 03:07 - 020275712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-19 12:14 - 2019-05-25 02:45 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-19 12:14 - 2019-05-25 02:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-06-19 12:14 - 2019-05-25 02:44 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-06-19 12:14 - 2019-05-25 02:42 - 002297344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-19 12:14 - 2019-05-25 02:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-06-19 12:14 - 2019-05-25 02:38 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-06-19 12:14 - 2019-05-25 02:37 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-06-19 12:14 - 2019-05-25 02:37 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-06-19 12:14 - 2019-05-25 02:36 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-06-19 12:14 - 2019-05-25 02:33 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-06-19 12:14 - 2019-05-25 02:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-06-19 12:14 - 2019-05-25 02:26 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-06-19 12:14 - 2019-05-25 02:26 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-06-19 12:14 - 2019-05-25 02:24 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-06-19 12:14 - 2019-05-25 02:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-06-19 12:14 - 2019-05-25 02:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-06-19 12:14 - 2019-05-25 02:22 - 004492800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-19 12:14 - 2019-05-25 02:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-06-19 12:14 - 2019-05-25 02:17 - 013706240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-19 12:14 - 2019-05-25 02:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-06-19 12:14 - 2019-05-25 02:15 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-19 12:14 - 2019-05-25 02:15 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-06-19 12:14 - 2019-05-25 02:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-19 12:14 - 2019-05-25 02:15 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-19 12:14 - 2019-05-25 02:02 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-19 12:14 - 2019-05-25 01:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-19 12:14 - 2019-05-25 01:59 - 001323008 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-19 12:14 - 2019-05-25 01:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-06-19 12:14 - 2019-05-25 01:56 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-06-19 12:14 - 2019-05-23 03:58 - 000628224 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-06-19 12:14 - 2019-05-23 03:58 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-06-19 12:14 - 2019-05-23 03:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-19 12:14 - 2019-05-23 02:31 - 001251840 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-19 12:14 - 2019-05-23 02:31 - 000910336 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-19 12:14 - 2019-05-17 20:14 - 000251112 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-06-19 12:14 - 2019-05-16 17:22 - 004057312 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-06-19 12:14 - 2019-05-16 17:22 - 003963624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-19 12:14 - 2019-05-16 17:21 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-06-19 12:14 - 2019-05-16 17:21 - 000135912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-06-19 12:14 - 2019-05-16 17:21 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-06-19 12:14 - 2019-05-16 17:19 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-19 12:14 - 2019-05-16 17:19 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-06-19 12:14 - 2019-05-16 17:18 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-19 12:14 - 2019-05-16 17:17 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-19 12:14 - 2019-05-16 17:02 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-19 12:14 - 2019-05-16 16:50 - 002406400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-19 12:14 - 2019-05-16 16:50 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-06-19 12:14 - 2019-05-16 16:47 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-06-19 12:14 - 2019-05-16 16:46 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-19 12:14 - 2019-05-16 16:45 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-06-19 12:14 - 2019-05-13 16:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2019-06-19 12:14 - 2019-05-13 16:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2019-06-19 12:14 - 2019-05-13 16:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2019-06-19 12:14 - 2019-05-13 16:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2019-06-19 12:14 - 2019-05-09 17:20 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-06-19 12:14 - 2019-05-09 17:20 - 000078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-06-19 12:14 - 2019-05-09 17:18 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-06-19 12:14 - 2019-05-09 17:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-06-19 12:14 - 2019-05-09 17:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-06-19 12:14 - 2019-05-09 17:13 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-06-19 12:14 - 2019-05-09 16:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-06-19 12:14 - 2019-04-30 03:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-19 12:14 - 2019-04-25 17:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-19 12:14 - 2019-04-24 17:20 - 001311464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-19 12:14 - 2019-04-24 17:20 - 000240864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-06-19 12:14 - 2019-04-24 17:19 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-19 12:14 - 2019-04-12 15:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-06-19 12:14 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-06-19 12:14 - 2019-04-09 17:17 - 002953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-06-19 12:14 - 2019-04-09 17:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-06-19 12:14 - 2019-04-09 17:05 - 002092032 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-19 12:14 - 2019-04-09 17:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-19 12:14 - 2019-04-09 17:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-06-19 12:13 - 2019-05-25 02:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-06-19 12:13 - 2019-05-25 02:55 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-06-19 12:13 - 2019-05-25 02:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-06-19 12:13 - 2019-05-25 02:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-06-19 12:13 - 2019-05-25 02:39 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-06-19 12:13 - 2019-05-25 02:37 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-06-19 12:13 - 2019-05-25 02:27 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-06-19 12:13 - 2019-05-23 03:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-06-19 12:13 - 2019-05-16 17:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-06-19 12:13 - 2019-05-16 17:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-06-19 12:13 - 2019-05-16 17:18 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-06-19 12:13 - 2019-05-16 16:53 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-06-19 12:13 - 2019-05-16 16:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-06-19 12:13 - 2019-05-16 16:53 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-06-19 12:13 - 2019-05-16 16:53 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-06-19 12:13 - 2019-05-16 16:53 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-06-19 12:13 - 2019-05-16 16:50 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-06-19 12:13 - 2019-05-16 16:49 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-06-19 12:13 - 2019-05-16 16:45 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-06-19 12:13 - 2019-05-16 16:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-06-19 12:13 - 2019-05-16 16:45 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-06-19 12:13 - 2019-05-16 16:45 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-06-19 12:13 - 2019-05-09 17:18 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-06-19 12:13 - 2019-05-09 17:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-06-19 12:13 - 2019-05-09 17:17 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-06-19 12:13 - 2019-05-09 17:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-06-19 12:13 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-06-19 12:13 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-06-19 12:13 - 2019-05-09 17:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-06-19 12:13 - 2019-05-09 17:02 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-06-19 12:13 - 2019-05-09 16:56 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-06-19 12:13 - 2019-05-09 16:48 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-06-19 12:13 - 2019-05-09 16:48 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-06-19 12:13 - 2019-05-09 16:48 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-06-19 12:13 - 2019-04-09 17:14 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-06-19 12:13 - 2019-04-09 17:05 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-06-19 12:13 - 2019-04-09 17:05 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-19 12:13 - 2019-04-09 17:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-06-19 12:13 - 2019-04-09 17:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-19 12:13 - 2019-04-09 17:05 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-06-07 20:16 - 2019-06-07 20:16 - 000001023 _____ C:\Users\Client\Desktop\DOMINIK – zástupce.lnk
2019-06-07 20:07 - 2019-06-07 20:07 - 000001163 _____ C:\Users\Public\Desktop\HappyFoto.lnk
2019-06-07 20:07 - 2019-06-07 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Happy Foto CZ
2019-06-07 20:06 - 2019-06-07 20:06 - 000000000 ____D C:\ProgramData\PhotoGenie X
2019-06-07 17:02 - 2019-06-07 17:10 - 338502528 _____ (Happy Foto CZ ) C:\Users\Client\Downloads\HappyFoto (2).exe
2019-06-04 20:29 - 2019-06-04 20:29 - 016920766 _____ C:\Users\Client\Downloads\pozvánka.pdf
2019-06-03 21:12 - 2019-06-03 21:12 - 000000342 ____H C:\Windows\Tasks\Avast Emergency Update.job

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-03 20:12 - 2009-07-14 06:34 - 000021408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-03 20:12 - 2009-07-14 06:34 - 000021408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-03 20:10 - 2015-04-12 15:42 - 000003540 _____ C:\Users\Client\AppData\Roaming\FjMenu1.XML
2019-07-03 20:03 - 2015-02-02 14:08 - 000000000 ____D C:\Users\Client\AppData\Roaming\WTablet
2019-07-03 20:02 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-03 19:59 - 2018-02-11 12:51 - 000000000 ____D C:\AdwCleaner
2019-07-03 18:39 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-07-03 18:21 - 2017-08-28 21:00 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-03 18:20 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-03 18:18 - 2017-08-28 20:48 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-03 18:08 - 2009-07-14 06:53 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-02 22:11 - 2015-03-28 16:06 - 000000000 ____D C:\Users\Client\AppData\LocalLow\Adblock Plus for IE
2019-06-24 17:57 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2019-06-24 15:41 - 2011-04-12 03:37 - 000668376 _____ C:\Windows\system32\perfh005.dat
2019-06-24 15:41 - 2011-04-12 03:37 - 000141004 _____ C:\Windows\system32\perfc005.dat
2019-06-24 15:41 - 2010-11-20 23:01 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-24 15:33 - 2009-07-14 06:33 - 000509904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-24 15:28 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\Dism
2019-06-20 21:37 - 2015-03-28 16:28 - 000000000 ____D C:\Windows\system32\MRT
2019-06-20 21:30 - 2015-03-28 16:28 - 132265168 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-20 17:50 - 2015-11-21 12:30 - 000139568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-20 11:01 - 2015-02-04 22:11 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 12:24 - 2019-02-28 12:34 - 000002119 _____ C:\Users\Client\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-06-19 12:24 - 2017-08-28 21:06 - 000000000 ___RD C:\Users\Client\OneDrive
2019-06-19 12:13 - 2015-11-21 12:30 - 000167360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-19 12:09 - 2016-07-30 12:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-07 17:06 - 2017-01-29 23:06 - 000000000 ____D C:\Program Files\HappyFoto-Designer
2019-06-06 17:52 - 2019-05-21 19:15 - 000000000 ____D C:\Program Files\Happy Foto CZ

==================== Files in the root of some directories ================

2018-12-29 21:23 - 2018-12-29 21:23 - 007895040 _____ () C:\Program Files\GUT538E.tmp
2015-04-12 15:42 - 2019-07-03 20:10 - 000003540 _____ () C:\Users\Client\AppData\Roaming\FjMenu1.XML

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-24 16:36
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-07-2019
Ran by Client (03-07-2019 21:12:05)
Running from C:\Users\Client\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-02-02 11:10:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-944637591-687013849-2777917340-500 - Administrator - Disabled)
Client (S-1-5-21-944637591-687013849-2777917340-1000 - Administrator - Enabled) => C:\Users\Client
Guest (S-1-5-21-944637591-687013849-2777917340-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock Plus for IE (32-bit) (HKLM\...\{CBECBAA4-A9A1-48B6-88DC-5D5E800B0E52}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AuthenTec Fingerprint Software (HKLM\...\{83F136F0-2AE5-420C-A0B6-A440AD42591C}) (Version: 8.5.4.53 - Název společnosti:)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Balíček ovladače systému Windows - Fujitsu America, Inc. (FjBtnDrv) HIDClass (08/27/2009 4.2.0827.2009) (HKLM\...\F02860D720F53C6FCD75A013226E3E82F54FAB68) (Version: 08/27/2009 4.2.0827.2009 - Fujitsu America, Inc.)
Battery Utility (HKLM\...\{0294F00A-91AC-4FBF-BD14-0EE1583927AF}) (Version: 3.00.10.001 - Název společnosti:) Hidden
Battery Utility (HKLM\...\InstallShield_{0294F00A-91AC-4FBF-BD14-0EE1583927AF}) (Version: 3.00.10.001 - Název společnosti:)
Bluetooth Feature Pack 5.0 (HKLM\...\{0439D13F-C7CD-458A-90DE-44135CBD40B8}) (Version: 5.0.13 - CSR Plc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
FJ Camera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52008.0 - Sonix)
FUJITSU Battery Charging Control Update Tool (HKLM\...\{01A4BE67-357B-44C5-92F1-F543FB8643EF}) (Version: 2.0.2.0 - FUJITSU CLIENT COMPUTING LIMITED) Hidden
FUJITSU Battery Charging Control Utility (HKLM\...\InstallShield_{01A4BE67-357B-44C5-92F1-F543FB8643EF}) (Version: 2.0.2.0 - FUJITSU CLIENT COMPUTING LIMITED)
Fujitsu Button Utilities (HKLM\...\{207E8B60-07D2-4B7F-97FE-0DA448606861}) (Version: 7.02.0818.2009 - Fujitsu America, Incorporated)
Fujitsu Display Manager (HKLM\...\{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - Název společnosti:) Hidden
Fujitsu Display Manager (HKLM\...\InstallShield_{2BDE2BF2-AD90-4191-B3C8-D0046CE54916}) (Version: 7.00.20.203 - Název společnosti:)
Fujitsu Hotkey Utility (HKLM\...\{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu Hotkey Utility (HKLM\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (HKLM\...\{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Název společnosti:) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM\...\InstallShield_{191C41F6-4BA8-4D3D-BBC5-AAC8F3077E3F}) (Version: 3.00.00.000 - Název společnosti:)
Fujitsu System Extension Utility (HKLM\...\{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.1.0.0 - FUJITSU LIMITED)
Google Chrome (HKLM\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HappyFoto (HKLM\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM\...\{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM\...\InstallShield_{469ED3E8-D21E-40E8-B00F-63516D26FAE3}) (Version: 3.00.0006 - O2Micro International LTD.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
OZ711 SCR Driver (HKLM\...\{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro) Hidden
OZ711 SCR Driver (HKLM\...\InstallShield_{5C3EA21C-22C0-4A44-BE58-D8CBB2F2B6B2}) (Version: 3.0.1.6D - O2Micro)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pen Tablet (HKLM\...\Pen Tablet Driver) (Version: 5.1.1.11 - Wacom Technology Corp.)
Power Saving Utility (HKLM\...\{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.009 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM\...\InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version: 31.00.11.009 - FUJITSU LIMITED)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Security Panel (HKLM\...\InstallShield_{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Security Panel Application (HKLM\...\{45CA9B23-5EF8-43AA-9851-E9E062BF0147}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Security Panel Application for Supervisor (HKLM\...\{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Security Panel for Supervisor (HKLM\...\InstallShield_{17F82182-0E3D-4A14-8843-5ECBFAF4F12F}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Shock Sensor Utility (HKLM\...\{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Název společnosti:) Hidden
Shock Sensor Utility (HKLM\...\InstallShield_{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}) (Version: 4.00.01.000 - Název společnosti:)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireless Selector (HKLM\...\{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED) Hidden
Wireless Selector (HKLM\...\InstallShield_{51202133-E0F9-4314-ACA4-AACBA46A6C69}) (Version: 4.00.00.100 - FUJITSU LIMITED)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Client\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Osoba 2 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2015-02-03 15:45 - 2009-09-30 21:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2009-08-17 22:08 - 2009-09-30 18:57 - 000069632 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjCuiSdk.dll
2009-08-18 21:37 - 2009-11-14 13:06 - 000024576 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjDspMon.exe
2009-08-18 21:38 - 2009-11-14 13:09 - 000020480 _____ (Fujitsu Computer Systems Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\fjevents.exe
2009-08-06 16:07 - 2009-11-16 01:29 - 000020480 _____ (Fujitsu Computer Systems) [File not signed] C:\Program Files\Fujitsu\Utils\FjLidMon.exe
2009-07-16 20:20 - 2009-10-12 13:48 - 000032768 _____ (Fujitsu PC Corporation) [File not signed] C:\Program Files\Fujitsu\Utils\FjFBUCmn.dll
2015-02-03 15:45 - 2009-09-30 22:33 - 000262144 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2015-02-03 15:45 - 2009-09-30 21:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2015-02-03 15:45 - 2009-09-30 21:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2015-02-03 15:45 - 2009-09-30 22:34 - 002314240 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2010-10-19 15:21 - 2010-10-19 15:21 - 001269760 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
2010-10-19 15:06 - 2010-10-19 15:06 - 000487424 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
2010-10-31 04:52 - 2010-10-31 04:52 - 000043520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\FrWrkCSY.dll
2010-10-31 05:02 - 2010-10-31 05:02 - 000006656 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CSY\WiTrCSY.dll
2010-10-19 15:03 - 2010-10-19 15:03 - 000655360 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2010-10-19 15:04 - 2010-10-19 15:04 - 000622592 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2010-10-19 15:04 - 2010-10-19 15:04 - 002285568 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2010-10-19 15:05 - 2010-10-19 15:05 - 000512000 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2010-10-19 15:07 - 2010-10-19 15:07 - 000503808 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2010-10-19 15:05 - 2010-10-19 15:05 - 000200704 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2010-10-31 04:58 - 2010-10-31 04:58 - 000106496 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\LangResources\CSY\PanTrCSY.dll
2010-10-19 15:17 - 2010-10-19 15:17 - 000876544 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2010-10-19 15:18 - 2010-10-19 15:18 - 000307200 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PanApi.dll
2010-10-19 15:10 - 2010-10-19 15:10 - 001626112 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2010-10-19 15:08 - 2010-10-19 15:08 - 000499712 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfQOSMgr.dll
2010-10-19 15:02 - 2010-10-19 15:02 - 000135168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2010-10-19 15:02 - 2010-10-19 15:02 - 000139264 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.dll
2010-10-19 15:16 - 2010-10-19 15:16 - 001146880 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2007-02-12 02:43 - 2007-02-12 02:43 - 000065536 _____ (O2Micro International) [File not signed] C:\Windows\system32\o2flash.exe
2010-10-19 14:39 - 2010-10-19 14:39 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2019-02-26 19:57 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-944637591-687013849-2777917340-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Client\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{47E232FA-1099-4017-A8F8-F447393319F5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C22701D-2520-4CCB-84D0-C5435539203B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{B350DF42-9C1E-4626-A848-BFD21B1FCB98}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D29DF108-2023-4486-B6BA-D742B352C94E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC480EAD-2853-4CB6-A610-62C1E49FEAC4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A674D906-7B82-42BE-9752-B5321AB33FC5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{814920D5-3853-4194-8FD3-34CA0A01FF5B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAC9AFBB-A13B-4787-9511-9F97F126FCD4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40DD0323-EA20-404A-9BF5-34DF63DED06A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54F2C6B2-3549-4CE2-818E-6270A9D06333}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

07-06-2019 20:07:04 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
19-06-2019 16:04:08 Naplánovaný kontrolní bod
20-06-2019 21:25:17 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2019 08:03:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/03/2019 08:03:04 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device

Error: (07/03/2019 08:03:04 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device

Error: (07/03/2019 08:03:04 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device

Error: (07/03/2019 07:03:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST.exe verze 30.6.2019.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 187c

Čas spuštění: 01d531bf712d2f1c

Čas ukončení: 62

Cesta k aplikaci: C:\Users\Client\Desktop\FRST.exe

ID hlášení:

Error: (07/03/2019 06:21:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device

Error: (07/03/2019 06:12:20 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device


System errors:
=============
Error: (07/03/2019 08:01:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (07/03/2019 08:01:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (07/03/2019 08:01:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (07/03/2019 08:00:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (07/03/2019 08:00:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/03/2019 08:00:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AuthenTec Fingerprint Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/03/2019 08:00:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/03/2019 08:00:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management & Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2016-07-08 22:50:55.320
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C19C5084-5512-45AF-93A9-B8453F29E3BA}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

==================== Memory info ===========================

BIOS: FUJITSU // Phoenix Technologies Ltd. Version 1.19 11/29/2011
Motherboard: FUJITSU FJNB204
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 66%
Total physical RAM: 2995.5 MB
Available physical RAM: 1017.96 MB
Total Virtual: 9137.87 MB
Available Virtual: 6894.62 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.05 GB) (Free:52.42 GB) NTFS

\\?\Volume{aa9b253a-aac9-11e4-9e65-806e6f6e6963}\ () (Fixed) (Total:1 GB) (Free:0.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 87C2420C)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {627d7ffb-4de5-11e6-879f-002258c78025} - E:\autorun.exe
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {6bf6b3ea-8249-11e6-9711-002258c78025} - E:\HiSuiteDownLoader.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {9A84C94B-C692-423D-9CF0-6DDEA276FEAC} - System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Client\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SRW4P1E\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573[1].EXE" -d C:\Users\Client\Desktop
Task: {C6174E92-9CC9-4E2C-A640-50A3FF67851D} - System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => C:\Windows\system32\pcalua.exe -a "E:\notebook fujitsu t900\SMARTCARD_O2MICRO_V3.0.1.6D_WIN7_CA41534-5573.EXE" -d "E:\notebook fujitsu t900"
Task: {CB0CE3BD-325A-4350-BE18-B0107B61C1A8} - System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => C:\Windows\system32\pcalua.exe -a C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573\PROUnstl.exe -d C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573
Task: {CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {FE577009-7166-4173-83A0-E22CF150E690} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Program Files\GUT538E.tmp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x86) Version: 03-07-2019
Ran by Client (03-07-2019 22:20:53) Run:1
Running from C:\Users\Client\Desktop
Loaded Profiles: Client (Available Profiles: Client)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {627d7ffb-4de5-11e6-879f-002258c78025} - E:\autorun.exe
HKU\S-1-5-21-944637591-687013849-2777917340-1000\...\MountPoints2: {6bf6b3ea-8249-11e6-9711-002258c78025} - E:\HiSuiteDownLoader.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {9A84C94B-C692-423D-9CF0-6DDEA276FEAC} - System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Client\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SRW4P1E\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573[1].EXE" -d C:\Users\Client\Desktop
Task: {C6174E92-9CC9-4E2C-A640-50A3FF67851D} - System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => C:\Windows\system32\pcalua.exe -a "E:\notebook fujitsu t900\SMARTCARD_O2MICRO_V3.0.1.6D_WIN7_CA41534-5573.EXE" -d "E:\notebook fujitsu t900"
Task: {CB0CE3BD-325A-4350-BE18-B0107B61C1A8} - System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => C:\Windows\system32\pcalua.exe -a C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573\PROUnstl.exe -d C:\Drivers\LAN_INTELGbe_V11.2.19.0_WIN7_CA41534-5573
Task: {CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {FE577009-7166-4173-83A0-E22CF150E690} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Program Files\GUT538E.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-944637591-687013849-2777917340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{627d7ffb-4de5-11e6-879f-002258c78025} => removed successfully.
HKLM\Software\Classes\CLSID\{627d7ffb-4de5-11e6-879f-002258c78025} => not found
HKU\S-1-5-21-944637591-687013849-2777917340-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6bf6b3ea-8249-11e6-9711-002258c78025} => removed successfully.
HKLM\Software\Classes\CLSID\{6bf6b3ea-8249-11e6-9711-002258c78025} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A84C94B-C692-423D-9CF0-6DDEA276FEAC}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A84C94B-C692-423D-9CF0-6DDEA276FEAC}" => removed successfully.
C:\Windows\System32\Tasks\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2FFDDAB8-37AE-4193-AED4-5D04DA7C141F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6174E92-9CC9-4E2C-A640-50A3FF67851D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6174E92-9CC9-4E2C-A640-50A3FF67851D}" => removed successfully.
C:\Windows\System32\Tasks\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F111F4F3-A365-41D7-93BE-EFBB7C8DEF69}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB0CE3BD-325A-4350-BE18-B0107B61C1A8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB0CE3BD-325A-4350-BE18-B0107B61C1A8}" => removed successfully.
C:\Windows\System32\Tasks\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BCAD7E9D-B664-4CDB-A6D3-02E72F3495FF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCE29149-5B75-4F9D-90CA-C9B3DE43EAF9}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE577009-7166-4173-83A0-E22CF150E690}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE577009-7166-4173-83A0-E22CF150E690}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
C:\Program Files\GUT538E.tmp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4119395 B
Java, Flash, Steam htmlcache => 1155 B
Windows/system/drivers => 4770949 B
Edge => 0 B
Chrome => 25752876 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83565 B
LocalService => 66228 B
NetworkService => 2007040 B
Client => 6864054 B

RecycleBin => 146729 B
EmptyTemp: => 49.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:21:15 ====

OK. Nastala nějaká změna?

o moc lepší mi to nepřijde. Je spuštěný pouze chrome a procesor při každém vyhledávání je vytížený kolem 60% a fyzická paměť je stále na nějakých 60-70 %.

Koukněte do správce úloh a zjistěte, který proces nejvíce CPU a paměť zatěžuje.

http://leteckaposta.cz/972637005

nejvíce právě ten chrome

Zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Client on źt 04.07.2019 at 19:25:16,94.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Client\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

4.7.2019 19:28:43 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\Drogerie TETA deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~2\CorelDRAW Graphics Suite X7 deleted successfully
C:\Users\Client\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Client\AppData\Local\EmieSiteList deleted successfully
C:\Users\Client\AppData\Local\EmieUserList deleted successfully
C:\Users\Client\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\Drogerie TETA not found
C:\Program Files\DeadMouse deleted
C:\PROGRA~2\{7b233f3e-d305-4bc8-7b23-33f3ed30fcfb} deleted
C:\PROGRA~2\{fb433786-960a-560a-fb43-33786960de1a} deleted
C:\Program Files\GUM538D.tmp deleted
C:\PROGRA~2\Package Cache deleted

==== Firefox XPI-files found: ======================


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x86
Ran by Client (Administrator) on źt 04.07.2019 at 20:35:32,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 04.07.2019 at 20:39:59,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Tady OK. A Zoek?