Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

JS:Miner-BL

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
djmalda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 06 srp 2012 18:24

JS:Miner-BL

#1 Příspěvek od djmalda »

Zdravím, týden zpět mi Avast začal hlásit virus JS:Miner-BL xmr.omine.org (nejspíše k těžbě kryptoměn). Od té doby se výrazně zpomalil prohlížeč Chrome + dochází k občasnému blokování webových stránek, které se tváří jako nezabezpečené.

Děkuji za kontrolu logu.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by Sport95 (administrator) on DESKTOP-IKF77LA (Dell Inc. OptiPlex 9020) (09-07-2019 15:25:04)
Running from C:\Users\Sport95\Desktop
Loaded Profiles: Sport95 (Available Profiles: Sport95)
Platform: Windows 10 Pro Version 1803 17134.829 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CodeSigning for The Apache Software Foundation -> Apache Software Foundation) C:\Program Files (x86)\Bosch DiagnosticTool\prunsrv\prunsrv.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Sport95\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\Temp\0849DBFD-E823-4558-9C8E-E0C95DD0E944\DismHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.760_none_eaef1a361d71e348\TiWorker.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Robert Bosch GmbH) [File not signed] C:\Program Files (x86)\Bosch DiagnosticTool\BoschDevNodeCleanService64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8830744 2016-11-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1437976 2016-11-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2787560334-3957436090-95931901-1004\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46993264 2019-06-27] (Google LLC -> )
HKU\S-1-5-21-2787560334-3957436090-95931901-1004\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2787560334-3957436090-95931901-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2787560334-3957436090-95931901-1004\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Sport95\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2787560334-3957436090-95931901-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Sport95\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2787560334-3957436090-95931901-1004\...\RunOnce: [Uninstall 19.086.0502.0006\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sport95\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\amd64"
HKU\S-1-5-21-2787560334-3957436090-95931901-1004\...\RunOnce: [Uninstall 19.086.0502.0006] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sport95\AppData\Local\Microsoft\OneDrive\19.086.0502.0006"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-19] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {217773EE-3F35-41D7-9951-414C1A075B61} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152104 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {23AF1E3C-BC68-4779-A8B7-553D9D44E4DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-22] (Google Inc -> Google Inc.)
Task: {3BFA9BB7-8C5F-4539-A644-7759A180912E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6441536 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FCF3851-78BD-4F0F-AE44-65525325A525} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D183546-7F10-451B-856B-A112495E2C97} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-IKF77LA-Sport95 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {65651E4F-4FEE-48D9-AC12-37A98AF05B19} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {74A0BEF5-58FF-4584-988C-0E269967A2A9} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-IKF77LA-Sport95 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7E6E9D77-994C-45A6-82BC-240871A4A79D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {8963BD50-8C27-48D5-8348-990D72F1818F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152104 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BDE04D7-ACA8-49D4-BF38-0136490AFC74} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E547C19-BEB6-4D42-921D-CBA1554B22B1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A60FC6EE-ACAB-4A51-A4C9-4F119542FE85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A97EB010-D5F7-4F5E-A528-735A78E81750} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-22] (Google Inc -> Google Inc.)
Task: {B7C037F3-E859-466C-83F6-4BBEAD4D68B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6441536 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA092D20-4FED-4654-B435-88FE96A30224} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {CCBABC4E-051A-4119-96AE-C820DDF9DB47} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
Task: {ECF41053-81F1-4E6E-9EBF-E1206938D225} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-07-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 8.8.8.8
Tcpip\..\Interfaces\{88838247-7e3f-48eb-8e29-096f4a0751b2}: [DhcpNameServer] 192.168.2.1 8.8.8.8

Internet Explorer:
==================
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-17] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://admin.sport95.cz/orders/listing","hxxps://www.smartsupp.com/app/dashboard/","hxxp ... port95.cz/"
CHR Profile: C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default [2019-07-09]
CHR Extension: (Prezentace) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-22]
CHR Extension: (Dokumenty) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-22]
CHR Extension: (Disk Google) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-22]
CHR Extension: (YouTube) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-22]
CHR Extension: (uBlock) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2019-07-03]
CHR Extension: (Tabulky) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-22]
CHR Extension: (AdBlock) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-07-08]
CHR Extension: (Avast Online Security) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-02]
CHR Extension: (Chrome Cleaner) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbpddeimojmbpkbfckjpnbpehgnbpnnl [2019-07-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-22]
CHR Extension: (Gmail) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
CHR Profile: C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-02]
CHR Profile: C:\Users\Sport95\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-02]
CHR HKU\S-1-5-21-2787560334-3957436090-95931901-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 BoschDevNodeService; C:\Program Files (x86)\Bosch DiagnosticTool\BoschDevNodeCleanService64.exe [350720 2018-10-18] (Robert Bosch GmbH) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373728 2017-11-16] (Intel(R) pGFX -> Intel Corporation)
R2 LockService; C:\Program Files (x86)\Bosch DiagnosticTool\prunsrv\prunsrv.exe [86656 2018-10-18] (CodeSigning for The Apache Software Foundation -> Apache Software Foundation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11786992 2018-11-14] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-05-25] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-05-25] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [168104 2019-06-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225600 2019-06-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2687520 2016-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-02] (Malwarebytes Corporation -> Malwarebytes)
S3 Ser2pl; C:\Windows\system32\DRIVERS\ser2pl64.sys [182784 2015-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46072 2018-05-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [313888 2018-05-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61472 2018-05-25] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-09 15:25 - 2019-07-09 15:25 - 000028128 _____ C:\Users\Sport95\Desktop\FRST.txt
2019-07-09 15:23 - 2019-07-09 15:25 - 000000000 ____D C:\FRST
2019-07-09 15:23 - 2019-07-09 15:23 - 002420224 _____ (Farbar) C:\Users\Sport95\Desktop\FRST64.exe
2019-07-09 13:08 - 2019-07-09 13:08 - 000116431 _____ C:\Users\Sport95\Downloads\formular (15).pdf
2019-07-09 11:29 - 2019-07-09 11:29 - 000037014 _____ C:\Users\Sport95\Downloads\invoice_4091533343.pdf
2019-07-09 10:31 - 2019-07-09 10:31 - 000077765 _____ C:\Users\Sport95\Downloads\output (57).pdf
2019-07-09 10:27 - 2019-07-09 10:27 - 000153980 _____ C:\Users\Sport95\Downloads\formular (14).pdf
2019-07-09 09:56 - 2019-07-09 09:56 - 000027389 _____ C:\Users\Sport95\Downloads\FV1910106139.pdf
2019-07-09 09:55 - 2019-07-09 09:55 - 000023326 _____ C:\Users\Sport95\Downloads\OP191006421.pdf
2019-07-08 12:49 - 2019-07-08 12:49 - 000064471 _____ C:\Users\Sport95\Downloads\output (56).pdf
2019-07-08 12:41 - 2019-07-08 12:41 - 000064793 _____ C:\Users\Sport95\Downloads\output (55).pdf
2019-07-04 08:08 - 2019-07-04 08:08 - 000002541 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk
2019-07-04 08:08 - 2019-07-04 08:08 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2019-07-04 08:08 - 2019-07-04 08:08 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2019-07-04 08:08 - 2019-07-04 08:08 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2019-07-04 08:08 - 2019-07-04 08:08 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2019-07-04 08:08 - 2019-07-04 08:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2019-07-03 17:14 - 2019-07-03 17:14 - 001663032 _____ C:\Users\Sport95\Downloads\winbox.exe
2019-07-03 17:14 - 2019-07-03 17:14 - 000000000 ____D C:\Users\Sport95\AppData\Roaming\Mikrotik
2019-07-03 14:59 - 2019-07-03 14:59 - 000121379 _____ C:\Users\Sport95\Downloads\formular (13).pdf
2019-07-03 14:22 - 2019-07-03 14:22 - 000024310 _____ C:\Users\Sport95\Downloads\output (54).pdf
2019-07-03 12:19 - 2019-07-03 12:19 - 000149210 _____ C:\Users\Sport95\Downloads\output (53).pdf
2019-07-02 15:44 - 2019-07-02 15:44 - 000023691 _____ C:\Users\Sport95\Downloads\output (52).pdf
2019-07-02 14:34 - 2019-07-02 14:34 - 000064595 _____ C:\Users\Sport95\Downloads\output (51).pdf
2019-07-02 12:30 - 2019-07-02 12:30 - 000062912 _____ C:\Users\Sport95\Downloads\output (50).pdf
2019-07-02 12:21 - 2019-07-02 12:21 - 000064540 _____ C:\Users\Sport95\Downloads\output (49).pdf
2019-07-02 10:17 - 2019-07-02 10:17 - 000091822 _____ C:\Users\Sport95\Downloads\output (48).pdf
2019-07-02 10:09 - 2019-07-02 10:09 - 000089448 _____ C:\Users\Sport95\Downloads\FA-2019-132-003854_1329003854.pdf
2019-07-02 09:37 - 2019-07-02 09:37 - 000000000 ____D C:\Users\Sport95\AppData\Local\mbam
2019-07-02 09:36 - 2019-07-02 09:36 - 064333800 _____ (Malwarebytes ) C:\Users\Sport95\Downloads\mb3-setup-37469.37469-3.8.3.2965-1.0.613-1.0.11270 (1).exe
2019-07-02 09:36 - 2019-07-02 09:36 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-02 09:36 - 2019-07-02 09:36 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-02 09:36 - 2019-07-02 09:36 - 000000000 ____D C:\Users\Sport95\AppData\Local\mbamtray
2019-07-02 09:36 - 2019-07-02 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-02 09:36 - 2019-07-02 09:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-02 09:36 - 2019-07-02 09:36 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-02 09:36 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-07-02 09:36 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-02 09:35 - 2019-07-02 09:36 - 064333800 _____ (Malwarebytes ) C:\Users\Sport95\Downloads\mb3-setup-37469.37469-3.8.3.2965-1.0.613-1.0.11270.exe
2019-07-02 09:34 - 2019-07-02 09:34 - 000060974 _____ C:\Users\Sport95\Documents\cc_20190702_093436.reg
2019-07-02 09:24 - 2019-07-02 09:24 - 000064692 _____ C:\Users\Sport95\Downloads\output (47).pdf
2019-07-02 09:08 - 2019-07-08 11:22 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-02 09:08 - 2019-07-02 09:08 - 000002892 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-07-02 09:08 - 2019-07-02 09:08 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-02 09:08 - 2019-07-02 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-07-02 09:08 - 2019-07-02 09:08 - 000000000 ____D C:\Program Files\CCleaner
2019-07-02 09:07 - 2019-07-02 09:07 - 020650160 _____ (Piriform Software Ltd) C:\Users\Sport95\Downloads\ccsetup559.exe
2019-07-01 09:56 - 2019-07-01 09:56 - 000151753 _____ C:\Users\Sport95\Downloads\formular (12).pdf
2019-07-01 09:55 - 2019-07-01 09:55 - 000078695 _____ C:\Users\Sport95\Downloads\output (46).pdf
2019-06-28 13:46 - 2019-06-28 13:46 - 000119217 _____ C:\Users\Sport95\Downloads\formular (11).pdf
2019-06-28 12:40 - 2019-06-28 12:40 - 000063315 _____ C:\Users\Sport95\Downloads\output (45).pdf
2019-06-28 11:54 - 2019-06-28 11:54 - 000065163 _____ C:\Users\Sport95\Downloads\output (44).pdf
2019-06-28 11:22 - 2019-06-28 11:22 - 000065053 _____ C:\Users\Sport95\Downloads\output (43).pdf
2019-06-28 09:45 - 2019-06-28 09:45 - 000080141 _____ C:\Users\Sport95\Downloads\output (42).pdf
2019-06-27 14:48 - 2019-06-27 14:48 - 000089348 _____ C:\Users\Sport95\Downloads\FA-2019-132-003779_1329003779.pdf
2019-06-27 14:46 - 2019-06-27 14:46 - 000089553 _____ C:\Users\Sport95\Downloads\FA-2019-200-000022_2009000022.pdf
2019-06-27 14:44 - 2019-06-27 14:44 - 000089608 _____ C:\Users\Sport95\Downloads\FA-2019-132-003652_1329003652.pdf
2019-06-27 14:37 - 2019-06-27 14:37 - 000023012 _____ C:\Users\Sport95\Downloads\output (41).pdf
2019-06-27 13:06 - 2019-06-27 13:06 - 000064559 _____ C:\Users\Sport95\Downloads\output (40).pdf
2019-06-27 10:20 - 2019-06-27 10:20 - 000062718 _____ C:\Users\Sport95\Downloads\output (39).pdf
2019-06-27 10:00 - 2019-06-27 10:00 - 000064147 _____ C:\Users\Sport95\Downloads\output (38).pdf
2019-06-26 13:23 - 2019-06-26 13:23 - 000022619 _____ C:\Users\Sport95\Downloads\output (37).pdf
2019-06-26 12:02 - 2019-06-26 12:02 - 000063661 _____ C:\Users\Sport95\Downloads\output (36).pdf
2019-06-25 15:24 - 2019-06-25 15:24 - 000023703 _____ C:\Users\Sport95\Downloads\output (35).pdf
2019-06-25 10:51 - 2019-06-25 10:51 - 000064465 _____ C:\Users\Sport95\Downloads\output (34).pdf
2019-06-25 10:21 - 2019-06-25 10:21 - 000063257 _____ C:\Users\Sport95\Downloads\output (33).pdf
2019-06-25 10:15 - 2019-06-25 10:15 - 000064189 _____ C:\Users\Sport95\Downloads\output (32).pdf
2019-06-25 10:05 - 2019-06-25 10:05 - 000064204 _____ C:\Users\Sport95\Downloads\output (31).pdf
2019-06-24 13:12 - 2019-06-24 13:12 - 000023729 _____ C:\Users\Sport95\Downloads\output (30).pdf
2019-06-24 12:12 - 2019-06-24 12:12 - 000063553 _____ C:\Users\Sport95\Downloads\output (29).pdf
2019-06-24 11:33 - 2019-06-24 11:33 - 000065159 _____ C:\Users\Sport95\Downloads\output (28).pdf
2019-06-24 11:19 - 2019-06-24 11:19 - 000123461 _____ C:\Users\Sport95\Downloads\formular (10).pdf
2019-06-24 10:37 - 2019-06-24 10:37 - 000090262 _____ C:\Users\Sport95\Downloads\output (27).pdf
2019-06-24 09:31 - 2019-06-24 09:31 - 000151923 _____ C:\Users\Sport95\Downloads\formular (9).pdf
2019-06-21 13:28 - 2019-06-21 13:28 - 000009317 _____ C:\Users\Sport95\Downloads\output (26).pdf
2019-06-21 12:19 - 2019-06-21 12:19 - 000007675 _____ C:\Users\Sport95\Downloads\output (25).pdf
2019-06-20 13:58 - 2019-06-20 13:58 - 000009493 _____ C:\Users\Sport95\Downloads\output (24).pdf
2019-06-20 11:28 - 2019-06-20 11:28 - 001159537 _____ C:\Users\Sport95\Downloads\Haibike_eConnect_Schnellstartanleitung.pdf
2019-06-20 10:33 - 2019-06-20 10:33 - 000009364 _____ C:\Users\Sport95\Downloads\output (23).pdf
2019-06-20 10:28 - 2019-06-20 10:28 - 000150361 _____ C:\Users\Sport95\Downloads\formular (8).pdf
2019-06-19 15:19 - 2019-06-19 15:19 - 000023485 _____ C:\Users\Sport95\Downloads\output (22).pdf
2019-06-19 12:11 - 2019-06-19 12:11 - 000008914 _____ C:\Users\Sport95\Downloads\output (21).pdf
2019-06-19 11:23 - 2019-06-19 11:23 - 000009128 _____ C:\Users\Sport95\Downloads\output (20).pdf
2019-06-19 09:25 - 2019-06-19 09:25 - 000014563 _____ C:\Users\Sport95\Downloads\output (19).pdf
2019-06-18 15:38 - 2019-06-18 15:38 - 000023010 _____ C:\Users\Sport95\Downloads\output (18).pdf
2019-06-18 14:39 - 2019-06-18 14:39 - 000009148 _____ C:\Users\Sport95\Downloads\output (17).pdf
2019-06-18 14:31 - 2019-06-18 14:31 - 000008910 _____ C:\Users\Sport95\Downloads\output (16).pdf
2019-06-18 12:52 - 2019-06-18 12:52 - 000007868 _____ C:\Users\Sport95\Downloads\output (15).pdf
2019-06-18 11:35 - 2019-06-18 11:35 - 000009115 _____ C:\Users\Sport95\Downloads\output (14).pdf
2019-06-18 11:28 - 2019-06-18 11:28 - 000000000 ____D C:\Program Files\UNP
2019-06-18 10:22 - 2019-06-18 10:22 - 000148345 _____ C:\Users\Sport95\Downloads\formular (7).pdf
2019-06-18 08:06 - 2019-02-13 07:47 - 001909560 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-06-17 14:13 - 2019-06-17 14:13 - 000022829 _____ C:\Users\Sport95\Downloads\output (13).pdf
2019-06-17 12:10 - 2019-06-17 12:10 - 060394730 _____ C:\Users\Sport95\Downloads\E-tube_Proj_V_3_4_3.zip
2019-06-17 10:33 - 2019-06-17 10:33 - 000598817 _____ C:\Users\Sport95\Downloads\FVM1LF000101.pdf
2019-06-17 10:13 - 2019-06-17 10:13 - 000009304 _____ C:\Users\Sport95\Downloads\output (12).pdf
2019-06-17 09:20 - 2019-06-17 09:20 - 000152256 _____ C:\Users\Sport95\Downloads\formular (6).pdf
2019-06-17 09:19 - 2019-06-17 09:19 - 000011024 _____ C:\Users\Sport95\Downloads\output (11).pdf
2019-06-14 10:42 - 2019-06-14 10:42 - 000011204 _____ C:\Users\Sport95\Downloads\output (10).pdf
2019-06-12 08:59 - 2019-06-07 13:04 - 021388752 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-12 08:59 - 2019-06-07 13:04 - 001633136 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-06-12 08:59 - 2019-06-07 12:48 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-06-12 08:59 - 2019-06-07 12:47 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-12 08:59 - 2019-06-07 12:45 - 012756480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-12 08:59 - 2019-06-07 12:42 - 003613696 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-06-12 08:59 - 2019-06-07 12:41 - 004055552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-12 08:59 - 2019-06-07 12:40 - 001663488 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-06-12 08:59 - 2019-06-07 12:40 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-06-12 08:59 - 2019-06-07 12:23 - 001453920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-06-12 08:59 - 2019-06-07 12:19 - 020383832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-12 08:59 - 2019-06-07 12:10 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-12 08:59 - 2019-06-07 12:07 - 011942400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-12 08:59 - 2019-06-07 12:04 - 004056064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-12 08:59 - 2019-06-07 12:04 - 002881536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-06-12 08:59 - 2019-06-07 12:04 - 001471488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-06-12 08:59 - 2019-06-07 08:07 - 000707384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-06-12 08:59 - 2019-06-07 08:01 - 001035040 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-06-12 08:59 - 2019-06-07 07:58 - 001220112 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-06-12 08:59 - 2019-06-07 07:58 - 001027384 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-06-12 08:59 - 2019-06-07 07:58 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-06-12 08:59 - 2019-06-07 07:58 - 000422416 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2019-06-12 08:59 - 2019-06-07 07:58 - 000135176 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-06-12 08:59 - 2019-06-07 07:58 - 000076304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-06-12 08:59 - 2019-06-07 07:57 - 007519896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 08:59 - 2019-06-07 07:57 - 007436536 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-06-12 08:59 - 2019-06-07 07:57 - 002811192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-06-12 08:59 - 2019-06-07 07:57 - 002719032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-12 08:59 - 2019-06-07 07:57 - 001934808 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-12 08:59 - 2019-06-07 07:57 - 001209696 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-12 08:59 - 2019-06-07 07:57 - 000792888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-06-12 08:59 - 2019-06-07 07:57 - 000709728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-06-12 08:59 - 2019-06-07 07:57 - 000594024 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-12 08:59 - 2019-06-07 07:57 - 000494304 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-06-12 08:59 - 2019-06-07 07:57 - 000435000 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-12 08:59 - 2019-06-07 07:57 - 000413720 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-06-12 08:59 - 2019-06-07 07:57 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-06-12 08:59 - 2019-06-07 07:57 - 000383504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-06-12 08:59 - 2019-06-07 07:57 - 000170296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-06-12 08:59 - 2019-06-07 07:57 - 000148280 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-12 08:59 - 2019-06-07 07:57 - 000137448 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-06-12 08:59 - 2019-06-07 07:56 - 009084216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-12 08:59 - 2019-06-07 07:56 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-06-12 08:59 - 2019-06-07 07:47 - 000380432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-12 08:59 - 2019-06-07 07:47 - 000097272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-06-12 08:59 - 2019-06-07 07:46 - 006569344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 08:59 - 2019-06-07 07:46 - 006043496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-06-12 08:59 - 2019-06-07 07:46 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-12 08:59 - 2019-06-07 07:46 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-12 08:59 - 2019-06-07 07:46 - 000581048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-06-12 08:59 - 2019-06-07 07:46 - 000357072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-06-12 08:59 - 2019-06-07 07:46 - 000128792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-12 08:59 - 2019-06-07 07:38 - 025857536 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-06-12 08:59 - 2019-06-07 07:37 - 022019584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-06-12 08:59 - 2019-06-07 07:31 - 019372544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-12 08:59 - 2019-06-07 07:27 - 022718976 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-12 08:59 - 2019-06-07 07:24 - 005784064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-06-12 08:59 - 2019-06-07 07:24 - 003400704 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-06-12 08:59 - 2019-06-07 07:24 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2019-06-12 08:59 - 2019-06-07 07:23 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-06-12 08:59 - 2019-06-07 07:23 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-06-12 08:59 - 2019-06-07 07:23 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-06-12 08:59 - 2019-06-07 07:22 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-06-12 08:59 - 2019-06-07 07:22 - 003710976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-12 08:59 - 2019-06-07 07:22 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-06-12 08:59 - 2019-06-07 07:22 - 000233984 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2019-06-12 08:59 - 2019-06-07 07:22 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-12 08:59 - 2019-06-07 07:21 - 007588864 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-06-12 08:59 - 2019-06-07 07:21 - 004866048 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-12 08:59 - 2019-06-07 07:21 - 001778688 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-12 08:59 - 2019-06-07 07:21 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-06-12 08:59 - 2019-06-07 07:21 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-12 08:59 - 2019-06-07 07:21 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-06-12 08:59 - 2019-06-07 07:20 - 002610688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-12 08:59 - 2019-06-07 07:20 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2019-06-12 08:59 - 2019-06-07 07:20 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-06-12 08:59 - 2019-06-07 07:20 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-06-12 08:59 - 2019-06-07 07:19 - 003212288 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-12 08:59 - 2019-06-07 07:19 - 002175488 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 08:59 - 2019-06-07 07:19 - 001560576 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 08:59 - 2019-06-07 07:19 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-12 08:59 - 2019-06-07 07:19 - 000778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-12 08:59 - 2019-06-07 07:19 - 000369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-12 08:59 - 2019-06-07 07:18 - 002166784 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-06-12 08:59 - 2019-06-07 07:18 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-12 08:59 - 2019-06-07 07:18 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-12 08:59 - 2019-06-07 07:17 - 001920000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-12 08:59 - 2019-06-07 07:17 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-06-12 08:59 - 2019-06-07 07:17 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-12 08:59 - 2019-06-07 07:16 - 000900096 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-12 08:59 - 2019-06-07 07:16 - 000544768 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-12 08:59 - 2019-06-07 07:16 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-12 08:59 - 2019-06-07 06:00 - 000001308 _____ C:\Windows\system32\tcbres.wim
2019-06-12 08:59 - 2019-05-19 00:12 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-12 08:59 - 2019-05-19 00:12 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-12 08:59 - 2019-05-19 00:12 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-12 08:59 - 2019-05-19 00:12 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-12 08:59 - 2019-05-17 14:44 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-06-12 08:59 - 2019-05-17 14:40 - 002394960 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2019-06-12 08:59 - 2019-05-17 14:40 - 000280888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-06-12 08:59 - 2019-05-17 14:27 - 006586880 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-06-12 08:59 - 2019-05-17 14:26 - 004393984 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-06-12 08:59 - 2019-05-17 14:25 - 004718080 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-06-12 08:59 - 2019-05-17 14:25 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WindowsUpdateElevatedInstaller.exe
2019-06-12 08:59 - 2019-05-17 14:24 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2019-06-12 08:59 - 2019-05-17 14:23 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2019-06-12 08:59 - 2019-05-17 14:23 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2019-06-12 08:59 - 2019-05-17 14:23 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-06-12 08:59 - 2019-05-17 14:22 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-12 08:59 - 2019-05-17 14:22 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2019-06-12 08:59 - 2019-05-17 14:21 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-06-12 08:59 - 2019-05-17 14:21 - 001121792 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2019-06-12 08:59 - 2019-05-17 14:21 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2019-06-12 08:59 - 2019-05-17 14:21 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dot3gpui.dll
2019-06-12 08:59 - 2019-05-17 14:21 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-12 08:59 - 2019-05-17 14:20 - 002084864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-12 08:59 - 2019-05-17 14:20 - 001970688 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2019-06-12 08:59 - 2019-05-17 14:20 - 000725504 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2019-06-12 08:59 - 2019-05-17 14:20 - 000424448 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2019-06-12 08:59 - 2019-05-17 14:20 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2019-06-12 08:59 - 2019-05-17 14:19 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-12 08:59 - 2019-05-17 14:07 - 002206424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2019-06-12 08:59 - 2019-05-17 14:00 - 005658112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-06-12 08:59 - 2019-05-17 13:58 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2019-06-12 08:59 - 2019-05-17 13:56 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-12 08:59 - 2019-05-17 13:56 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3gpui.dll
2019-06-12 08:59 - 2019-05-17 13:55 - 000704000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-06-12 08:59 - 2019-05-17 13:55 - 000668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-12 08:59 - 2019-05-17 13:55 - 000470528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll
2019-06-12 08:59 - 2019-05-17 13:55 - 000352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2019-06-12 08:59 - 2019-05-17 13:54 - 002016768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-12 08:59 - 2019-05-17 13:54 - 000908288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2019-06-12 08:59 - 2019-05-17 11:33 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-06-12 08:59 - 2019-05-17 10:52 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-06-12 08:59 - 2019-05-17 09:07 - 000105272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2019-06-12 08:59 - 2019-05-17 08:44 - 000829960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2019-06-12 08:59 - 2019-05-17 08:44 - 000550520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-06-12 08:59 - 2019-05-17 08:43 - 000297688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2019-06-12 08:59 - 2019-05-17 08:42 - 005625160 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-06-12 08:59 - 2019-05-17 08:42 - 004789944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-06-12 08:59 - 2019-05-17 08:42 - 002256560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-12 08:59 - 2019-05-17 08:42 - 001989552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-06-12 08:59 - 2019-05-17 08:42 - 001980256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-06-12 08:59 - 2019-05-17 08:42 - 001620264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-06-12 08:59 - 2019-05-17 08:42 - 001380096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-06-12 08:59 - 2019-05-17 08:42 - 001130568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-06-12 08:59 - 2019-05-17 08:42 - 000129088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-06-12 08:59 - 2019-05-17 08:42 - 000125504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-06-12 08:59 - 2019-05-17 08:30 - 013878784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 08:59 - 2019-05-17 08:26 - 002969600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-06-12 08:59 - 2019-05-17 08:23 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-06-12 08:59 - 2019-05-17 08:23 - 000068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-06-12 08:59 - 2019-05-17 08:23 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-12 08:59 - 2019-05-17 08:22 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2019-06-12 08:59 - 2019-05-17 08:22 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-12 08:59 - 2019-05-17 08:21 - 000333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-06-12 08:59 - 2019-05-17 08:21 - 000326144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2019-06-12 08:59 - 2019-05-17 08:21 - 000224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2019-06-12 08:59 - 2019-05-17 08:20 - 000366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-06-12 08:59 - 2019-05-17 08:20 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2019-06-12 08:59 - 2019-05-17 08:19 - 004515840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-12 08:59 - 2019-05-17 08:19 - 001630720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-12 08:59 - 2019-05-17 08:19 - 001110528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2019-06-12 08:59 - 2019-05-17 08:19 - 001073664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-06-12 08:59 - 2019-05-17 08:19 - 000873472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2019-06-12 08:59 - 2019-05-17 08:19 - 000835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-12 08:59 - 2019-05-17 08:18 - 002796032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-06-12 08:59 - 2019-05-17 08:18 - 001006592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-06-12 08:59 - 2019-05-17 08:18 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-06-12 08:59 - 2019-05-17 08:08 - 001063224 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-06-12 08:59 - 2019-05-17 08:08 - 000723432 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-06-12 08:59 - 2019-05-17 08:08 - 000491200 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-12 08:59 - 2019-05-17 08:08 - 000401328 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2019-06-12 08:59 - 2019-05-17 08:07 - 004404720 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-06-12 08:59 - 2019-05-17 08:07 - 002768960 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-12 08:59 - 2019-05-17 08:07 - 002571640 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-06-12 08:59 - 2019-05-17 08:07 - 002467320 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-06-12 08:59 - 2019-05-17 08:07 - 001459120 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-12 08:59 - 2019-05-17 08:07 - 001288712 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-06-12 08:59 - 2019-05-17 08:07 - 001260272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-06-12 08:59 - 2019-05-17 08:07 - 000930616 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2019-06-12 08:59 - 2019-05-17 08:07 - 000275768 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-06-12 08:59 - 2019-05-17 08:07 - 000260800 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-06-12 08:59 - 2019-05-17 08:06 - 001943136 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-06-12 08:59 - 2019-05-17 08:06 - 001784696 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-06-12 08:59 - 2019-05-17 08:06 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-06-12 08:59 - 2019-05-17 08:06 - 001140992 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-12 08:59 - 2019-05-17 08:06 - 001098056 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-06-12 08:59 - 2019-05-17 08:06 - 000983424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-06-12 08:59 - 2019-05-17 08:06 - 000151888 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-06-12 08:59 - 2019-05-17 08:04 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-06-12 08:59 - 2019-05-17 08:00 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-06-12 08:59 - 2019-05-17 07:44 - 016597504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-06-12 08:59 - 2019-05-17 07:38 - 004709376 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-06-12 08:59 - 2019-05-17 07:37 - 004385280 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-06-12 08:59 - 2019-05-17 07:37 - 000185344 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2019-06-12 08:59 - 2019-05-17 07:37 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\DuCsps.dll
2019-06-12 08:59 - 2019-05-17 07:36 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-06-12 08:59 - 2019-05-17 07:36 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2019-06-12 08:59 - 2019-05-17 07:36 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-06-12 08:59 - 2019-05-17 07:36 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-12 08:59 - 2019-05-17 07:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-06-12 08:59 - 2019-05-17 07:36 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-12 08:59 - 2019-05-17 07:36 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-12 08:59 - 2019-05-17 07:35 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-06-12 08:59 - 2019-05-17 07:35 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2019-06-12 08:59 - 2019-05-17 07:35 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-06-12 08:59 - 2019-05-17 07:34 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-06-12 08:59 - 2019-05-17 07:34 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-06-12 08:59 - 2019-05-17 07:34 - 000671744 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-06-12 08:59 - 2019-05-17 07:34 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2019-06-12 08:59 - 2019-05-17 07:34 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2019-06-12 08:59 - 2019-05-17 07:34 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2019-06-12 08:59 - 2019-05-17 07:34 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2019-06-12 08:59 - 2019-05-17 07:34 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-06-12 08:59 - 2019-05-17 07:33 - 003091456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-06-12 08:59 - 2019-05-17 07:33 - 002912256 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-12 08:59 - 2019-05-17 07:33 - 002370560 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-06-12 08:59 - 2019-05-17 07:33 - 001487360 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2019-06-12 08:59 - 2019-05-17 07:33 - 001214464 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-06-12 08:59 - 2019-05-17 07:33 - 000787968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2019-06-12 08:59 - 2019-05-17 07:33 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2019-06-12 08:59 - 2019-05-17 07:32 - 001070080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2019-06-12 08:59 - 2019-05-17 07:32 - 000815104 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 004937216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 003376640 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 003293184 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 001805312 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 001383424 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 001027584 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-06-12 08:59 - 2019-05-17 07:31 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-06-12 08:59 - 2019-05-17 07:30 - 000917504 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-12 08:59 - 2019-05-17 07:30 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-06-12 08:59 - 2019-05-17 07:30 - 000276992 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-11 15:04 - 2019-06-11 15:04 - 000009101 _____ C:\Users\Sport95\Downloads\output (9).pdf
2019-06-11 14:53 - 2019-06-11 14:53 - 000117878 _____ C:\Users\Sport95\Downloads\formular (5).pdf
2019-06-11 12:56 - 2019-06-11 12:56 - 000022710 _____ C:\Users\Sport95\Downloads\output (8).pdf
2019-06-11 12:28 - 2019-06-11 12:28 - 000008971 _____ C:\Users\Sport95\Downloads\output (7).pdf
2019-06-11 12:27 - 2019-06-11 12:27 - 000156708 _____ C:\Users\Sport95\Downloads\formular (4).pdf
2019-06-11 08:37 - 2019-06-11 08:37 - 000008961 _____ C:\Users\Sport95\Downloads\output (6).pdf
2019-06-11 08:35 - 2019-06-11 08:35 - 000118637 _____ C:\Users\Sport95\Downloads\formular (3).pdf
2019-06-10 14:30 - 2019-06-10 14:30 - 000009122 _____ C:\Users\Sport95\Downloads\output (5).pdf
2019-06-10 13:47 - 2019-06-10 13:47 - 000022677 _____ C:\Users\Sport95\Downloads\output (4).pdf
2019-06-10 11:26 - 2019-06-10 11:26 - 000151890 _____ C:\Users\Sport95\Downloads\formular (2).pdf
2019-06-10 09:45 - 2019-06-10 09:45 - 000115568 _____ C:\Users\Sport95\Downloads\formular (1).pdf
2019-06-10 09:45 - 2019-06-10 09:45 - 000012928 _____ C:\Users\Sport95\Downloads\output (3).pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-09 15:21 - 2018-10-23 10:01 - 000000000 ____D C:\Users\Sport95\Documents\Soubory aplikace Outlook
2019-07-09 14:48 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-09 14:38 - 2018-05-25 12:56 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-07-09 10:35 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-07-09 09:19 - 2018-10-22 15:54 - 000003380 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2787560334-3957436090-95931901-1004
2019-07-09 09:19 - 2018-10-22 15:52 - 000002367 _____ C:\Users\Sport95\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-09 09:19 - 2018-10-22 15:52 - 000000000 ___RD C:\Users\Sport95\OneDrive
2019-07-09 08:05 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-07-09 07:06 - 2018-10-23 11:18 - 000000000 ___RD C:\Users\Sport95\Disk Google
2019-07-09 07:05 - 2018-10-23 11:17 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-07-09 07:05 - 2018-10-23 11:17 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-07-09 07:05 - 2018-10-23 11:17 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-07-09 07:05 - 2018-10-23 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-09 02:00 - 2018-10-22 16:00 - 000000000 ____D C:\Users\Sport95\AppData\Local\Adobe
2019-07-08 11:22 - 2018-10-22 15:58 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-08 10:16 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2019-07-08 09:19 - 2018-10-22 15:51 - 000000000 __SHD C:\Users\Sport95\IntelGraphicsProfiles
2019-07-08 09:19 - 2018-10-22 15:48 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-07-04 13:46 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-07-04 08:07 - 2018-10-22 16:21 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-03 18:37 - 2018-10-22 16:12 - 000002338 ____H C:\Users\Sport95\Documents\Default.rdp
2019-07-03 16:27 - 2019-04-03 09:21 - 000000000 ____D C:\Users\Sport95\AppData\Local\CrashDumps
2019-07-03 16:05 - 2018-10-22 15:51 - 000000000 ____D C:\Users\Sport95\AppData\Local\Packages
2019-07-03 16:05 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-02 09:36 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-07-02 09:34 - 2018-10-22 16:04 - 000000000 ____D C:\Users\Sport95\AppData\Roaming\Azureus
2019-07-02 09:34 - 2018-05-25 13:55 - 000000000 ____D C:\Windows\Panther
2019-07-02 09:34 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports
2019-07-01 10:01 - 2019-05-02 10:00 - 000000000 ____D C:\Windows\files
2019-06-26 16:48 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-26 14:59 - 2019-04-15 10:18 - 000000000 ____D C:\Users\Sport95\Documents\Naskenováno
2019-06-21 11:12 - 2018-11-16 09:07 - 000000000 ____D C:\Program Files\rempl
2019-06-20 15:58 - 2018-10-22 15:58 - 000168104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-19 09:05 - 2018-10-22 15:53 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 09:05 - 2018-10-22 15:53 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-19 08:09 - 2018-05-25 13:03 - 001697414 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-19 08:09 - 2018-04-12 17:51 - 000718308 _____ C:\Windows\system32\perfh005.dat
2019-06-19 08:09 - 2018-04-12 17:51 - 000145630 _____ C:\Windows\system32\perfc005.dat
2019-06-19 08:05 - 2018-11-26 13:53 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-06-19 08:05 - 2018-05-25 12:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-18 17:12 - 2018-04-11 23:04 - 000786432 _____ C:\Windows\system32\config\BBI
2019-06-18 08:06 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-06-18 08:04 - 2018-10-22 15:58 - 000225600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-17 10:58 - 2018-10-23 14:08 - 000000000 ____D C:\Users\Sport95\Desktop\Foto
2019-06-17 08:07 - 2018-10-22 16:02 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-13 13:41 - 2018-10-22 15:51 - 000000000 ___RD C:\Users\Sport95\3D Objects
2019-06-13 13:41 - 2018-05-25 13:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-13 13:41 - 2018-05-25 12:56 - 000273192 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-12 16:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2019-06-12 16:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2019-06-12 16:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Provisioning
2019-06-12 16:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-06-12 16:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2019-06-12 08:59 - 2018-05-25 13:11 - 000000000 ____D C:\Windows\system32\MRT
2019-06-12 08:57 - 2018-05-25 13:11 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ================

2018-11-21 16:24 - 2019-04-25 16:37 - 000000034 _____ () C:\Users\Sport95\AppData\Roaming\AdobeWLCMCache.dat
2018-11-27 09:07 - 2018-11-27 09:07 - 000000000 _____ () C:\Users\Sport95\AppData\Local\oobelibMkey.log

==================== FLock ================

2018-07-24 11:07 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by Sport95 (09-07-2019 15:26:04)
Running from C:\Users\Sport95\Desktop
Windows 10 Pro Version 1803 17134.829 (X64) (2018-10-22 13:48:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2787560334-3957436090-95931901-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2787560334-3957436090-95931901-503 - Limited - Disabled)
Guest (S-1-5-21-2787560334-3957436090-95931901-501 - Limited - Disabled)
Sport95 (S-1-5-21-2787560334-3957436090-95931901-1004 - Administrator - Enabled) => C:\Users\Sport95
WDAGUtilityAccount (S-1-5-21-2787560334-3957436090-95931901-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_SharePointDesigner_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_SharePointDesigner_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_SharePointDesigner_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_SharePointDesigner_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_SharePointDesigner_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_SharePointDesigner_{2659571A-3405-4486-B7D8-2F125BC0E3B2}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_SharePointDesigner_{2659571A-3405-4486-B7D8-2F125BC0E3B2}) (Version: - Microsoft) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
Bosch DiagnosticTool 5.4.2.0.1 (HKLM-x32\...\{5A71D203-4F1E-4D9D-8EB4-0C652328D7FB}_is1) (Version: 5.4.2.0.1 - Robert Bosch GmbH)
Bosch eBike Diagnostic Software Compatibility Layer 1.0 (HKLM-x32\...\Bosch eBike Diagnostic Software Compatibility Layer 1.0) (Version: 1.0.0.0 - Robert Bosch GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
hppM1130M1210SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (HKLM-x32\...\{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}) (Version: 1.0.0.2 - Hewlett-Packard) Hidden
LogiX Diagnostic System (HKLM-x32\...\{D1CCF02B-C6B7-429E-8B98-D7B6F1DA13C2}) (Version: 2.1.8 - JD Components Co., Ltd.) Hidden
LogiX Diagnostic System (HKLM-x32\...\InstallShield_{D1CCF02B-C6B7-429E-8B98-D7B6F1DA13C2}) (Version: 2.1.8 - JD Components Co., Ltd.)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8627.1 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{37180755-CA2B-40AD-9637-89FB0CE7CB36}) (Version: - Microsoft)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2787560334-3957436090-95931901-1004\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.12.0 - Prolific Technology INC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6111 - Realtek Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220 [2019-03-12] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-28] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2787560334-3957436090-95931901-1004_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-10-12 02:08 - 2016-10-12 02:08 - 000124928 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000166400 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000223232 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 02:08 - 2016-10-12 02:08 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2019-03-15 16:31 - 2014-09-09 14:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2019-07-09 07:06 - 2019-07-09 07:06 - 000113664 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\_ctypes.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000173568 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\_elementtree.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 001800192 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\_hashlib.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000032256 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\_multiprocessing.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000046080 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\_psutil_windows.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000047616 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\_socket.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 002230784 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\_ssl.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000026112 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\_yappi.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000080896 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\bz2.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 006277632 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\cello.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000014848 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\common.time34.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000007680 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\hashobjs_ext.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000301568 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\PIL._imaging.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000169472 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\pyexpat.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 001084416 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\pysqlite2._sqlite.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000548864 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\pythoncom27.dll
2019-07-09 07:06 - 2019-07-09 07:06 - 000137728 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\pywintypes27.dll
2019-07-09 07:06 - 2019-07-09 07:06 - 000010752 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\select.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000020992 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\thumbnails_ext.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000689664 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\unicodedata.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000118784 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\usb_ext.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000128512 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32api.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000438784 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32com.shell.shell.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000011776 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32crypt.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000023040 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32event.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000149504 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32file.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000223232 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32gui.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000048128 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32inet.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000029696 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32pdh.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000027648 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32pipe.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000044032 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32process.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000020480 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32profile.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000136192 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32security.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000026624 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\win32ts.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000034304 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\windows.conditional.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000038400 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\windows.connectivity.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000073216 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\windows.device_monitor.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000110592 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\windows.volumes.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000020480 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\windows.winwrap.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 001325056 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wx._controls_.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 001489408 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wx._core_.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 001007104 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wx._gdi_.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000103424 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wx._html2.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 000916992 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wx._misc_.pyd
2019-07-09 07:06 - 2019-07-09 07:06 - 001039872 _____ () [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wx._windows_.pyd
2018-10-23 10:52 - 2012-09-29 13:53 - 002219008 _____ () [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\HPM1210FPSU.DLL
2019-06-19 08:05 - 2019-06-19 08:05 - 000103936 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Windows\Temp\jna--1220298692\jna2493402814479794231.dll
2010-01-28 16:10 - 2010-01-28 16:10 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\Windows\System32\mvtcpmon.dll
2018-10-22 16:21 - 2018-10-22 16:21 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2018-10-22 16:21 - 2018-10-22 16:21 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2010-01-28 16:08 - 2010-01-28 16:08 - 000144896 _____ (OpenSLP) [File not signed] C:\Windows\System32\slp64.dll
2019-07-09 07:06 - 2019-07-09 07:06 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\python27.dll
2019-05-10 09:28 - 2018-10-18 13:05 - 000350720 _____ (Robert Bosch GmbH) [File not signed] C:\Program Files (x86)\Bosch DiagnosticTool\BoschDevNodeCleanService64.exe
2019-07-09 07:06 - 2019-07-09 07:06 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wxbase30u_net_vc90_x64.dll
2019-07-09 07:06 - 2019-07-09 07:06 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wxbase30u_vc90_x64.dll
2019-07-09 07:06 - 2019-07-09 07:06 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wxmsw30u_adv_vc90_x64.dll
2019-07-09 07:06 - 2019-07-09 07:06 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wxmsw30u_core_vc90_x64.dll
2019-07-09 07:06 - 2019-07-09 07:06 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wxmsw30u_html_vc90_x64.dll
2019-07-09 07:06 - 2019-07-09 07:06 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Sport95\AppData\Local\Temp\_MEI46962\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2019-01-04 13:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2787560334-3957436090-95931901-1004\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.2.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7CFBE7E4-CEB4-4E15-90A4-9F1F9136E8A6}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{3ABC17E8-CD01-462B-A378-75C86D60FD40}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{B823A228-3B8F-4764-B41F-C4F634854906}] => (Allow) LPort=9100
FirewallRules: [{51F2FB4E-FD74-4E4D-83AE-7280F0CE0696}] => (Allow) LPort=427
FirewallRules: [{DDF76BCA-7015-4FC3-9DFE-05BF6E4CBA27}] => (Allow) LPort=161
FirewallRules: [{F412A25A-CBDD-4A9E-99FC-C19E8982EF83}] => (Allow) LPort=427
FirewallRules: [TCP Query User{2F33181B-86FF-48D9-9DDB-5250B8F857C8}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{7DEB6625-DF1E-42A9-8C3D-6267305C7171}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{55E2A4B8-6EC8-4CA5-8123-ACE77FCE3EBA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C8C66F5C-6E42-438E-81BE-767DC331F606}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3E508EE5-D120-4CEB-877F-2AE605AA6054}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{22A487CF-BB27-4BE3-83D5-80506657611D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AC6380A6-421C-4567-AF1B-EA2016C134B7}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{689A140E-57B8-4A51-9B74-461351454791}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{28D0A1D0-955F-48A2-9035-23D4F96094D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:61.67 GB) (55%)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2019 04:27:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 3.1.0.1838, časové razítko: 0x5d13b12f
Název chybujícího modulu: Qt5Core.dll, verze: 5.11.1.0, časové razítko: 0x5cba0161
Kód výjimky: 0xc0000005
Posun chyby: 0x0018dc19
ID chybujícího procesu: 0x48c
Čas spuštění chybující aplikace: 0x01d531644c89e741
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: c01e000a-c246-4d48-bf4e-d32adc28e77b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/18/2019 05:12:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: prunsrv.exe, verze: 1.0.15.0, časové razítko: 0x51543b87
Název chybujícího modulu: jvm.dll, verze: 25.71.0.1, časové razítko: 0x573fb82a
Kód výjimky: 0xc0000005
Posun chyby: 0x0015aafa
ID chybujícího procesu: 0xd20
Čas spuštění chybující aplikace: 0x01d525121ab1941c
Cesta k chybující aplikaci: C:\Program Files (x86)\Bosch DiagnosticTool\prunsrv\prunsrv.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Bosch DiagnosticTool\jre\bin\client\jvm.dll
ID zprávy: bb2102bb-9b2e-4a4d-bd03-d7c6d6a1e988
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/18/2019 08:04:44 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x8007045b).

Error: (06/18/2019 08:04:44 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Nepodařilo se získat správce oboru procházení. Chyba=0x8007045b.

Error: (06/17/2019 03:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: prunsrv.exe, verze: 1.0.15.0, časové razítko: 0x51543b87
Název chybujícího modulu: jvm.dll, verze: 25.71.0.1, časové razítko: 0x573fb82a
Kód výjimky: 0xc0000005
Posun chyby: 0x0015aafa
ID chybujícího procesu: 0xa9c
Čas spuštění chybující aplikace: 0x01d521dce7df5a74
Cesta k chybující aplikaci: C:\Program Files (x86)\Bosch DiagnosticTool\prunsrv\prunsrv.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Bosch DiagnosticTool\jre\bin\client\jvm.dll
ID zprávy: 8a0853e2-ff5a-44c5-b160-58fad77a7434
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/12/2019 04:32:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: prunsrv.exe, verze: 1.0.15.0, časové razítko: 0x51543b87
Název chybujícího modulu: jvm.dll, verze: 25.71.0.1, časové razítko: 0x573fb82a
Kód výjimky: 0xc0000005
Posun chyby: 0x0015aafa
ID chybujícího procesu: 0xa68
Čas spuštění chybující aplikace: 0x01d50bac3cf211e7
Cesta k chybující aplikaci: C:\Program Files (x86)\Bosch DiagnosticTool\prunsrv\prunsrv.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Bosch DiagnosticTool\jre\bin\client\jvm.dll
ID zprávy: 7b98f8e5-39d4-4f37-b955-c40a744aa846
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/15/2019 04:29:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: prunsrv.exe, verze: 1.0.15.0, časové razítko: 0x51543b87
Název chybujícího modulu: jvm.dll, verze: 25.71.0.1, časové razítko: 0x573fb82a
Kód výjimky: 0xc0000005
Posun chyby: 0x0015aafa
ID chybujícího procesu: 0x9ac
Čas spuštění chybující aplikace: 0x01d50701fc06a7ee
Cesta k chybující aplikaci: C:\Program Files (x86)\Bosch DiagnosticTool\prunsrv\prunsrv.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Bosch DiagnosticTool\jre\bin\client\jvm.dll
ID zprávy: 2c662a0e-7f18-48a9-9ba5-ca685c4fd847
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/14/2019 03:12:21 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.


System errors:
=============
Error: (07/09/2019 02:49:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IKF77LA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-IKF77LA\Sport95 (SID: S-1-5-21-2787560334-3957436090-95931901-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/09/2019 10:49:09 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IKF77LA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-IKF77LA\Sport95 (SID: S-1-5-21-2787560334-3957436090-95931901-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/09/2019 06:49:25 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IKF77LA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-IKF77LA\Sport95 (SID: S-1-5-21-2787560334-3957436090-95931901-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/09/2019 06:48:25 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IKF77LA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-IKF77LA\Sport95 (SID: S-1-5-21-2787560334-3957436090-95931901-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/09/2019 02:50:25 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IKF77LA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-IKF77LA\Sport95 (SID: S-1-5-21-2787560334-3957436090-95931901-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/09/2019 01:35:05 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IKF77LA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-IKF77LA\Sport95 (SID: S-1-5-21-2787560334-3957436090-95931901-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 11:09:56 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IKF77LA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-IKF77LA\Sport95 (SID: S-1-5-21-2787560334-3957436090-95931901-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/08/2019 11:04:08 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IKF77LA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-IKF77LA\Sport95 (SID: S-1-5-21-2787560334-3957436090-95931901-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info ===========================

BIOS: Dell Inc. A23 06/25/2018
Motherboard: Dell Inc. 00V62H
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 85%
Total physical RAM: 4002.05 MB
Available physical RAM: 568.36 MB
Total Virtual: 7211.41 MB
Available Virtual: 1222.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:61.67 GB) NTFS

\\?\Volume{7e9c8329-4f62-4d30-ae2d-6e89b26adf6e}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS
\\?\Volume{e7aeafe0-275e-44bb-beb6-aa024d51e136}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: JS:Miner-BL

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

djmalda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 06 srp 2012 18:24

Re: JS:Miner-BL

#3 Příspěvek od djmalda »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-10-2019
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1249 octets] - [10/07/2019 09:29:14]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: JS:Miner-BL

#4 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\Windows\Temp\0849DBFD-E823-4558-9C8E-E0C95DD0E944\DismHost.exe
HKLM-x32\...\Run: [] => [X]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {23AF1E3C-BC68-4779-A8B7-553D9D44E4DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-22] (Google Inc -> Google Inc.)
Task: {A97EB010-D5F7-4F5E-A528-735A78E81750} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-22] (Google Inc -> Google Inc.)
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\Users\Sport95\AppData\Local\Temp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

djmalda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 06 srp 2012 18:24

Re: JS:Miner-BL

#5 Příspěvek od djmalda »

Avast stále hlásí hrozbu. Ještě doplním, že stejný problém se objevil na všech ostatních počítačích, které jsou v síti.

Fix result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by Sport95 (10-07-2019 15:54:06) Run:1
Running from C:\Users\Sport95\Desktop
Loaded Profiles: Sport95 (Available Profiles: Sport95)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Windows\Temp\0849DBFD-E823-4558-9C8E-E0C95DD0E944\DismHost.exe
HKLM-x32\...\Run: [] => [X]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {23AF1E3C-BC68-4779-A8B7-553D9D44E4DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-22] (Google Inc -> Google Inc.)
Task: {A97EB010-D5F7-4F5E-A528-735A78E81750} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-22] (Google Inc -> Google Inc.)
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\Users\Sport95\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
"C:\Windows\Temp\0849DBFD-E823-4558-9C8E-E0C95DD0E944\DismHost.exe" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23AF1E3C-BC68-4779-A8B7-553D9D44E4DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23AF1E3C-BC68-4779-A8B7-553D9D44E4DB}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A97EB010-D5F7-4F5E-A528-735A78E81750}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A97EB010-D5F7-4F5E-A528-735A78E81750}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Users\Sport95\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 186335986 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 369288 B
Edge => 0 B
Chrome => 160372563 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 904 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Sport95 => 3486799 B

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: JS:Miner-BL

#6 Příspěvek od Rudy »

V tom případě je nakažena celá síť. Ještě spusťte AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

djmalda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 06 srp 2012 18:24

Re: JS:Miner-BL

#7 Příspěvek od djmalda »

AVPTool nic nenašel. Může být v tomto případě zavirovaný např. router? Pro jistotu jsem jej resetoval a provedl update firmwaru, nicméně ani to nepomohlo. Všechny počítače v síti hlásí stejný virus - Avast v tomto případě blokuje webové stránky, které se tváří jako nezabezpečené. Když se u této stránky podívám na zdrojový kód, hned ze začátku se zobrazuje tento script:

Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: JS:Miner-BL

#8 Příspěvek od Rudy »

Skript může být nebezpečný. Pokud je ale nalezen ve všech PC v síti, musí být při čištění síť fyzicky rozpojena a jednotlivé stanice vyčištěny samostatně. Zřejmě se to sdílí po celé síti. Skrit musí být smazán, případně přeinstalovány prohlížeče.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět