Zdravím, nebyl jsem půl roku doma a můj mladší bratr mi nastahoval na můj školní notebook plno blbosti.. Nejede tak jak má.. Je mu 11, takže stahoval vše na co narazil. Tak bych poprosil o prověření logu. Díky moc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by danie at 2018-04-07 10:29:22
Microsoft Windows 10 Home
System drive C: has 118 GB (52%) free of 229 GB
Total RAM: 3819 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:29:36, on 07.04.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal
Running processes:
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\danie.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com127.0.0.1 anchorfree.net
O1 - Hosts: 127.0.0.3 www.anchorfree.net
O1 - Hosts: 127.0.0.2 mefeedia.com
O1 - Hosts: 127.0.0.2 mefeedia.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\danie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [BloodyToneMaker] "C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe" Minimum
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe
O23 - Service: MRAC Service (mracsvc) - Unknown owner - C:\Windows\System32\mracsvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing)
--
End of file - 8516 bytes
======Listing Processes======
winlogon.exe
C:\Windows\system32\lsass.exe
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\Windows\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
C:\Windows\system32\atiesrxx.exe
atieclxx
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe"
C:\Windows\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
"C:\Program Files\Elantech\ETDCtrl.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
sihost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"ctfmon.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\Explorer.EXE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe" Minimum
"C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe" Release
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --ran-launcher --started-from-shortcut
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera_crashreporter.exe" --ran-launcher --started-from-shortcut --crash-reporter-parent-id=5964
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=gpu-process --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --gpu-preferences=KAAAAAAAAAAABwAAAQAAAAAAAAAAAGAAAQAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --gpu-vendor-id=0x1002 --gpu-device-id=0x9802 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.0 --gpu-driver-date=8-21-2015 --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --service-request-channel-token=246B99DB81FE78DABCAF993FA967900B --mojo-platform-channel-handle=1672 --ignored=" --type=renderer " /prefetch:2
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=renderer --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --service-pipe-token=5930C4A8953AA181416FCA369CB17FEE --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=5930C4A8953AA181416FCA369CB17FEE --renderer-client-id=3 --mojo-platform-channel-handle=2456 /prefetch:1
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=renderer --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --service-pipe-token=7FE648A296F38576456F191700868146 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=7FE648A296F38576456F191700868146 --renderer-client-id=4 --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=renderer --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --service-pipe-token=277F3596098F59F2A75671E02E318BBC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=277F3596098F59F2A75671E02E318BBC --renderer-client-id=9 --mojo-platform-channel-handle=3088 /prefetch:1
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=renderer --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --service-pipe-token=4C98B0F8B774A7585FA28A039382B91A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=4C98B0F8B774A7585FA28A039382B91A --renderer-client-id=10 --mojo-platform-channel-handle=3172 /prefetch:1
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=renderer --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --service-pipe-token=8CF26E09C30955F362F2B80930ECDF4C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=8CF26E09C30955F362F2B80930ECDF4C --renderer-client-id=5 --mojo-platform-channel-handle=4492 /prefetch:1
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=renderer --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --service-pipe-token=0322324EB466CB4C5582F0E9E233AB91 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=0322324EB466CB4C5582F0E9E233AB91 --renderer-client-id=6 --mojo-platform-channel-handle=5572 /prefetch:1
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=renderer --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --service-pipe-token=B48ECCC6FED87E274EDCD075B5790F2F --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=B48ECCC6FED87E274EDCD075B5790F2F --renderer-client-id=7 --mojo-platform-channel-handle=5732 /prefetch:1
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=renderer --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --service-pipe-token=5F1F2B36487CF884495D762603275AC0 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=5F1F2B36487CF884495D762603275AC0 --renderer-client-id=13 --mojo-platform-channel-handle=6428 /prefetch:1
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=renderer --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --service-pipe-token=AA751509B61025DC5B9733338930BA40 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=AA751509B61025DC5B9733338930BA40 --renderer-client-id=29 --mojo-platform-channel-handle=2824 /prefetch:1
C:\Windows\system32\AUDIODG.EXE 0x4d4
"C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe" --type=renderer --field-trial-handle=1656,8155512792460825829,14963318277024474607,131072 --service-pipe-token=082359A3D13BB421BE7DADC347551D6A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-handle-proprietary-uris=off --crash-reporter-pid=5832 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=082359A3D13BB421BE7DADC347551D6A --renderer-client-id=31 --mojo-platform-channel-handle=8976 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\Windows\System32\smartscreen.exe -Embedding
C:\Windows\system32\msiexec.exe /V
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\danie\Desktop\Godnite\Godnite\ErrorLog.txt
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 732 736 744 8192 740
C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Windows\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\danie\AppData\Local\Temp\scoped_dir5964_4822\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-01 474688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-01 188992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2013-04-09 241152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\danie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-03-30 1559200]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2018-04-03 3199776]
"BloodyToneMaker"=C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [2017-10-16 8555008]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-02-22 5262992]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-03-06 17074688]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-21 767176]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-04-07 10:29:23 ----D---- C:\Program Files\trend micro
2018-04-07 10:29:22 ----D---- C:\rsit
2018-04-05 12:04:37 ----A---- C:\Windows\system32\drivers\lpsport.sys
2018-04-05 12:02:00 ----D---- C:\Program Files\Common Files\AVAST Software
2018-04-05 11:56:58 ----D---- C:\Users\danie\AppData\Roaming\Opera Software
2018-04-05 11:56:20 ----D---- C:\Program Files\AVAST Software
2018-04-05 11:55:38 ----D---- C:\ProgramData\AVAST Software
2018-04-05 11:55:06 ----D---- C:\Program Files\CCleaner
2018-04-04 17:45:26 ----AD---- C:\Program Files (x86)\BlueStacks
2018-04-04 17:45:11 ----D---- C:\ProgramData\BlueStacks
2018-04-04 17:44:33 ----D---- C:\ProgramData\BlueStacksSetup
2018-04-04 16:58:28 ----D---- C:\ProgramData\Hotspot Shield
2018-04-04 16:57:21 ----A---- C:\Windows\system32\drivers\hssdrv6.sys
2018-04-04 16:57:17 ----D---- C:\Program Files (x86)\Hotspot Shield
2018-04-04 16:57:06 ----D---- C:\Users\danie\AppData\Roaming\Hotspot Shield
2018-04-03 10:53:02 ----D---- C:\ProgramData\McAfee Security Scan
2018-03-24 15:19:37 ----D---- C:\Program Files\McAfee Security Scan
2018-03-24 11:11:28 ----D---- C:\ProgramData\McAfee
2018-03-17 20:51:16 ----D---- C:\Program Files (x86)\Thyone II
2018-03-15 14:42:59 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-03-14 11:40:11 ----A---- C:\Windows\SYSWOW64\usoapi.dll
2018-03-14 11:40:11 ----A---- C:\Windows\SYSWOW64\IndexedDbLegacy.dll
2018-03-14 11:40:11 ----A---- C:\Windows\SYSWOW64\EdgeManager.dll
2018-03-14 11:40:11 ----A---- C:\Windows\SYSWOW64\edgeIso.dll
2018-03-14 11:40:11 ----A---- C:\Windows\system32\SecurityHealthProxyStub.dll
2018-03-14 11:40:10 ----A---- C:\Windows\SYSWOW64\msIso.dll
2018-03-14 11:40:10 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 11:40:09 ----A---- C:\Windows\SYSWOW64\AcSpecfc.dll
2018-03-14 11:40:08 ----A---- C:\Windows\SYSWOW64\webplatstorageserver.dll
2018-03-14 11:40:08 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-03-14 11:40:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 11:40:06 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2018-03-14 11:40:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-03-14 11:40:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-03-14 11:40:02 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2018-03-14 11:40:02 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2018-03-14 11:40:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-03-14 11:40:01 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2018-03-14 11:39:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-03-14 11:39:58 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2018-03-14 11:39:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-03-14 11:39:57 ----A---- C:\Windows\system32\drivers\volmgr.sys
2018-03-14 11:39:57 ----A---- C:\Windows\system32\drivers\hidparse.sys
2018-03-14 11:39:57 ----A---- C:\Windows\system32\drivers\acpi.sys
2018-03-14 11:39:56 ----A---- C:\Windows\system32\rdpudd.dll
2018-03-14 11:39:56 ----A---- C:\Windows\system32\drivers\storahci.sys
2018-03-14 11:39:56 ----A---- C:\Windows\system32\drivers\sdbus.sys
2018-03-14 11:39:56 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2018-03-14 11:39:55 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2018-03-14 11:39:55 ----A---- C:\Windows\system32\drivers\storufs.sys
2018-03-14 11:39:55 ----A---- C:\Windows\system32\drivers\BasicRender.sys
2018-03-14 11:39:54 ----A---- C:\Windows\system32\drivers\wcifs.sys
2018-03-14 11:39:54 ----A---- C:\Windows\system32\drivers\pci.sys
2018-03-14 11:39:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-03-14 11:39:52 ----A---- C:\Windows\system32\jscript9.dll
2018-03-14 11:39:51 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2018-03-14 11:39:50 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2018-03-14 11:39:50 ----A---- C:\Windows\system32\vbscript.dll
2018-03-14 11:39:50 ----A---- C:\Windows\system32\samsrv.dll
2018-03-14 11:39:50 ----A---- C:\Windows\system32\drivers\stornvme.sys
2018-03-14 11:39:50 ----A---- C:\Windows\system32\DbgModel.dll
2018-03-14 11:39:49 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2018-03-14 11:39:48 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2018-03-14 11:39:47 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-03-14 11:39:47 ----A---- C:\Windows\system32\drivers\UcmUcsi.sys
2018-03-14 11:39:47 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-03-14 11:39:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-03-14 11:39:46 ----A---- C:\Windows\system32\StorSvc.dll
2018-03-14 11:39:46 ----A---- C:\Windows\system32\iertutil.dll
2018-03-14 11:39:46 ----A---- C:\Windows\system32\edgeIso.dll
2018-03-14 11:39:44 ----A---- C:\Windows\system32\win32kfull.sys
2018-03-14 11:39:44 ----A---- C:\Windows\system32\win32kbase.sys
2018-03-14 11:39:43 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-03-14 11:39:42 ----A---- C:\Windows\system32\ieframe.dll
2018-03-14 11:39:41 ----A---- C:\Windows\system32\jscript9diag.dll
2018-03-14 11:39:41 ----A---- C:\Windows\system32\Chakra.dll
2018-03-14 11:39:40 ----A---- C:\Windows\system32\jscript.dll
2018-03-14 11:39:40 ----A---- C:\Windows\system32\drivers\netvsc.sys
2018-03-14 11:39:39 ----A---- C:\Windows\SYSWOW64\winmde.dll
2018-03-14 11:39:39 ----A---- C:\Windows\SYSWOW64\msvproc.dll
2018-03-14 11:39:39 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2018-03-14 11:39:39 ----A---- C:\Windows\system32\hvloader.dll
2018-03-14 11:39:39 ----A---- C:\Windows\system32\hvax64.exe
2018-03-14 11:39:39 ----A---- C:\Windows\system32\drivers\vmbus.sys
2018-03-14 11:39:39 ----A---- C:\Windows\system32\drivers\spaceport.sys
2018-03-14 11:39:39 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2018-03-14 11:39:38 ----A---- C:\Windows\system32\rdpcorets.dll
2018-03-14 11:39:38 ----A---- C:\Windows\system32\lsasrv.dll
2018-03-14 11:39:38 ----A---- C:\Windows\system32\dbgeng.dll
2018-03-14 11:39:36 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2018-03-14 11:39:35 ----A---- C:\Windows\system32\d3d10warp.dll
2018-03-14 11:39:34 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2018-03-14 11:39:32 ----A---- C:\Windows\system32\AcSpecfc.dll
2018-03-14 11:39:31 ----A---- C:\Windows\system32\KernelBase.dll
2018-03-14 11:39:30 ----A---- C:\Windows\system32\wininet.dll
2018-03-14 11:39:29 ----A---- C:\Windows\system32\msIso.dll
2018-03-14 11:39:28 ----A---- C:\Windows\system32\drivers\WdiWiFi.sys
2018-03-14 11:39:27 ----A---- C:\Windows\system32\drivers\nwifi.sys
2018-03-14 11:39:24 ----A---- C:\Windows\system32\mshtml.dll
2018-03-14 11:39:22 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2018-03-14 11:39:21 ----A---- C:\Windows\system32\winmde.dll
2018-03-14 11:39:21 ----A---- C:\Windows\system32\hvix64.exe
2018-03-14 11:39:20 ----A---- C:\Windows\system32\msvproc.dll
2018-03-14 11:39:20 ----A---- C:\Windows\system32\mfplat.dll
2018-03-14 11:39:19 ----A---- C:\Windows\system32\edgehtml.dll
2018-03-14 11:39:17 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2018-03-14 11:39:16 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-03-14 11:39:16 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-03-14 11:39:16 ----A---- C:\Windows\system32\wintrust.dll
2018-03-14 11:39:16 ----A---- C:\Windows\system32\pcalua.exe
2018-03-14 11:39:15 ----A---- C:\Windows\system32\winsrv.dll
2018-03-14 11:39:15 ----A---- C:\Windows\system32\windows.storage.dll
2018-03-14 11:39:14 ----A---- C:\Windows\system32\zipfldr.dll
2018-03-14 11:39:14 ----A---- C:\Windows\system32\aitstatic.exe
2018-03-14 11:39:13 ----A---- C:\Windows\SYSWOW64\daxexec.dll
2018-03-14 11:39:13 ----A---- C:\Windows\system32\shell32.dll
2018-03-14 11:39:13 ----A---- C:\Windows\system32\rpcrt4.dll
2018-03-14 11:39:12 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2018-03-14 11:39:11 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-03-14 11:39:09 ----A---- C:\Windows\system32\HologramCompositor.dll
2018-03-14 11:39:04 ----A---- C:\Windows\system32\usoapi.dll
2018-03-14 11:39:04 ----A---- C:\Windows\system32\updatehandlers.dll
2018-03-14 11:39:04 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2018-03-14 11:39:04 ----A---- C:\Windows\system32\MusNotificationUx.exe
2018-03-14 11:39:04 ----A---- C:\Windows\system32\MusNotification.exe
2018-03-14 11:39:04 ----A---- C:\Windows\system32\musdialoghandlers.dll
2018-03-14 11:39:03 ----A---- C:\Windows\system32\usocore.dll
2018-03-14 11:38:42 ----A---- C:\Windows\system32\winresume.exe
2018-03-14 11:38:42 ----A---- C:\Windows\system32\winload.exe
2018-03-14 11:38:42 ----A---- C:\Windows\system32\drivers\cng.sys
2018-03-14 11:38:41 ----A---- C:\Windows\SYSWOW64\aepic.dll
2018-03-14 11:38:41 ----A---- C:\Windows\system32\win32appinventorycsp.dll
2018-03-14 11:38:41 ----A---- C:\Windows\system32\pcasvc.dll
2018-03-14 11:38:41 ----A---- C:\Windows\system32\invagent.dll
2018-03-14 11:38:41 ----A---- C:\Windows\system32\devinv.dll
2018-03-14 11:38:41 ----A---- C:\Windows\system32\DeviceCensus.exe
2018-03-14 11:38:41 ----A---- C:\Windows\system32\dcntel.dll
2018-03-14 11:38:41 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-03-14 11:38:41 ----A---- C:\Windows\system32\aepic.dll
2018-03-14 11:38:41 ----A---- C:\Windows\system32\aeinv.dll
2018-03-14 11:38:40 ----A---- C:\Windows\system32\generaltel.dll
2018-03-14 11:38:40 ----A---- C:\Windows\system32\appraiser.dll
2018-03-14 11:38:38 ----A---- C:\Windows\system32\Spectrum.exe
2018-03-14 11:38:37 ----A---- C:\Windows\system32\HolographicExtensions.dll
2018-03-14 11:38:37 ----A---- C:\Windows\system32\cldapi.dll
2018-03-14 11:38:37 ----A---- C:\Windows\system32\cdp.dll
2018-03-14 11:38:36 ----A---- C:\Windows\system32\Windows.Payments.dll
2018-03-14 11:38:36 ----A---- C:\Windows\system32\webplatstorageserver.dll
2018-03-14 11:38:36 ----A---- C:\Windows\system32\SecurityHealthService.exe
2018-03-14 11:38:36 ----A---- C:\Windows\system32\SecurityHealthAgent.dll
2018-03-14 11:38:36 ----A---- C:\Windows\system32\daxexec.dll
2018-03-14 11:38:35 ----A---- C:\Windows\system32\MSVidCtl.dll
2018-03-14 11:38:34 ----A---- C:\Windows\SYSWOW64\Windows.Payments.dll
2018-03-14 11:38:34 ----A---- C:\Windows\system32\wlidsvc.dll
2018-03-14 11:38:33 ----A---- C:\Windows\SYSWOW64\cldapi.dll
2018-03-14 11:38:33 ----A---- C:\Windows\system32\EdgeManager.dll
2018-03-14 11:38:33 ----A---- C:\Windows\system32\acmigration.dll
2018-03-14 11:38:32 ----A---- C:\Windows\SYSWOW64\cdp.dll
2018-03-14 11:38:31 ----A---- C:\Windows\system32\MusNotifyIcon.exe
2018-03-14 11:38:31 ----A---- C:\Windows\system32\drivers\sdstor.sys
2018-03-14 11:38:29 ----A---- C:\Windows\SYSWOW64\msi.dll
2018-03-14 11:38:29 ----A---- C:\Windows\system32\msi.dll
2018-03-14 11:38:28 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2018-03-14 11:38:28 ----A---- C:\Windows\system32\drivers\RfxVmt.sys
2018-03-14 11:38:28 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2018-03-14 11:38:27 ----A---- C:\Windows\SYSWOW64\AuthFWSnapin.dll
2018-03-14 11:38:26 ----A---- C:\Windows\system32\MSVPXENC.dll
2018-03-14 11:38:26 ----A---- C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 11:38:26 ----A---- C:\Windows\system32\cdpusersvc.dll
2018-03-14 11:38:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-03-14 11:38:25 ----A---- C:\Windows\system32\TSpkg.dll
2018-03-14 11:38:25 ----A---- C:\Windows\system32\MSVideoDSP.dll
2018-03-14 11:38:24 ----A---- C:\Windows\SYSWOW64\MSVPXENC.dll
2018-03-14 11:38:24 ----A---- C:\Windows\SYSWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 11:38:24 ----A---- C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 11:38:24 ----A---- C:\Windows\system32\msra.exe
2018-03-14 11:38:23 ----A---- C:\Windows\SYSWOW64\offlinesam.dll
2018-03-14 11:38:23 ----A---- C:\Windows\SYSWOW64\offlinelsa.dll
2018-03-14 11:38:23 ----A---- C:\Windows\SYSWOW64\MSVideoDSP.dll
2018-03-14 11:38:23 ----A---- C:\Windows\system32\updatecsp.dll
2018-03-14 11:38:23 ----A---- C:\Windows\system32\svf.dll
2018-03-14 11:38:23 ----A---- C:\Windows\system32\offlinesam.dll
2018-03-14 11:38:23 ----A---- C:\Windows\system32\offlinelsa.dll
2018-03-14 11:38:23 ----A---- C:\Windows\system32\drivers\tpm.sys
2018-03-14 11:38:23 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-03-14 11:38:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-03-14 11:38:23 ----A---- C:\Windows\system32\drivers\isapnp.sys
2018-03-14 11:38:23 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2018-03-14 11:38:23 ----A---- C:\Windows\system32\drivers\ataport.sys
2018-03-14 11:38:22 ----A---- C:\Windows\SYSWOW64\HoloShellRuntime.dll
2018-03-14 11:38:22 ----A---- C:\Windows\system32\SpectrumSyncClient.dll
2018-03-14 11:38:22 ----A---- C:\Windows\system32\HoloShellRuntime.dll
2018-03-14 11:38:22 ----A---- C:\Windows\system32\HeadTrackerStorage.dll
2018-03-14 11:38:22 ----A---- C:\Windows\system32\drivers\wcnfs.sys
2018-03-14 11:38:21 ----A---- C:\Windows\SYSWOW64\msisip.dll
2018-03-14 11:38:21 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-03-14 11:38:21 ----A---- C:\Windows\system32\UsoClient.exe
2018-03-14 11:38:21 ----A---- C:\Windows\system32\racpldlg.dll
2018-03-14 11:38:21 ----A---- C:\Windows\system32\msisip.dll
2018-03-14 11:38:21 ----A---- C:\Windows\system32\IndexedDbLegacy.dll
2018-03-14 11:38:21 ----A---- C:\Windows\system32\credssp.dll
======List of files/folders modified in the last 1 month======
2018-04-07 10:29:23 ----RD---- C:\Program Files
2018-04-07 10:29:15 ----D---- C:\Windows\prefetch
2018-04-07 10:21:50 ----D---- C:\Windows\Temp
2018-04-07 09:50:31 ----HD---- C:\Program Files\WindowsApps
2018-04-07 09:50:14 ----D---- C:\Windows\AppReadiness
2018-04-07 09:49:21 ----D---- C:\Windows\DeliveryOptimization
2018-04-07 09:38:35 ----D---- C:\Windows\System32
2018-04-07 09:38:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-04-07 09:37:26 ----D---- C:\Program Files (x86)\Steam
2018-04-07 09:31:17 ----D---- C:\Windows\system32\SleepStudy
2018-04-07 01:05:07 ----D---- C:\Windows\system32\sru
2018-04-06 13:46:10 ----SHD---- C:\System Volume Information
2018-04-06 12:15:54 ----RD---- C:\Windows\Microsoft.NET
2018-04-06 11:35:50 ----D---- C:\Windows\system32\config
2018-04-06 10:11:08 ----D---- C:\Windows\system32\drivers
2018-04-05 15:49:25 ----D---- C:\Windows\system32\LogFiles
2018-04-05 12:19:57 ----D---- C:\Windows\system32\Macromed
2018-04-05 12:19:29 ----D---- C:\Windows\SYSWOW64\Macromed
2018-04-05 12:19:00 ----D---- C:\Windows\system32\Tasks
2018-04-05 12:06:00 ----D---- C:\Windows
2018-04-05 12:03:21 ----D---- C:\Windows\WinSxS
2018-04-05 12:02:00 ----D---- C:\Program Files\Common Files
2018-04-05 11:57:56 ----D---- C:\Users\danie\AppData\Roaming\DAEMON Tools Lite
2018-04-05 11:57:06 ----D---- C:\Windows\Panther
2018-04-05 11:57:06 ----D---- C:\Windows\INF
2018-04-05 11:56:58 ----D---- C:\Windows\debug
2018-04-05 11:55:38 ----HD---- C:\ProgramData
2018-04-05 11:51:14 ----SD---- C:\ProgramData\Microsoft
2018-04-05 11:51:04 ----SD---- C:\Users\danie\AppData\Roaming\Microsoft
2018-04-04 17:47:25 ----RD---- C:\Program Files (x86)
2018-04-04 16:56:55 ----D---- C:\Windows\Logs
2018-04-01 11:11:42 ----D---- C:\Users\danie\AppData\Roaming\.minecraft
2018-03-23 19:07:15 ----D---- C:\Windows\system32\catroot2
2018-03-21 22:00:25 ----D---- C:\Windows\system32\DriverStore
2018-03-16 15:08:10 ----D---- C:\Windows\rescache
2018-03-15 14:42:59 ----D---- C:\Windows\SysWOW64
2018-03-15 14:38:59 ----D---- C:\Windows\TextInput
2018-03-15 14:38:51 ----D---- C:\Windows\system32\cs-CZ
2018-03-15 14:38:51 ----D---- C:\Windows\system32\appraiser
2018-03-15 14:38:46 ----D---- C:\Windows\ShellExperiences
2018-03-15 14:38:46 ----D---- C:\Windows\apppatch
2018-03-15 14:38:41 ----D---- C:\Windows\system32\Boot
2018-03-15 14:38:20 ----D---- C:\Windows\system32\drivers\UMDF
2018-03-14 12:26:08 ----D---- C:\Windows\CbsTemp
2018-03-14 12:15:56 ----D---- C:\Windows\system32\MRT
2018-03-14 12:15:47 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-03-14 12:15:26 ----AC---- C:\Windows\system32\MRT.exe
2018-03-14 11:50:14 ----A---- C:\Windows\SYSWOW64\Chakradiag.dll
2018-03-14 11:50:08 ----A---- C:\Windows\system32\Chakradiag.dll
2018-03-08 09:31:53 ----D---- C:\Windows\system32\drivers\en-US
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2017-09-29 56728]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-01-01 59800]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R1 HssDRV6;@oem17.inf,%HssDRV6_Desc%;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2015-02-04 44744]
R1 MpKsl08f8e963;MpKsl08f8e963; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{52B9CB99-2F74-4731-8B3C-5633C36C6263}\MpKsl08f8e963.sys [2018-03-20 58120]
R1 MpKsl28944816;MpKsl28944816; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D76D3F84-1CA9-4C71-A58B-3F41D0B17462}\MpKsl28944816.sys [2018-03-28 58120]
R1 MpKsl2a07d21a;MpKsl2a07d21a; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FBC1232F-1098-419A-8E7F-31D3C4506EEA}\MpKsl2a07d21a.sys [2018-03-25 58120]
R1 MpKsl35f21852;MpKsl35f21852; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9FE5C460-9371-4E4E-8588-0062C2E6163B}\MpKsl35f21852.sys [2018-04-07 58120]
R1 MpKsl4e11b3b0;MpKsl4e11b3b0; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EA89EE80-4B9A-4F25-839C-7891000AA2F4}\MpKsl4e11b3b0.sys [2018-03-23 58120]
R1 MpKsl64d844c7;MpKsl64d844c7; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4972F62C-7D7D-412F-A2F5-431CE781A358}\MpKsl64d844c7.sys [2018-03-31 58120]
R1 MpKsl748e65f5;MpKsl748e65f5; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9AFBA807-1C80-48C0-B10B-1C187A1968FD}\MpKsl748e65f5.sys [2018-03-21 58120]
R1 MpKsl8416e177;MpKsl8416e177; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{37645A9F-182B-4AC2-987E-D05D0F23030E}\MpKsl8416e177.sys [2018-04-04 58120]
R1 MpKsl945e46f4;MpKsl945e46f4; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C276B516-FF25-4FE6-90C5-5119141791F5}\MpKsl945e46f4.sys [2018-03-26 58120]
R1 MpKsl96e80eae;MpKsl96e80eae; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EBF9BBCD-5EFF-4E44-B541-CC580633ECC3}\MpKsl96e80eae.sys [2018-04-06 58120]
R1 MpKsl9838c145;MpKsl9838c145; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{290235A8-AC9A-4867-8414-58972F5A25FD}\MpKsl9838c145.sys [2018-03-27 58120]
R1 MpKsl99c034f5;MpKsl99c034f5; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{194FAC77-7F6A-4492-910A-D582B33D7113}\MpKsl99c034f5.sys [2018-03-24 58120]
R1 MpKsla5cf80c3;MpKsla5cf80c3; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4D983D7-8D31-4F3A-BD82-2AA2F2C8CBBD}\MpKsla5cf80c3.sys [2018-04-03 58120]
R1 MpKslb60ab1c8;MpKslb60ab1c8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1580BE73-8832-4365-B5DE-F0BDE4449ED3}\MpKslb60ab1c8.sys [2018-04-07 58120]
R1 MpKslddd84726;MpKslddd84726; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A682F4DD-0F16-4487-B928-F3A5A78872E1}\MpKslddd84726.sys [2018-03-22 58120]
R1 MpKsle355a936;MpKsle355a936; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{49E0BAD4-1463-4A97-B653-A6B447F44B74}\MpKsle355a936.sys [2018-04-05 58120]
R1 MpKsle381caa5;MpKsle381caa5; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{362126C8-B5A3-4940-BA95-17658646721A}\MpKsle381caa5.sys [2018-04-01 58120]
R1 MpKsled38f0df;MpKsled38f0df; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DBB1FAFF-8949-49BD-B4D8-53CE84FFAEC0}\MpKsled38f0df.sys [2018-03-30 58120]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2017-09-29 79872]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-10-21 21648880]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-10-21 674288]
R3 athr;@oem32.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athw10x.sys [2017-05-06 4318648]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2017-09-29 60312]
R3 CMUAC;@oem40.inf,%CMUAC.DeviceDesc%;Headset6400x1 Device Driver; C:\Windows\system32\DRIVERS\Headset6400x1.SYS [2013-10-03 387072]
R3 dtlitescsibus;@oem19.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2017-05-30 30264]
R3 dtliteusbbus;@oem28.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2017-05-30 47672]
R3 ETD;@oem3.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\Windows\System32\drivers\ETD.sys [2015-10-07 525512]
R3 L1C;@oem18.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\System32\drivers\L1C63x64.sys [2017-05-06 161864]
R3 RTSUER;@oem22.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2017-05-06 419296]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2017-09-29 118168]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2018-02-22 45472]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BstkDrv;BlueStacks Plus Hypervisor; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [2018-02-23 269408]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2017-09-29 122368]
S3 dg_ssudbus;@oem12.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\System32\drivers\ssudbus.sys [2016-04-25 129152]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\Windows\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2017-09-29 119808]
S3 KMWDFILTER;HIDServiceDesc; C:\Windows\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 mracdrv;MRAC Driver; C:\Windows\System32\drivers\mracdrv.sys [2018-02-25 7238880]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\Windows\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
S3 ss_conn_usb_driver;@oem9.inf,%ssud.SvcDesc%;SAMSUNG Mobile USB Connectivity Device Driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [2014-01-22 26368]
S3 ssudcdf;@oem34.inf,%SSUD.Service.Name%;SAMSUNG Mobile Mode Changer Device; C:\Windows\System32\drivers\ssudcdf.sys [2014-01-22 36608]
S3 ssuddmgr;@oem4.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Device Management Serial Port(DEVGURU Ver.); C:\Windows\System32\drivers\ssuddmgr.sys [2014-01-22 206080]
S3 ssudobex;@oem31.inf,%ssud.Service.Name%;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\System32\drivers\ssudobex.sys [2014-01-22 206080]
S3 ssudqcfilter;@oem12.inf,%ssudqcfilter.SvcDesc%;SAMSUNG Mobile USB QCRMNET Filter Driver; C:\Windows\System32\drivers\ssudqcfilter.sys [2016-04-25 64640]
S3 ssudrmnet;@oem10.inf,%ssud.Service.Name%;SAMSUNG Mobile USB RMNET Drivers; C:\Windows\System32\drivers\ssudrmnet.sys [2014-01-22 70400]
S3 ssudserd;@oem35.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\System32\drivers\ssudserd.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-10-21 255472]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-21 344064]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_3a1fd;Uživatelská služba platformy připojených zařízení_3a1fd; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2017-09-29 48688]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2015-02-04 1076520]
R2 OneSyncSvc_3a1fd;Hostitel synchronizace_3a1fd; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2018-03-01 519152]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-02-22 3480720]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-12 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-05 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-06-08 1536520]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_3a1fd;Tok zařízení_3a1fd; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-03-01 526376]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-09-28 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-12 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe [2018-03-27 405392]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_3a1fd;Služba zasílání zpráv_3a1fd; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 mracsvc;MRAC Service; C:\Windows\System32\mracsvc.exe [2018-02-25 8010968]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2017-10-16 7677008]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc_3a1fd;Data kontaktů_3a1fd; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_3a1fd;PrintWorkflow_3a1fd; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\Windows\system32\spectrum.exe [2018-03-02 956416]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-03-27 1671968]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prověření logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prověření logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prověření logu
Snad to je ten log.. nevyznám se v tom, ale po tom co jsem dal "vyčistit", tak se restartoval notebook a jak se zapl, tak jsem měl všechno nastavení notebooku a google chrome na default.. smazalo mi to všechny ikonky z plochy krom koše.. dokonce aji Avast a Operu mi to smazalo.
# AdwCleaner 7.0.8.0 - Logfile created on Sat Apr 07 09:39:44 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 2018-04-06.2
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [1307 B] - [2018/4/7 9:24:37]
C:/AdwCleaner/AdwCleaner[S0].txt - [1344 B] - [2018/4/7 9:23:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########
# AdwCleaner 7.0.8.0 - Logfile created on Sat Apr 07 09:39:44 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 2018-04-06.2
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [1307 B] - [2018/4/7 9:24:37]
C:/AdwCleaner/AdwCleaner[S0].txt - [1344 B] - [2018/4/7 9:23:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prověření logu
Je to on a je OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prověření logu
V příloze je aji to addition
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by danie (administrator) on DESKTOP-NKLPEP0 (07-04-2018 13:00:59)
Running from C:\Users\TEMP\Desktop
Loaded Profiles: danie (Available Profiles: danie) <==== ATTENTION (Temporary Profile?)
Platform: Windows 10 Home Version 1709 16299.309 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [OneDrive] => C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1570976 2018-04-07] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\RunOnce: [Uninstall 17.3.6816.0313\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64" <==== ATTENTION
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\RunOnce: [Uninstall 17.3.6816.0313] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\17.3.6816.0313" <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-04-03]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 93.91.240.101 93.91.240.254 10.0.0.1
Tcpip\..\Interfaces\{f3b0c4de-3591-42f3-91c2-8988e26ff204}: [DhcpNameServer] 93.91.240.101 93.91.240.254 10.0.0.1
Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-01] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-01] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default [2018-04-07]
CHR Extension: (Prezentace) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-07]
CHR Extension: (Dokumenty) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-07]
CHR Extension: (Disk Google) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-07]
CHR Extension: (YouTube) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-07]
CHR Extension: (Tabulky) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-07]
Opera:
=======
OPR Extension: (Youtube modern dark mode) - C:\Users\TEMP\AppData\Roaming\Opera Software\Opera Stable\Extensions\fldgolljokhlpnnleopipkhnffeldgia [2018-04-07]
OPR Extension: (Google Překladač) - C:\Users\TEMP\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2018-04-07]
OPR Extension: (Adblock Plus) - C:\Users\TEMP\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-04-07]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-06-08] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480720 2018-02-22] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526376 2018-03-01] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1076520 2015-02-04] (AnchorFree Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe [405392 2018-03-27] (McAfee, Inc.)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [8010968 2018-02-25] (LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7677008 2017-10-16] (INCA Internet Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318648 2017-05-06] (Qualcomm Atheros Communications, Inc.)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-23] (Bluestack System Inc. )
R3 CMUAC; C:\Windows\system32\DRIVERS\Headset6400x1.SYS [387072 2013-10-03] (A4Tech Inc.)
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-05-30] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-05-30] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2015-02-04] (AnchorFree Inc.)
R1 MpKsl0b878964; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{483F1B52-37D7-4831-9AC0-C3CE16736C9D}\MpKsl0b878964.sys [58120 2018-04-07] (Microsoft Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [7238880 2018-02-25] (LLC Mail.Ru)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [419296 2017-05-06] (Realsil Semiconductor Corporation)
S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [64640 2016-04-25] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42184 2015-02-04] (Anchorfree Inc.)
R3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2013-04-09] ()
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-03-01] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [288296 2018-03-01] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-01] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-07 13:00 - 2018-04-07 13:02 - 000012709 _____ C:\Users\TEMP\Desktop\FRST.txt
2018-04-07 13:00 - 2018-04-07 13:00 - 000000000 ____D C:\FRST
2018-04-07 12:59 - 2018-04-07 12:59 - 002403328 _____ (Farbar) C:\Users\TEMP\Desktop\FRST64.exe
2018-04-07 11:48 - 2018-04-07 11:48 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Google
2018-04-07 11:45 - 2018-04-07 11:45 - 000003948 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1523094296
2018-04-07 11:45 - 2018-04-07 11:45 - 000001166 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2018-04-07 11:45 - 2018-04-07 11:45 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-04-07 11:45 - 2018-04-07 11:45 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Opera Software
2018-04-07 11:45 - 2018-04-07 11:45 - 000000000 ____D C:\Users\TEMP\AppData\Local\Opera Software
2018-04-07 11:44 - 2018-04-07 11:46 - 000000000 ____D C:\Program Files\Opera
2018-04-07 11:42 - 2018-04-07 12:14 - 000002388 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-07 11:42 - 2018-04-07 12:14 - 000000000 ___RD C:\Users\TEMP\OneDrive
2018-04-07 11:29 - 2018-04-07 11:29 - 000000000 ____D C:\Users\TEMP\AppData\Local\AMD
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ___HD C:\Users\TEMP\MicrosoftEdgeBackups
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\DAEMON Tools Lite
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\ATI
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Local\ATI
2018-04-07 11:27 - 2018-04-07 11:30 - 000002336 _____ C:\Users\TEMP\Desktop\Google Chrome.lnk
2018-04-07 11:27 - 2018-04-07 11:29 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages
2018-04-07 11:27 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Local\MicrosoftEdge
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ___RD C:\Users\TEMP\3D Objects
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ____D C:\Users\TEMP\AppData\Local\Google
2018-04-07 11:26 - 2018-04-07 11:42 - 000000000 ____D C:\Users\TEMP
2018-04-07 11:26 - 2018-04-07 11:26 - 000000020 ___SH C:\Users\TEMP\ntuser.ini
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Šablony
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Soubory cookie
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Poslední
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Okolní tiskárny
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Okolní síť
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Nabídka Start
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Dokumenty
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Obrázky
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Hudba
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Filmy
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Data aplikací
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\AppData\Local\Data aplikací
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 ____D C:\Users\TEMP\AppData\Local\ConnectedDevicesPlatform
2018-04-07 11:25 - 2018-04-07 11:25 - 000000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2018-04-07 11:24 - 2018-04-07 11:24 - 000001344 _____ C:\Users\danie\Desktop\1.txt
2018-04-07 11:17 - 2018-04-07 11:39 - 000000000 ____D C:\AdwCleaner
2018-04-07 11:16 - 2018-04-07 11:17 - 008222496 _____ (Malwarebytes) C:\Users\danie\Desktop\adwcleaner_7.0.8.0.exe
2018-04-07 10:29 - 2018-04-07 10:29 - 000000000 ____D C:\rsit
2018-04-07 10:29 - 2018-04-07 10:29 - 000000000 ____D C:\Program Files\trend micro
2018-04-07 10:28 - 2018-04-07 10:28 - 001222144 _____ C:\Users\danie\Downloads\RSITx64.exe
2018-04-07 10:22 - 2018-04-07 10:22 - 000000000 ____D C:\Users\danie\Downloads\Anti-Keylogger_10.3.1 (1)
2018-04-07 10:18 - 2018-04-07 10:18 - 006065133 _____ C:\Users\danie\Downloads\Anti-Keylogger_10.3.1 (1).zip
2018-04-07 10:16 - 2018-04-07 10:17 - 006065133 _____ C:\Users\danie\Downloads\Anti-Keylogger_10.3.1.zip
2018-04-05 12:04 - 2018-04-05 12:04 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2018-04-05 12:02 - 2018-04-05 12:02 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000004206 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1522922149
2018-04-05 11:56 - 2018-04-05 11:56 - 000001368 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Users\danie\AppData\Roaming\Opera Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Users\danie\AppData\Local\Opera Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Program Files\AVAST Software
2018-04-05 11:55 - 2018-04-05 12:02 - 000000000 ____D C:\ProgramData\AVAST Software
2018-04-05 11:55 - 2018-04-05 11:56 - 000000000 ____D C:\Program Files\CCleaner
2018-04-05 11:55 - 2018-04-05 11:55 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-04-05 11:55 - 2018-04-05 11:55 - 000002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-04-05 11:55 - 2018-04-05 11:55 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-04-05 11:55 - 2018-04-05 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-04-05 11:53 - 2018-04-05 11:53 - 001357888 _____ (Opera Software) C:\Users\danie\Downloads\OperaSetup.exe
2018-04-05 11:51 - 2018-04-05 11:53 - 015333512 _____ (Piriform Ltd) C:\Users\danie\Downloads\ccsetup541.exe
2018-04-05 11:51 - 2018-04-05 11:51 - 000000017 _____ C:\Users\danie\AppData\Local\resmon.resmoncfg
2018-04-04 18:05 - 2018-04-04 18:05 - 000002245 _____ C:\Users\danie\Desktop\PickaxeChat.lnk
2018-04-04 17:48 - 2018-04-04 17:48 - 000001523 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2018-04-04 17:48 - 2018-04-04 17:48 - 000001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2018-04-04 17:45 - 2018-04-04 17:47 - 000000000 ____D C:\ProgramData\BlueStacks
2018-04-04 17:45 - 2018-04-04 17:47 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2018-04-04 17:44 - 2018-04-04 17:48 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2018-04-04 17:44 - 2018-04-04 17:47 - 000000000 ____D C:\Users\danie\AppData\Local\Bluestacks
2018-04-04 17:39 - 2018-04-04 17:43 - 298116824 _____ (BlueStack Systems Inc.) C:\Users\danie\Downloads\BlueStacks-Installer_BS3_native.exe
2018-04-04 17:37 - 2018-04-04 17:37 - 000000000 ____D C:\Users\danie\.pickaxe
2018-04-04 16:58 - 2018-04-04 16:59 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-04-04 16:58 - 2018-04-04 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2018-04-04 16:57 - 2018-04-04 17:02 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2018-04-04 16:57 - 2018-04-04 16:57 - 000000000 ____D C:\Users\danie\AppData\Roaming\Hotspot Shield
2018-04-04 16:57 - 2015-02-04 04:01 - 000044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2018-04-03 10:54 - 2018-04-03 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2018-04-03 10:53 - 2018-04-03 10:55 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-04-02 17:46 - 2018-04-02 17:46 - 000000866 _____ C:\Users\danie\Desktop\Start Tor Browser.lnk
2018-04-02 17:40 - 2018-04-02 17:41 - 000000000 ____D C:\Users\danie\Desktop\Tor Browser
2018-03-31 20:26 - 2018-04-06 21:44 - 000000000 ____D C:\Users\danie\AppData\LocalLow\Mozilla
2018-03-31 20:24 - 2018-04-02 17:46 - 000000914 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2018-03-31 20:21 - 2018-03-31 20:22 - 053707712 _____ C:\Users\danie\Downloads\torbrowser-install-7.5.3_en-US.exe
2018-03-31 16:06 - 2018-03-31 16:09 - 000000000 ____D C:\Users\danie\Desktop\girlshare.ro_Switchbotv3_1
2018-03-30 22:15 - 2018-03-30 22:15 - 000000000 ____D C:\Users\danie\Desktop\Godnite
2018-03-30 22:14 - 2018-03-30 22:14 - 1851881418 _____ C:\Users\danie\Desktop\Godnite.rar
2018-03-24 15:19 - 2018-04-03 10:53 - 000000000 ____D C:\Program Files\McAfee Security Scan
2018-03-24 11:11 - 2018-03-24 11:11 - 000000000 ____D C:\ProgramData\McAfee
2018-03-23 12:46 - 2015-04-18 04:42 - 010312846 _____ C:\Users\danie\Desktop\girlshare.ro_Switchbotv3_1.zip
2018-03-22 17:48 - 2018-03-22 17:48 - 000000000 ____D C:\Users\danie\Desktop\evil-world
2018-03-22 17:14 - 2018-03-22 17:48 - 1774333113 _____ C:\Users\danie\Desktop\evil-world.rar
2018-03-21 21:05 - 2018-03-21 21:05 - 000000000 ____D C:\Users\danie\Desktop\World_of_Definition
2018-03-19 13:16 - 2014-05-25 14:45 - 000009538 _____ C:\Users\danie\Desktop\fish-bot.rar
2018-03-17 21:04 - 2018-03-17 21:04 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thyone II.lnk
2018-03-17 21:04 - 2018-03-17 21:04 - 000001092 _____ C:\Users\Public\Desktop\Thyone II.lnk
2018-03-17 20:51 - 2018-03-21 21:07 - 000000000 ____D C:\Program Files (x86)\Thyone II
2018-03-17 20:42 - 2018-03-17 20:46 - 1353918303 _____ (SimplyGames.cz ) C:\Users\danie\Desktop\Thyone II instalace.exe
2018-03-17 16:35 - 2018-03-17 16:35 - 000000222 _____ C:\Users\danie\Desktop\Unturned.url
2018-03-15 14:42 - 2018-03-02 23:09 - 000834552 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-15 14:42 - 2018-03-02 23:09 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-14 11:40 - 2018-03-01 09:17 - 000408984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-03-14 11:40 - 2018-03-01 09:14 - 007384576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 11:40 - 2018-03-01 09:10 - 000075168 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2018-03-14 11:40 - 2018-03-01 08:28 - 006480616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2018-03-14 11:40 - 2018-03-01 08:01 - 019354624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-03-14 11:40 - 2018-03-01 08:01 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-03-14 11:40 - 2018-03-01 07:58 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-03-14 11:40 - 2018-03-01 07:57 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-03-14 11:40 - 2018-03-01 07:56 - 018922496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-03-14 11:40 - 2018-03-01 07:56 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-03-14 11:40 - 2018-03-01 07:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-03-14 11:40 - 2018-03-01 07:54 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-03-14 11:40 - 2018-02-22 04:00 - 000187296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2018-03-14 11:40 - 2018-02-22 03:54 - 000437144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2018-03-14 11:39 - 2018-03-02 05:36 - 017085440 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-03-14 11:39 - 2018-03-01 09:46 - 002003352 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 11:39 - 2018-03-01 09:40 - 002514936 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-14 11:39 - 2018-03-01 09:37 - 007831760 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-03-14 11:39 - 2018-03-01 09:31 - 008602520 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-14 11:39 - 2018-03-01 09:29 - 000733592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-14 11:39 - 2018-03-01 09:27 - 001173576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-14 11:39 - 2018-03-01 09:23 - 000749976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-03-14 11:39 - 2018-03-01 09:17 - 002710736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-14 11:39 - 2018-03-01 09:15 - 002574232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-03-14 11:39 - 2018-03-01 09:14 - 007675784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 001694224 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 000356952 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 000147872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2018-03-14 11:39 - 2018-03-01 09:11 - 000093600 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-03-14 11:39 - 2018-03-01 09:10 - 001779936 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-03-14 11:39 - 2018-03-01 09:09 - 001054272 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-03-14 11:39 - 2018-03-01 08:51 - 000777904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-14 11:39 - 2018-03-01 08:48 - 001930736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-14 11:39 - 2018-03-01 08:30 - 005615968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-03-14 11:39 - 2018-03-01 08:29 - 006092152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-03-14 11:39 - 2018-03-01 08:28 - 002193168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-03-14 11:39 - 2018-03-01 08:27 - 000284112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-03-14 11:39 - 2018-03-01 08:26 - 001524776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-03-14 11:39 - 2018-03-01 08:26 - 001057816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-03-14 11:39 - 2018-03-01 08:21 - 001558856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2018-03-14 11:39 - 2018-03-01 08:09 - 025251840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-03-14 11:39 - 2018-03-01 08:03 - 002902528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-03-14 11:39 - 2018-03-01 08:01 - 006575616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-03-14 11:39 - 2018-03-01 07:58 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2018-03-14 11:39 - 2018-03-01 07:58 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2018-03-14 11:39 - 2018-03-01 07:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-03-14 11:39 - 2018-03-01 07:54 - 003664384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-03-14 11:39 - 2018-03-01 07:54 - 001296896 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-03-14 11:39 - 2018-03-01 07:54 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000536576 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000399872 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-03-14 11:39 - 2018-03-01 07:53 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-03-14 11:39 - 2018-03-01 07:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\AcSpecfc.dll
2018-03-14 11:39 - 2018-03-01 07:52 - 011923968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-03-14 11:39 - 2018-03-01 07:52 - 006030336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-03-14 11:39 - 2018-03-01 07:51 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2018-03-14 11:39 - 2018-03-01 07:50 - 003677184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-03-14 11:39 - 2018-03-01 07:50 - 002869760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-03-14 11:39 - 2018-03-01 07:49 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-03-14 11:39 - 2018-03-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-14 11:39 - 2018-03-01 07:48 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-03-14 11:39 - 2018-03-01 07:47 - 023674368 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-14 11:39 - 2018-03-01 07:46 - 000770048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-03-14 11:39 - 2018-03-01 07:45 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-14 11:39 - 2018-03-01 07:45 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-14 11:39 - 2018-03-01 07:45 - 000386560 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-14 11:39 - 2018-03-01 07:44 - 008030720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-03-14 11:39 - 2018-03-01 07:43 - 012830208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-14 11:39 - 2018-03-01 07:42 - 002084352 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-03-14 11:39 - 2018-03-01 07:41 - 008103936 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 004745728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 000812032 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-14 11:39 - 2018-03-01 07:40 - 005833216 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 002035712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll
2018-03-14 11:39 - 2018-03-01 07:38 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2018-03-14 11:39 - 2018-03-01 07:38 - 000726016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-03-14 11:39 - 2018-03-01 07:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-03-14 11:39 - 2018-02-22 04:13 - 000279456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-03-14 11:39 - 2018-02-22 04:13 - 000077216 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-03-14 11:39 - 2018-02-22 04:11 - 000109984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-03-14 11:39 - 2018-02-22 04:10 - 000285080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2018-03-14 11:39 - 2018-02-22 04:08 - 001206688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-03-14 11:39 - 2018-02-22 04:08 - 001055648 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-03-14 11:39 - 2018-02-22 04:08 - 000571288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-03-14 11:39 - 2018-02-22 04:03 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2018-03-14 11:39 - 2018-02-22 04:03 - 000082848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-03-14 11:39 - 2018-02-22 04:02 - 000149400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2018-03-14 11:39 - 2018-02-22 03:59 - 021351624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-03-14 11:39 - 2018-02-22 03:52 - 000103328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2018-03-14 11:39 - 2018-02-22 03:51 - 000555424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-03-14 11:39 - 2018-02-22 03:51 - 000045472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2018-03-14 11:39 - 2018-02-22 03:50 - 000362904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-14 11:39 - 2018-02-22 02:41 - 020286120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-03-14 11:39 - 2018-02-22 02:31 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-03-14 11:39 - 2018-02-22 02:30 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2018-03-14 11:39 - 2018-02-22 02:30 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-03-14 11:38 - 2018-03-02 05:02 - 000037888 _____ C:\Windows\system32\SpectrumSyncClient.dll
2018-03-14 11:38 - 2018-03-02 05:01 - 000640000 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000248320 _____ (Microsoft Corporation) C:\Windows\system32\svf.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\HoloShellRuntime.dll
2018-03-14 11:38 - 2018-03-02 04:59 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-03-14 11:38 - 2018-03-01 22:28 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HoloShellRuntime.dll
2018-03-14 11:38 - 2018-03-01 09:50 - 000270744 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 11:38 - 2018-03-01 09:49 - 000389536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 11:38 - 2018-03-01 09:48 - 000664472 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 11:38 - 2018-03-01 09:47 - 000749464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 11:38 - 2018-03-01 09:47 - 000035224 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-03-14 11:38 - 2018-03-01 09:46 - 001568664 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 11:38 - 2018-03-01 09:46 - 000609176 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 11:38 - 2018-03-01 09:46 - 000138144 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 11:38 - 2018-03-01 09:45 - 000070040 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-03-14 11:38 - 2018-03-01 09:40 - 000461720 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-03-14 11:38 - 2018-03-01 09:40 - 000273304 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-14 11:38 - 2018-03-01 09:30 - 000540064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-03-14 11:38 - 2018-03-01 09:30 - 000264040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-03-14 11:38 - 2018-03-01 09:26 - 000170912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-14 11:38 - 2018-03-01 09:25 - 000377752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-14 11:38 - 2018-03-01 09:19 - 000710768 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-03-14 11:38 - 2018-03-01 09:17 - 000519152 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2018-03-14 11:38 - 2018-03-01 09:14 - 005105664 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2018-03-14 11:38 - 2018-03-01 09:14 - 000128928 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-03-14 11:38 - 2018-03-01 09:12 - 000677272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-03-14 11:38 - 2018-03-01 09:12 - 000250264 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2018-03-14 11:38 - 2018-03-01 09:12 - 000189344 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2018-03-14 11:38 - 2018-03-01 09:10 - 000022936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-14 11:38 - 2018-03-01 08:39 - 000213400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-03-14 11:38 - 2018-03-01 08:29 - 000574960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-03-14 11:38 - 2018-03-01 08:28 - 000115096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2018-03-14 11:38 - 2018-03-01 08:27 - 000221592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2018-03-14 11:38 - 2018-03-01 08:23 - 005105664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2018-03-14 11:38 - 2018-03-01 08:01 - 000019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-14 11:38 - 2018-03-01 08:00 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-14 11:38 - 2018-03-01 07:59 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 11:38 - 2018-03-01 07:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2018-03-14 11:38 - 2018-03-01 07:54 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2018-03-14 11:38 - 2018-03-01 07:51 - 002329088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-03-14 11:38 - 2018-03-01 07:51 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-03-14 11:38 - 2018-03-01 07:51 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2018-03-14 11:38 - 2018-03-01 07:49 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-03-14 11:38 - 2018-03-01 07:49 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 11:38 - 2018-03-01 07:48 - 000543232 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll
2018-03-14 11:38 - 2018-03-01 07:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2018-03-14 11:38 - 2018-03-01 07:47 - 000484352 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-03-14 11:38 - 2018-03-01 07:46 - 004051968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-03-14 11:38 - 2018-03-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-03-14 11:38 - 2018-03-01 07:44 - 005195776 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-03-14 11:38 - 2018-03-01 07:42 - 003505664 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-14 11:38 - 2018-03-01 07:39 - 002222592 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-03-14 11:38 - 2018-03-01 07:36 - 004050432 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-14 11:38 - 2018-03-01 07:36 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-03-14 11:38 - 2018-03-01 07:35 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-14 11:38 - 2018-03-01 07:35 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-03-14 11:38 - 2018-02-22 04:23 - 001092016 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-14 11:38 - 2018-02-22 04:23 - 000924648 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-03-14 11:38 - 2018-02-22 04:07 - 001415296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-14 11:38 - 2018-02-22 04:07 - 001209248 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-14 11:38 - 2018-02-22 04:07 - 000194456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-03-14 11:38 - 2018-02-22 03:51 - 000097176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2018-03-14 11:38 - 2018-02-22 03:50 - 000229272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2018-03-14 11:38 - 2018-02-22 02:30 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
2018-03-14 11:38 - 2018-02-22 02:27 - 001282048 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-03-14 11:38 - 2018-02-22 02:26 - 000441344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2018-03-14 11:38 - 2018-02-22 02:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2018-03-14 11:38 - 2018-02-22 02:16 - 001286144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2018-03-14 11:38 - 2018-02-22 02:12 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2018-03-10 23:16 - 2018-03-10 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DigitalZone
2018-03-10 15:56 - 2018-03-10 15:56 - 000595250 _____ C:\Users\danie\Desktop\aimcfg.rar
2018-03-10 12:17 - 2018-03-10 12:17 - 000113760 _____ C:\Users\danie\Desktop\you_noob_spray_made_by_xender_.rar
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-13 08:45 - 2018-02-20 20:00 - 000004208 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{88B5D1AD-41B2-4DF2-80AB-B13E2B65E429}
2018-04-07 12:15 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-04-07 12:14 - 2018-02-12 16:18 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-191269715-4099532795-744383957-1002
2018-04-07 12:14 - 2018-02-12 00:13 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-07 12:14 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\AppReadiness
2018-04-07 11:34 - 2018-02-12 01:33 - 003297612 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-07 11:34 - 2018-02-12 00:27 - 001539148 _____ C:\Windows\system32\perfh005.dat
2018-04-07 11:34 - 2018-02-12 00:27 - 000384294 _____ C:\Windows\system32\perfc005.dat
2018-04-07 11:27 - 2018-02-12 16:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-04-07 11:26 - 2018-02-12 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-07 11:25 - 2018-02-11 23:39 - 000524288 _____ C:\Windows\system32\config\BBI
2018-04-07 09:37 - 2018-02-12 16:32 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-07 09:31 - 2018-02-12 16:04 - 000000000 ____D C:\Users\danie
2018-04-07 09:31 - 2018-02-12 01:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-04-05 14:44 - 2018-02-12 16:05 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2018-04-05 14:43 - 2018-02-12 16:36 - 000000000 ____D C:\Users\danie\AppData\Local\PlaceholderTileLogoFolder
2018-04-05 12:20 - 2018-03-03 16:13 - 000004666 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-05 12:20 - 2018-03-03 16:13 - 000004506 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-05 12:20 - 2018-03-03 16:06 - 000000000 ____D C:\Users\danie\AppData\Local\Adobe
2018-04-05 12:19 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-05 12:19 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-05 11:57 - 2018-03-01 18:19 - 000000000 ____D C:\Users\danie\AppData\Roaming\DAEMON Tools Lite
2018-04-05 11:57 - 2018-02-12 00:06 - 000000000 ____D C:\Windows\INF
2018-04-05 11:57 - 2018-02-11 23:39 - 000000000 ____D C:\Windows\Panther
2018-04-05 00:30 - 2018-03-01 10:32 - 000000000 ____D C:\Users\danie\Documents\DAVAProject
2018-04-02 17:11 - 2018-02-16 16:35 - 000003228 _____ C:\Users\danie\Desktop\Nový textový dokument.txt
2018-04-01 11:11 - 2018-03-05 21:05 - 000000000 ____D C:\Users\danie\AppData\Roaming\.minecraft
2018-03-30 11:40 - 2018-02-12 16:12 - 000002391 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-30 11:40 - 2018-02-12 16:12 - 000000000 ___RD C:\Users\danie\OneDrive
2018-03-22 16:31 - 2018-02-12 16:22 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-16 15:08 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\rescache
2018-03-15 14:44 - 2018-02-12 16:05 - 000000000 ___RD C:\Users\danie\3D Objects
2018-03-15 14:42 - 2018-02-12 01:07 - 000223160 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\TextInput
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\ShellExperiences
2018-03-14 12:26 - 2018-02-11 23:46 - 000000000 ____D C:\Windows\CbsTemp
2018-03-14 12:23 - 2018-02-12 16:24 - 000000000 ____D C:\Windows\system32\MRT
2018-03-14 12:15 - 2018-02-12 16:24 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-14 12:15 - 2018-02-12 16:22 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-14 11:50 - 2017-09-29 15:41 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-03-14 11:50 - 2017-09-29 15:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
Files to move or delete:
====================
C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Some files in TEMP:
====================
2018-04-05 11:53 - 2018-04-05 11:53 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095337474.dll
2018-04-05 11:53 - 2018-04-05 11:53 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095355252.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095400330.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095401193.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095401902.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095407266.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095414066.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095423998.dll
2018-04-05 11:55 - 2018-04-05 11:55 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095548460.dll
2018-04-05 11:57 - 2018-04-05 11:57 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095717851.dll
2018-04-05 12:04 - 2018-04-05 12:04 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405100429640.dll
2018-04-05 12:22 - 2018-04-05 12:22 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405102253210.dll
2018-04-05 18:21 - 2018-04-05 18:21 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405162151965.dll
2018-04-06 10:19 - 2018-04-06 10:19 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406081937764.dll
2018-04-06 10:23 - 2018-04-06 10:23 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406082325679.dll
2018-04-06 11:57 - 2018-04-06 11:57 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406095701084.dll
2018-04-06 21:17 - 2018-04-06 21:17 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406191725297.dll
2018-04-06 21:18 - 2018-04-06 21:18 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406191845460.dll
2018-04-06 21:20 - 2018-04-06 21:20 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406192014116.dll
2018-04-07 00:12 - 2018-04-07 00:12 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406221226710.dll
2018-04-07 09:36 - 2018-04-07 09:36 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180407073655072.dll
2018-04-07 09:38 - 2018-04-07 09:38 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180407073839909.dll
2018-04-07 11:31 - 2018-04-07 11:31 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407093145748.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094342277.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094342979.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094345829.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094350417.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094358944.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094402848.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094455910.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094456583.dll
2018-04-07 11:45 - 2018-04-07 11:45 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094551327.dll
2018-04-07 11:59 - 2018-04-07 11:59 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407095921871.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-04-04 12:07
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by danie (administrator) on DESKTOP-NKLPEP0 (07-04-2018 13:00:59)
Running from C:\Users\TEMP\Desktop
Loaded Profiles: danie (Available Profiles: danie) <==== ATTENTION (Temporary Profile?)
Platform: Windows 10 Home Version 1709 16299.309 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Program Files\Opera\52.0.2871.40\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [OneDrive] => C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1570976 2018-04-07] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\RunOnce: [Uninstall 17.3.6816.0313\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64" <==== ATTENTION
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\RunOnce: [Uninstall 17.3.6816.0313] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\17.3.6816.0313" <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-04-03]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 93.91.240.101 93.91.240.254 10.0.0.1
Tcpip\..\Interfaces\{f3b0c4de-3591-42f3-91c2-8988e26ff204}: [DhcpNameServer] 93.91.240.101 93.91.240.254 10.0.0.1
Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-01] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-01] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default [2018-04-07]
CHR Extension: (Prezentace) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-07]
CHR Extension: (Dokumenty) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-07]
CHR Extension: (Disk Google) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-07]
CHR Extension: (YouTube) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-07]
CHR Extension: (Tabulky) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-07]
Opera:
=======
OPR Extension: (Youtube modern dark mode) - C:\Users\TEMP\AppData\Roaming\Opera Software\Opera Stable\Extensions\fldgolljokhlpnnleopipkhnffeldgia [2018-04-07]
OPR Extension: (Google Překladač) - C:\Users\TEMP\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2018-04-07]
OPR Extension: (Adblock Plus) - C:\Users\TEMP\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-04-07]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-06-08] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480720 2018-02-22] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526376 2018-03-01] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1076520 2015-02-04] (AnchorFree Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe [405392 2018-03-27] (McAfee, Inc.)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [8010968 2018-02-25] (LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7677008 2017-10-16] (INCA Internet Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318648 2017-05-06] (Qualcomm Atheros Communications, Inc.)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-23] (Bluestack System Inc. )
R3 CMUAC; C:\Windows\system32\DRIVERS\Headset6400x1.SYS [387072 2013-10-03] (A4Tech Inc.)
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-05-30] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-05-30] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2015-02-04] (AnchorFree Inc.)
R1 MpKsl0b878964; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{483F1B52-37D7-4831-9AC0-C3CE16736C9D}\MpKsl0b878964.sys [58120 2018-04-07] (Microsoft Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [7238880 2018-02-25] (LLC Mail.Ru)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [419296 2017-05-06] (Realsil Semiconductor Corporation)
S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [64640 2016-04-25] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42184 2015-02-04] (Anchorfree Inc.)
R3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2013-04-09] ()
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-03-01] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [288296 2018-03-01] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-01] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-07 13:00 - 2018-04-07 13:02 - 000012709 _____ C:\Users\TEMP\Desktop\FRST.txt
2018-04-07 13:00 - 2018-04-07 13:00 - 000000000 ____D C:\FRST
2018-04-07 12:59 - 2018-04-07 12:59 - 002403328 _____ (Farbar) C:\Users\TEMP\Desktop\FRST64.exe
2018-04-07 11:48 - 2018-04-07 11:48 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Google
2018-04-07 11:45 - 2018-04-07 11:45 - 000003948 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1523094296
2018-04-07 11:45 - 2018-04-07 11:45 - 000001166 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2018-04-07 11:45 - 2018-04-07 11:45 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-04-07 11:45 - 2018-04-07 11:45 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Opera Software
2018-04-07 11:45 - 2018-04-07 11:45 - 000000000 ____D C:\Users\TEMP\AppData\Local\Opera Software
2018-04-07 11:44 - 2018-04-07 11:46 - 000000000 ____D C:\Program Files\Opera
2018-04-07 11:42 - 2018-04-07 12:14 - 000002388 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-07 11:42 - 2018-04-07 12:14 - 000000000 ___RD C:\Users\TEMP\OneDrive
2018-04-07 11:29 - 2018-04-07 11:29 - 000000000 ____D C:\Users\TEMP\AppData\Local\AMD
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ___HD C:\Users\TEMP\MicrosoftEdgeBackups
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\DAEMON Tools Lite
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\ATI
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Local\ATI
2018-04-07 11:27 - 2018-04-07 11:30 - 000002336 _____ C:\Users\TEMP\Desktop\Google Chrome.lnk
2018-04-07 11:27 - 2018-04-07 11:29 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages
2018-04-07 11:27 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Local\MicrosoftEdge
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ___RD C:\Users\TEMP\3D Objects
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ____D C:\Users\TEMP\AppData\Local\Google
2018-04-07 11:26 - 2018-04-07 11:42 - 000000000 ____D C:\Users\TEMP
2018-04-07 11:26 - 2018-04-07 11:26 - 000000020 ___SH C:\Users\TEMP\ntuser.ini
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Šablony
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Soubory cookie
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Poslední
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Okolní tiskárny
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Okolní síť
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Nabídka Start
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Dokumenty
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Obrázky
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Hudba
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Filmy
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Data aplikací
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\AppData\Local\Data aplikací
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 ____D C:\Users\TEMP\AppData\Local\ConnectedDevicesPlatform
2018-04-07 11:25 - 2018-04-07 11:25 - 000000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2018-04-07 11:24 - 2018-04-07 11:24 - 000001344 _____ C:\Users\danie\Desktop\1.txt
2018-04-07 11:17 - 2018-04-07 11:39 - 000000000 ____D C:\AdwCleaner
2018-04-07 11:16 - 2018-04-07 11:17 - 008222496 _____ (Malwarebytes) C:\Users\danie\Desktop\adwcleaner_7.0.8.0.exe
2018-04-07 10:29 - 2018-04-07 10:29 - 000000000 ____D C:\rsit
2018-04-07 10:29 - 2018-04-07 10:29 - 000000000 ____D C:\Program Files\trend micro
2018-04-07 10:28 - 2018-04-07 10:28 - 001222144 _____ C:\Users\danie\Downloads\RSITx64.exe
2018-04-07 10:22 - 2018-04-07 10:22 - 000000000 ____D C:\Users\danie\Downloads\Anti-Keylogger_10.3.1 (1)
2018-04-07 10:18 - 2018-04-07 10:18 - 006065133 _____ C:\Users\danie\Downloads\Anti-Keylogger_10.3.1 (1).zip
2018-04-07 10:16 - 2018-04-07 10:17 - 006065133 _____ C:\Users\danie\Downloads\Anti-Keylogger_10.3.1.zip
2018-04-05 12:04 - 2018-04-05 12:04 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2018-04-05 12:02 - 2018-04-05 12:02 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000004206 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1522922149
2018-04-05 11:56 - 2018-04-05 11:56 - 000001368 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Users\danie\AppData\Roaming\Opera Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Users\danie\AppData\Local\Opera Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Program Files\AVAST Software
2018-04-05 11:55 - 2018-04-05 12:02 - 000000000 ____D C:\ProgramData\AVAST Software
2018-04-05 11:55 - 2018-04-05 11:56 - 000000000 ____D C:\Program Files\CCleaner
2018-04-05 11:55 - 2018-04-05 11:55 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-04-05 11:55 - 2018-04-05 11:55 - 000002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-04-05 11:55 - 2018-04-05 11:55 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-04-05 11:55 - 2018-04-05 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-04-05 11:53 - 2018-04-05 11:53 - 001357888 _____ (Opera Software) C:\Users\danie\Downloads\OperaSetup.exe
2018-04-05 11:51 - 2018-04-05 11:53 - 015333512 _____ (Piriform Ltd) C:\Users\danie\Downloads\ccsetup541.exe
2018-04-05 11:51 - 2018-04-05 11:51 - 000000017 _____ C:\Users\danie\AppData\Local\resmon.resmoncfg
2018-04-04 18:05 - 2018-04-04 18:05 - 000002245 _____ C:\Users\danie\Desktop\PickaxeChat.lnk
2018-04-04 17:48 - 2018-04-04 17:48 - 000001523 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2018-04-04 17:48 - 2018-04-04 17:48 - 000001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2018-04-04 17:45 - 2018-04-04 17:47 - 000000000 ____D C:\ProgramData\BlueStacks
2018-04-04 17:45 - 2018-04-04 17:47 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2018-04-04 17:44 - 2018-04-04 17:48 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2018-04-04 17:44 - 2018-04-04 17:47 - 000000000 ____D C:\Users\danie\AppData\Local\Bluestacks
2018-04-04 17:39 - 2018-04-04 17:43 - 298116824 _____ (BlueStack Systems Inc.) C:\Users\danie\Downloads\BlueStacks-Installer_BS3_native.exe
2018-04-04 17:37 - 2018-04-04 17:37 - 000000000 ____D C:\Users\danie\.pickaxe
2018-04-04 16:58 - 2018-04-04 16:59 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-04-04 16:58 - 2018-04-04 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2018-04-04 16:57 - 2018-04-04 17:02 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2018-04-04 16:57 - 2018-04-04 16:57 - 000000000 ____D C:\Users\danie\AppData\Roaming\Hotspot Shield
2018-04-04 16:57 - 2015-02-04 04:01 - 000044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2018-04-03 10:54 - 2018-04-03 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2018-04-03 10:53 - 2018-04-03 10:55 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-04-02 17:46 - 2018-04-02 17:46 - 000000866 _____ C:\Users\danie\Desktop\Start Tor Browser.lnk
2018-04-02 17:40 - 2018-04-02 17:41 - 000000000 ____D C:\Users\danie\Desktop\Tor Browser
2018-03-31 20:26 - 2018-04-06 21:44 - 000000000 ____D C:\Users\danie\AppData\LocalLow\Mozilla
2018-03-31 20:24 - 2018-04-02 17:46 - 000000914 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2018-03-31 20:21 - 2018-03-31 20:22 - 053707712 _____ C:\Users\danie\Downloads\torbrowser-install-7.5.3_en-US.exe
2018-03-31 16:06 - 2018-03-31 16:09 - 000000000 ____D C:\Users\danie\Desktop\girlshare.ro_Switchbotv3_1
2018-03-30 22:15 - 2018-03-30 22:15 - 000000000 ____D C:\Users\danie\Desktop\Godnite
2018-03-30 22:14 - 2018-03-30 22:14 - 1851881418 _____ C:\Users\danie\Desktop\Godnite.rar
2018-03-24 15:19 - 2018-04-03 10:53 - 000000000 ____D C:\Program Files\McAfee Security Scan
2018-03-24 11:11 - 2018-03-24 11:11 - 000000000 ____D C:\ProgramData\McAfee
2018-03-23 12:46 - 2015-04-18 04:42 - 010312846 _____ C:\Users\danie\Desktop\girlshare.ro_Switchbotv3_1.zip
2018-03-22 17:48 - 2018-03-22 17:48 - 000000000 ____D C:\Users\danie\Desktop\evil-world
2018-03-22 17:14 - 2018-03-22 17:48 - 1774333113 _____ C:\Users\danie\Desktop\evil-world.rar
2018-03-21 21:05 - 2018-03-21 21:05 - 000000000 ____D C:\Users\danie\Desktop\World_of_Definition
2018-03-19 13:16 - 2014-05-25 14:45 - 000009538 _____ C:\Users\danie\Desktop\fish-bot.rar
2018-03-17 21:04 - 2018-03-17 21:04 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thyone II.lnk
2018-03-17 21:04 - 2018-03-17 21:04 - 000001092 _____ C:\Users\Public\Desktop\Thyone II.lnk
2018-03-17 20:51 - 2018-03-21 21:07 - 000000000 ____D C:\Program Files (x86)\Thyone II
2018-03-17 20:42 - 2018-03-17 20:46 - 1353918303 _____ (SimplyGames.cz ) C:\Users\danie\Desktop\Thyone II instalace.exe
2018-03-17 16:35 - 2018-03-17 16:35 - 000000222 _____ C:\Users\danie\Desktop\Unturned.url
2018-03-15 14:42 - 2018-03-02 23:09 - 000834552 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-15 14:42 - 2018-03-02 23:09 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-14 11:40 - 2018-03-01 09:17 - 000408984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-03-14 11:40 - 2018-03-01 09:14 - 007384576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 11:40 - 2018-03-01 09:10 - 000075168 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2018-03-14 11:40 - 2018-03-01 08:28 - 006480616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2018-03-14 11:40 - 2018-03-01 08:01 - 019354624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-03-14 11:40 - 2018-03-01 08:01 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-03-14 11:40 - 2018-03-01 07:58 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-03-14 11:40 - 2018-03-01 07:57 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-03-14 11:40 - 2018-03-01 07:56 - 018922496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-03-14 11:40 - 2018-03-01 07:56 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-03-14 11:40 - 2018-03-01 07:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-03-14 11:40 - 2018-03-01 07:54 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-03-14 11:40 - 2018-02-22 04:00 - 000187296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2018-03-14 11:40 - 2018-02-22 03:54 - 000437144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2018-03-14 11:39 - 2018-03-02 05:36 - 017085440 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-03-14 11:39 - 2018-03-01 09:46 - 002003352 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 11:39 - 2018-03-01 09:40 - 002514936 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-14 11:39 - 2018-03-01 09:37 - 007831760 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-03-14 11:39 - 2018-03-01 09:31 - 008602520 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-14 11:39 - 2018-03-01 09:29 - 000733592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-14 11:39 - 2018-03-01 09:27 - 001173576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-14 11:39 - 2018-03-01 09:23 - 000749976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-03-14 11:39 - 2018-03-01 09:17 - 002710736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-14 11:39 - 2018-03-01 09:15 - 002574232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-03-14 11:39 - 2018-03-01 09:14 - 007675784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 001694224 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 000356952 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 000147872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2018-03-14 11:39 - 2018-03-01 09:11 - 000093600 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-03-14 11:39 - 2018-03-01 09:10 - 001779936 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-03-14 11:39 - 2018-03-01 09:09 - 001054272 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-03-14 11:39 - 2018-03-01 08:51 - 000777904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-14 11:39 - 2018-03-01 08:48 - 001930736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-14 11:39 - 2018-03-01 08:30 - 005615968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-03-14 11:39 - 2018-03-01 08:29 - 006092152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-03-14 11:39 - 2018-03-01 08:28 - 002193168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-03-14 11:39 - 2018-03-01 08:27 - 000284112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-03-14 11:39 - 2018-03-01 08:26 - 001524776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-03-14 11:39 - 2018-03-01 08:26 - 001057816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-03-14 11:39 - 2018-03-01 08:21 - 001558856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2018-03-14 11:39 - 2018-03-01 08:09 - 025251840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-03-14 11:39 - 2018-03-01 08:03 - 002902528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-03-14 11:39 - 2018-03-01 08:01 - 006575616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-03-14 11:39 - 2018-03-01 07:58 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2018-03-14 11:39 - 2018-03-01 07:58 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2018-03-14 11:39 - 2018-03-01 07:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-03-14 11:39 - 2018-03-01 07:54 - 003664384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-03-14 11:39 - 2018-03-01 07:54 - 001296896 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-03-14 11:39 - 2018-03-01 07:54 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000536576 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000399872 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-03-14 11:39 - 2018-03-01 07:53 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-03-14 11:39 - 2018-03-01 07:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\AcSpecfc.dll
2018-03-14 11:39 - 2018-03-01 07:52 - 011923968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-03-14 11:39 - 2018-03-01 07:52 - 006030336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-03-14 11:39 - 2018-03-01 07:51 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2018-03-14 11:39 - 2018-03-01 07:50 - 003677184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-03-14 11:39 - 2018-03-01 07:50 - 002869760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-03-14 11:39 - 2018-03-01 07:49 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-03-14 11:39 - 2018-03-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-14 11:39 - 2018-03-01 07:48 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-03-14 11:39 - 2018-03-01 07:47 - 023674368 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-14 11:39 - 2018-03-01 07:46 - 000770048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-03-14 11:39 - 2018-03-01 07:45 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-14 11:39 - 2018-03-01 07:45 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-14 11:39 - 2018-03-01 07:45 - 000386560 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-14 11:39 - 2018-03-01 07:44 - 008030720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-03-14 11:39 - 2018-03-01 07:43 - 012830208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-14 11:39 - 2018-03-01 07:42 - 002084352 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-03-14 11:39 - 2018-03-01 07:41 - 008103936 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 004745728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 000812032 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-14 11:39 - 2018-03-01 07:40 - 005833216 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 002035712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll
2018-03-14 11:39 - 2018-03-01 07:38 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2018-03-14 11:39 - 2018-03-01 07:38 - 000726016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-03-14 11:39 - 2018-03-01 07:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-03-14 11:39 - 2018-02-22 04:13 - 000279456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-03-14 11:39 - 2018-02-22 04:13 - 000077216 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-03-14 11:39 - 2018-02-22 04:11 - 000109984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-03-14 11:39 - 2018-02-22 04:10 - 000285080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2018-03-14 11:39 - 2018-02-22 04:08 - 001206688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-03-14 11:39 - 2018-02-22 04:08 - 001055648 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-03-14 11:39 - 2018-02-22 04:08 - 000571288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-03-14 11:39 - 2018-02-22 04:03 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2018-03-14 11:39 - 2018-02-22 04:03 - 000082848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-03-14 11:39 - 2018-02-22 04:02 - 000149400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2018-03-14 11:39 - 2018-02-22 03:59 - 021351624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-03-14 11:39 - 2018-02-22 03:52 - 000103328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2018-03-14 11:39 - 2018-02-22 03:51 - 000555424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-03-14 11:39 - 2018-02-22 03:51 - 000045472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2018-03-14 11:39 - 2018-02-22 03:50 - 000362904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-14 11:39 - 2018-02-22 02:41 - 020286120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-03-14 11:39 - 2018-02-22 02:31 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-03-14 11:39 - 2018-02-22 02:30 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2018-03-14 11:39 - 2018-02-22 02:30 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-03-14 11:38 - 2018-03-02 05:02 - 000037888 _____ C:\Windows\system32\SpectrumSyncClient.dll
2018-03-14 11:38 - 2018-03-02 05:01 - 000640000 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000248320 _____ (Microsoft Corporation) C:\Windows\system32\svf.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\HoloShellRuntime.dll
2018-03-14 11:38 - 2018-03-02 04:59 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-03-14 11:38 - 2018-03-01 22:28 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HoloShellRuntime.dll
2018-03-14 11:38 - 2018-03-01 09:50 - 000270744 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 11:38 - 2018-03-01 09:49 - 000389536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 11:38 - 2018-03-01 09:48 - 000664472 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 11:38 - 2018-03-01 09:47 - 000749464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 11:38 - 2018-03-01 09:47 - 000035224 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-03-14 11:38 - 2018-03-01 09:46 - 001568664 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 11:38 - 2018-03-01 09:46 - 000609176 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 11:38 - 2018-03-01 09:46 - 000138144 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 11:38 - 2018-03-01 09:45 - 000070040 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-03-14 11:38 - 2018-03-01 09:40 - 000461720 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-03-14 11:38 - 2018-03-01 09:40 - 000273304 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-14 11:38 - 2018-03-01 09:30 - 000540064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-03-14 11:38 - 2018-03-01 09:30 - 000264040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-03-14 11:38 - 2018-03-01 09:26 - 000170912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-14 11:38 - 2018-03-01 09:25 - 000377752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-14 11:38 - 2018-03-01 09:19 - 000710768 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-03-14 11:38 - 2018-03-01 09:17 - 000519152 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2018-03-14 11:38 - 2018-03-01 09:14 - 005105664 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2018-03-14 11:38 - 2018-03-01 09:14 - 000128928 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-03-14 11:38 - 2018-03-01 09:12 - 000677272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-03-14 11:38 - 2018-03-01 09:12 - 000250264 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2018-03-14 11:38 - 2018-03-01 09:12 - 000189344 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2018-03-14 11:38 - 2018-03-01 09:10 - 000022936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-14 11:38 - 2018-03-01 08:39 - 000213400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-03-14 11:38 - 2018-03-01 08:29 - 000574960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-03-14 11:38 - 2018-03-01 08:28 - 000115096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2018-03-14 11:38 - 2018-03-01 08:27 - 000221592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2018-03-14 11:38 - 2018-03-01 08:23 - 005105664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2018-03-14 11:38 - 2018-03-01 08:01 - 000019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-14 11:38 - 2018-03-01 08:00 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-14 11:38 - 2018-03-01 07:59 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 11:38 - 2018-03-01 07:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2018-03-14 11:38 - 2018-03-01 07:54 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2018-03-14 11:38 - 2018-03-01 07:51 - 002329088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-03-14 11:38 - 2018-03-01 07:51 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-03-14 11:38 - 2018-03-01 07:51 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2018-03-14 11:38 - 2018-03-01 07:49 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-03-14 11:38 - 2018-03-01 07:49 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 11:38 - 2018-03-01 07:48 - 000543232 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll
2018-03-14 11:38 - 2018-03-01 07:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2018-03-14 11:38 - 2018-03-01 07:47 - 000484352 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-03-14 11:38 - 2018-03-01 07:46 - 004051968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-03-14 11:38 - 2018-03-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-03-14 11:38 - 2018-03-01 07:44 - 005195776 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-03-14 11:38 - 2018-03-01 07:42 - 003505664 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-14 11:38 - 2018-03-01 07:39 - 002222592 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-03-14 11:38 - 2018-03-01 07:36 - 004050432 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-14 11:38 - 2018-03-01 07:36 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-03-14 11:38 - 2018-03-01 07:35 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-14 11:38 - 2018-03-01 07:35 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-03-14 11:38 - 2018-02-22 04:23 - 001092016 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-14 11:38 - 2018-02-22 04:23 - 000924648 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-03-14 11:38 - 2018-02-22 04:07 - 001415296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-14 11:38 - 2018-02-22 04:07 - 001209248 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-14 11:38 - 2018-02-22 04:07 - 000194456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-03-14 11:38 - 2018-02-22 03:51 - 000097176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2018-03-14 11:38 - 2018-02-22 03:50 - 000229272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2018-03-14 11:38 - 2018-02-22 02:30 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
2018-03-14 11:38 - 2018-02-22 02:27 - 001282048 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-03-14 11:38 - 2018-02-22 02:26 - 000441344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2018-03-14 11:38 - 2018-02-22 02:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2018-03-14 11:38 - 2018-02-22 02:16 - 001286144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2018-03-14 11:38 - 2018-02-22 02:12 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2018-03-10 23:16 - 2018-03-10 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DigitalZone
2018-03-10 15:56 - 2018-03-10 15:56 - 000595250 _____ C:\Users\danie\Desktop\aimcfg.rar
2018-03-10 12:17 - 2018-03-10 12:17 - 000113760 _____ C:\Users\danie\Desktop\you_noob_spray_made_by_xender_.rar
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-13 08:45 - 2018-02-20 20:00 - 000004208 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{88B5D1AD-41B2-4DF2-80AB-B13E2B65E429}
2018-04-07 12:15 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-04-07 12:14 - 2018-02-12 16:18 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-191269715-4099532795-744383957-1002
2018-04-07 12:14 - 2018-02-12 00:13 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-07 12:14 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\AppReadiness
2018-04-07 11:34 - 2018-02-12 01:33 - 003297612 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-07 11:34 - 2018-02-12 00:27 - 001539148 _____ C:\Windows\system32\perfh005.dat
2018-04-07 11:34 - 2018-02-12 00:27 - 000384294 _____ C:\Windows\system32\perfc005.dat
2018-04-07 11:27 - 2018-02-12 16:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-04-07 11:26 - 2018-02-12 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-07 11:25 - 2018-02-11 23:39 - 000524288 _____ C:\Windows\system32\config\BBI
2018-04-07 09:37 - 2018-02-12 16:32 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-07 09:31 - 2018-02-12 16:04 - 000000000 ____D C:\Users\danie
2018-04-07 09:31 - 2018-02-12 01:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-04-05 14:44 - 2018-02-12 16:05 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2018-04-05 14:43 - 2018-02-12 16:36 - 000000000 ____D C:\Users\danie\AppData\Local\PlaceholderTileLogoFolder
2018-04-05 12:20 - 2018-03-03 16:13 - 000004666 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-05 12:20 - 2018-03-03 16:13 - 000004506 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-05 12:20 - 2018-03-03 16:06 - 000000000 ____D C:\Users\danie\AppData\Local\Adobe
2018-04-05 12:19 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-05 12:19 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-05 11:57 - 2018-03-01 18:19 - 000000000 ____D C:\Users\danie\AppData\Roaming\DAEMON Tools Lite
2018-04-05 11:57 - 2018-02-12 00:06 - 000000000 ____D C:\Windows\INF
2018-04-05 11:57 - 2018-02-11 23:39 - 000000000 ____D C:\Windows\Panther
2018-04-05 00:30 - 2018-03-01 10:32 - 000000000 ____D C:\Users\danie\Documents\DAVAProject
2018-04-02 17:11 - 2018-02-16 16:35 - 000003228 _____ C:\Users\danie\Desktop\Nový textový dokument.txt
2018-04-01 11:11 - 2018-03-05 21:05 - 000000000 ____D C:\Users\danie\AppData\Roaming\.minecraft
2018-03-30 11:40 - 2018-02-12 16:12 - 000002391 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-30 11:40 - 2018-02-12 16:12 - 000000000 ___RD C:\Users\danie\OneDrive
2018-03-22 16:31 - 2018-02-12 16:22 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-16 15:08 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\rescache
2018-03-15 14:44 - 2018-02-12 16:05 - 000000000 ___RD C:\Users\danie\3D Objects
2018-03-15 14:42 - 2018-02-12 01:07 - 000223160 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\TextInput
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\ShellExperiences
2018-03-14 12:26 - 2018-02-11 23:46 - 000000000 ____D C:\Windows\CbsTemp
2018-03-14 12:23 - 2018-02-12 16:24 - 000000000 ____D C:\Windows\system32\MRT
2018-03-14 12:15 - 2018-02-12 16:24 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-14 12:15 - 2018-02-12 16:22 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-14 11:50 - 2017-09-29 15:41 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-03-14 11:50 - 2017-09-29 15:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
Files to move or delete:
====================
C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Some files in TEMP:
====================
2018-04-05 11:53 - 2018-04-05 11:53 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095337474.dll
2018-04-05 11:53 - 2018-04-05 11:53 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095355252.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095400330.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095401193.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095401902.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095407266.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095414066.dll
2018-04-05 11:54 - 2018-04-05 11:54 - 001876992 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095423998.dll
2018-04-05 11:55 - 2018-04-05 11:55 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095548460.dll
2018-04-05 11:57 - 2018-04-05 11:57 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405095717851.dll
2018-04-05 12:04 - 2018-04-05 12:04 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405100429640.dll
2018-04-05 12:22 - 2018-04-05 12:22 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405102253210.dll
2018-04-05 18:21 - 2018-04-05 18:21 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180405162151965.dll
2018-04-06 10:19 - 2018-04-06 10:19 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406081937764.dll
2018-04-06 10:23 - 2018-04-06 10:23 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406082325679.dll
2018-04-06 11:57 - 2018-04-06 11:57 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406095701084.dll
2018-04-06 21:17 - 2018-04-06 21:17 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406191725297.dll
2018-04-06 21:18 - 2018-04-06 21:18 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406191845460.dll
2018-04-06 21:20 - 2018-04-06 21:20 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406192014116.dll
2018-04-07 00:12 - 2018-04-07 00:12 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180406221226710.dll
2018-04-07 09:36 - 2018-04-07 09:36 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180407073655072.dll
2018-04-07 09:38 - 2018-04-07 09:38 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180407073839909.dll
2018-04-07 11:31 - 2018-04-07 11:31 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407093145748.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094342277.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094342979.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094345829.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094350417.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094358944.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094402848.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094455910.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094456583.dll
2018-04-07 11:45 - 2018-04-07 11:45 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094551327.dll
2018-04-07 11:59 - 2018-04-07 11:59 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407095921871.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-04-04 12:07
==================== End of FRST.txt ============================
- Přílohy
-
- ADD.zip
- (7.29 KiB) Staženo 41 x
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prověření logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
C:\Program Files\McAfee Security Scan
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [OneDrive] => C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1570976 2018-04-07] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\RunOnce: [Uninstall 17.3.6816.0313\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64" <==== ATTENTION
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\RunOnce: [Uninstall 17.3.6816.0313] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\17.3.6816.0313" <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-04-03]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-04-03]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe (McAfee, Inc.)
C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\danie\AppData\Local\Temp
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {BFD93F6A-ECC7-45C4-ACAD-02DE4F6B0BE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-12] (Google Inc.)
Task: {D0EED459-15AE-449E-9D9F-4E04BDBCBCA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-12] (Google Inc.)
EmptyTenl:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prověření logu
Udělal jsem vše co jsem měl, ale místo vyskočení logu, se notebook začal hned restartovat. Tak hned jak se zapl, tak jsem přes FRST udělal scan. Hned jak se zapl, tak jsem si všiml, že se jakoby vrátil do stejného stavu jako byl ráno. Už mám zpátky ikonky, které jsem měl ráno na ploše, nastavení notebooku a nastavení prohlížeče. Takže tady dávám zase log FRST a do přílohy Addition, doufám, že to je ten log, který měl vyskočit po tom co se to fixlo.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by danie (administrator) on DESKTOP-NKLPEP0 (07-04-2018 18:39:04)
Running from C:\Users\danie\Desktop
Loaded Profiles: danie (Available Profiles: danie)
Platform: Windows 10 Home Version 1709 16299.309 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera_crashreporter.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.251_none_16dd4c82321e5ccc\TiWorker.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.265.202.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8555008 2017-10-16] ()
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5262992 2018-02-22] (Disc Soft Ltd)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\MountPoints2: {eb2b36ee-1d48-11e8-9ad4-b870f4fb74e3} - "H:\setup.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.91.240.101 93.91.240.254 10.0.0.1
Tcpip\..\Interfaces\{f3b0c4de-3591-42f3-91c2-8988e26ff204}: [DhcpNameServer] 93.91.240.101 93.91.240.254 10.0.0.1
Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-01] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-01] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2018-04-07]
CHR Extension: (Prezentace) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-12]
CHR Extension: (Forge of Empires) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaphblkfplenhkephgneolhnmjminjg [2018-02-12]
CHR Extension: (Dokumenty) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-12]
CHR Extension: (Disk Google) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-12]
CHR Extension: (YouTube) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-12]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2018-02-12]
CHR Extension: (Tabulky) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-12]
CHR Extension: (AdBlock) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-06]
CHR Extension: (The West) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2018-02-12]
CHR Extension: (Youtube Dark Mode) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhgcomgldfapimdboelilfcipigkgik [2018-02-26]
CHR Extension: (Black red shards) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2018-03-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-12]
CHR Extension: (Chrome Media Router) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-22]
Opera:
=======
OPR Extension: (Dark Theme for YouTube™) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\ilelgdgnlplldkcagifkpgmalglmegia [2018-04-05]
OPR Extension: (Dark Mode) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\jabpfojepndedlelamfloejfoopkogcf [2018-04-05]
OPR Extension: (Dark Skin for Youtube™) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\jmbefbhbhjgnjbegmnhmakmmldnfogcd [2018-04-05]
OPR Extension: (Flash Player for YouTube™) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\knbfimhapmnifdchcafinkbfikmomaak [2018-04-05]
OPR Extension: (Google Překladač) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2018-04-05]
OPR Extension: (Adblock Plus) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-04-05]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-06-08] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480720 2018-02-22] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526376 2018-03-01] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1076520 2015-02-04] (AnchorFree Inc.)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [8010968 2018-02-25] (LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7677008 2017-10-16] (INCA Internet Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-01] (Microsoft Corporation)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318648 2017-05-06] (Qualcomm Atheros Communications, Inc.)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-23] (Bluestack System Inc. )
R3 CMUAC; C:\Windows\system32\DRIVERS\Headset6400x1.SYS [387072 2013-10-03] (A4Tech Inc.)
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-05-30] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-05-30] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2015-02-04] (AnchorFree Inc.)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [7238880 2018-02-25] (LLC Mail.Ru)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [419296 2017-05-06] (Realsil Semiconductor Corporation)
S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [64640 2016-04-25] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42184 2015-02-04] (Anchorfree Inc.)
R3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2013-04-09] ()
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-03-01] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [288296 2018-03-01] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-01] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-07 18:39 - 2018-04-07 18:42 - 000014222 _____ C:\Users\danie\Desktop\FRST.txt
2018-04-07 18:27 - 2018-04-07 18:28 - 000004577 _____ C:\Users\TEMP\Desktop\Fixlog.txt
2018-04-07 18:25 - 2018-04-07 18:26 - 000001777 _____ C:\Users\TEMP\Desktop\fixlist.txt.txt
2018-04-07 18:24 - 2018-04-07 18:25 - 012746169 _____ C:\Users\TEMP\Downloads\notepad_7.5.6.exe
2018-04-07 13:12 - 2018-04-07 13:12 - 000007461 _____ C:\Users\TEMP\Desktop\ADD.zip
2018-04-07 13:12 - 2018-04-07 13:12 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\WinRAR
2018-04-07 13:05 - 2018-04-07 13:06 - 000031598 _____ C:\Users\TEMP\Desktop\Addition.txt
2018-04-07 13:00 - 2018-04-07 18:39 - 000000000 ____D C:\FRST
2018-04-07 13:00 - 2018-04-07 13:06 - 000054366 _____ C:\Users\TEMP\Desktop\FRST.txt
2018-04-07 12:59 - 2018-04-07 12:59 - 002403328 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2018-04-07 11:48 - 2018-04-07 11:48 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Google
2018-04-07 11:45 - 2018-04-07 11:45 - 000003948 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1523094296
2018-04-07 11:45 - 2018-04-07 11:45 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-04-07 11:45 - 2018-04-07 11:45 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Opera Software
2018-04-07 11:44 - 2018-04-07 11:46 - 000000000 ____D C:\Program Files\Opera
2018-04-07 11:42 - 2018-04-07 12:14 - 000002388 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-07 11:42 - 2018-04-07 12:14 - 000000000 ___RD C:\Users\TEMP\OneDrive
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ___HD C:\Users\TEMP\MicrosoftEdgeBackups
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\DAEMON Tools Lite
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\ATI
2018-04-07 11:27 - 2018-04-07 18:32 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages
2018-04-07 11:27 - 2018-04-07 11:30 - 000002336 _____ C:\Users\TEMP\Desktop\Google Chrome.lnk
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2018-04-07 11:26 - 2018-04-07 18:32 - 000000000 ____D C:\Users\TEMP
2018-04-07 11:26 - 2018-04-07 11:26 - 000000020 ___SH C:\Users\TEMP\ntuser.ini
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Šablony
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Soubory cookie
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Poslední
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Okolní tiskárny
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Okolní síť
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Nabídka Start
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Dokumenty
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Obrázky
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Hudba
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Filmy
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Data aplikací
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-04-07 11:25 - 2018-04-07 11:25 - 000000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2018-04-07 11:17 - 2018-04-07 11:39 - 000000000 ____D C:\AdwCleaner
2018-04-07 10:29 - 2018-04-07 10:29 - 000000000 ____D C:\rsit
2018-04-07 10:29 - 2018-04-07 10:29 - 000000000 ____D C:\Program Files\trend micro
2018-04-07 10:28 - 2018-04-07 10:28 - 001222144 _____ C:\Users\danie\Downloads\RSITx64.exe
2018-04-07 10:22 - 2018-04-07 10:22 - 000000000 ____D C:\Users\danie\Downloads\Anti-Keylogger_10.3.1 (1)
2018-04-07 10:18 - 2018-04-07 10:18 - 006065133 _____ C:\Users\danie\Downloads\Anti-Keylogger_10.3.1 (1).zip
2018-04-07 10:16 - 2018-04-07 10:17 - 006065133 _____ C:\Users\danie\Downloads\Anti-Keylogger_10.3.1.zip
2018-04-05 12:04 - 2018-04-05 12:04 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2018-04-05 12:02 - 2018-04-05 12:02 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000004206 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1522922149
2018-04-05 11:56 - 2018-04-05 11:56 - 000001368 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Users\danie\AppData\Roaming\Opera Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Users\danie\AppData\Local\Opera Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Program Files\AVAST Software
2018-04-05 11:55 - 2018-04-05 12:02 - 000000000 ____D C:\ProgramData\AVAST Software
2018-04-05 11:55 - 2018-04-05 11:56 - 000000000 ____D C:\Program Files\CCleaner
2018-04-05 11:55 - 2018-04-05 11:55 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-04-05 11:55 - 2018-04-05 11:55 - 000002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-04-05 11:55 - 2018-04-05 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-04-05 11:53 - 2018-04-05 11:53 - 001357888 _____ (Opera Software) C:\Users\danie\Downloads\OperaSetup.exe
2018-04-05 11:51 - 2018-04-05 11:53 - 015333512 _____ (Piriform Ltd) C:\Users\danie\Downloads\ccsetup541.exe
2018-04-05 11:51 - 2018-04-05 11:51 - 000000017 _____ C:\Users\danie\AppData\Local\resmon.resmoncfg
2018-04-04 17:48 - 2018-04-04 17:48 - 000001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2018-04-04 17:45 - 2018-04-04 17:47 - 000000000 ____D C:\ProgramData\BlueStacks
2018-04-04 17:45 - 2018-04-04 17:47 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2018-04-04 17:44 - 2018-04-04 17:48 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2018-04-04 17:44 - 2018-04-04 17:47 - 000000000 ____D C:\Users\danie\AppData\Local\Bluestacks
2018-04-04 17:39 - 2018-04-04 17:43 - 298116824 _____ (BlueStack Systems Inc.) C:\Users\danie\Downloads\BlueStacks-Installer_BS3_native.exe
2018-04-04 17:37 - 2018-04-04 17:37 - 000000000 ____D C:\Users\danie\.pickaxe
2018-04-04 16:58 - 2018-04-04 16:59 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-04-04 16:58 - 2018-04-04 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2018-04-04 16:57 - 2018-04-04 17:02 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2018-04-04 16:57 - 2018-04-04 16:57 - 000000000 ____D C:\Users\danie\AppData\Roaming\Hotspot Shield
2018-04-04 16:57 - 2015-02-04 04:01 - 000044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2018-04-03 10:54 - 2018-04-03 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2018-04-03 10:53 - 2018-04-03 10:55 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-03-31 20:26 - 2018-04-06 21:44 - 000000000 ____D C:\Users\danie\AppData\LocalLow\Mozilla
2018-03-31 20:24 - 2018-04-02 17:46 - 000000914 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2018-03-31 20:21 - 2018-03-31 20:22 - 053707712 _____ C:\Users\danie\Downloads\torbrowser-install-7.5.3_en-US.exe
2018-03-31 16:06 - 2018-03-31 16:09 - 000000000 ____D C:\Users\danie\Desktop\girlshare.ro_Switchbotv3_1
2018-03-30 22:15 - 2018-03-30 22:15 - 000000000 ____D C:\Users\danie\Desktop\Godnite
2018-03-30 22:14 - 2018-03-30 22:14 - 1851881418 _____ C:\Users\danie\Desktop\Godnite.rar
2018-03-24 11:11 - 2018-03-24 11:11 - 000000000 ____D C:\ProgramData\McAfee
2018-03-22 17:48 - 2018-03-22 17:48 - 000000000 ____D C:\Users\danie\Desktop\evil-world
2018-03-17 21:04 - 2018-03-17 21:04 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thyone II.lnk
2018-03-17 20:51 - 2018-03-21 21:07 - 000000000 ____D C:\Program Files (x86)\Thyone II
2018-03-17 20:42 - 2018-03-17 20:46 - 1353918303 _____ (SimplyGames.cz ) C:\Users\danie\Desktop\Thyone II instalace.exe
2018-03-15 14:42 - 2018-03-02 23:09 - 000834552 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-15 14:42 - 2018-03-02 23:09 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-14 11:40 - 2018-03-01 09:17 - 000408984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-03-14 11:40 - 2018-03-01 09:14 - 007384576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 11:40 - 2018-03-01 09:10 - 000075168 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2018-03-14 11:40 - 2018-03-01 08:28 - 006480616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2018-03-14 11:40 - 2018-03-01 08:01 - 019354624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-03-14 11:40 - 2018-03-01 08:01 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-03-14 11:40 - 2018-03-01 07:58 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-03-14 11:40 - 2018-03-01 07:57 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-03-14 11:40 - 2018-03-01 07:56 - 018922496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-03-14 11:40 - 2018-03-01 07:56 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-03-14 11:40 - 2018-03-01 07:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-03-14 11:40 - 2018-03-01 07:54 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-03-14 11:40 - 2018-02-22 04:00 - 000187296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2018-03-14 11:40 - 2018-02-22 03:54 - 000437144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2018-03-14 11:39 - 2018-03-02 05:36 - 017085440 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-03-14 11:39 - 2018-03-01 09:46 - 002003352 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 11:39 - 2018-03-01 09:40 - 002514936 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-14 11:39 - 2018-03-01 09:37 - 007831760 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-03-14 11:39 - 2018-03-01 09:31 - 008602520 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-14 11:39 - 2018-03-01 09:29 - 000733592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-14 11:39 - 2018-03-01 09:27 - 001173576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-14 11:39 - 2018-03-01 09:23 - 000749976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-03-14 11:39 - 2018-03-01 09:17 - 002710736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-14 11:39 - 2018-03-01 09:15 - 002574232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-03-14 11:39 - 2018-03-01 09:14 - 007675784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 001694224 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 000356952 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 000147872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2018-03-14 11:39 - 2018-03-01 09:11 - 000093600 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-03-14 11:39 - 2018-03-01 09:10 - 001779936 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-03-14 11:39 - 2018-03-01 09:09 - 001054272 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-03-14 11:39 - 2018-03-01 08:51 - 000777904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-14 11:39 - 2018-03-01 08:48 - 001930736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-14 11:39 - 2018-03-01 08:30 - 005615968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-03-14 11:39 - 2018-03-01 08:29 - 006092152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-03-14 11:39 - 2018-03-01 08:28 - 002193168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-03-14 11:39 - 2018-03-01 08:27 - 000284112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-03-14 11:39 - 2018-03-01 08:26 - 001524776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-03-14 11:39 - 2018-03-01 08:26 - 001057816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-03-14 11:39 - 2018-03-01 08:21 - 001558856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2018-03-14 11:39 - 2018-03-01 08:09 - 025251840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-03-14 11:39 - 2018-03-01 08:03 - 002902528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-03-14 11:39 - 2018-03-01 08:01 - 006575616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-03-14 11:39 - 2018-03-01 07:58 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2018-03-14 11:39 - 2018-03-01 07:58 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2018-03-14 11:39 - 2018-03-01 07:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-03-14 11:39 - 2018-03-01 07:54 - 003664384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-03-14 11:39 - 2018-03-01 07:54 - 001296896 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-03-14 11:39 - 2018-03-01 07:54 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000536576 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000399872 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-03-14 11:39 - 2018-03-01 07:53 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-03-14 11:39 - 2018-03-01 07:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\AcSpecfc.dll
2018-03-14 11:39 - 2018-03-01 07:52 - 011923968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-03-14 11:39 - 2018-03-01 07:52 - 006030336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-03-14 11:39 - 2018-03-01 07:51 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2018-03-14 11:39 - 2018-03-01 07:50 - 003677184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-03-14 11:39 - 2018-03-01 07:50 - 002869760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-03-14 11:39 - 2018-03-01 07:49 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-03-14 11:39 - 2018-03-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-14 11:39 - 2018-03-01 07:48 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-03-14 11:39 - 2018-03-01 07:47 - 023674368 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-14 11:39 - 2018-03-01 07:46 - 000770048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-03-14 11:39 - 2018-03-01 07:45 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-14 11:39 - 2018-03-01 07:45 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-14 11:39 - 2018-03-01 07:45 - 000386560 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-14 11:39 - 2018-03-01 07:44 - 008030720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-03-14 11:39 - 2018-03-01 07:43 - 012830208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-14 11:39 - 2018-03-01 07:42 - 002084352 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-03-14 11:39 - 2018-03-01 07:41 - 008103936 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 004745728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 000812032 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-14 11:39 - 2018-03-01 07:40 - 005833216 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 002035712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll
2018-03-14 11:39 - 2018-03-01 07:38 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2018-03-14 11:39 - 2018-03-01 07:38 - 000726016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-03-14 11:39 - 2018-03-01 07:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-03-14 11:39 - 2018-02-22 04:13 - 000279456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-03-14 11:39 - 2018-02-22 04:13 - 000077216 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-03-14 11:39 - 2018-02-22 04:11 - 000109984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-03-14 11:39 - 2018-02-22 04:10 - 000285080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2018-03-14 11:39 - 2018-02-22 04:08 - 001206688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-03-14 11:39 - 2018-02-22 04:08 - 001055648 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-03-14 11:39 - 2018-02-22 04:08 - 000571288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-03-14 11:39 - 2018-02-22 04:03 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2018-03-14 11:39 - 2018-02-22 04:03 - 000082848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-03-14 11:39 - 2018-02-22 04:02 - 000149400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2018-03-14 11:39 - 2018-02-22 03:59 - 021351624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-03-14 11:39 - 2018-02-22 03:52 - 000103328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2018-03-14 11:39 - 2018-02-22 03:51 - 000555424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-03-14 11:39 - 2018-02-22 03:51 - 000045472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2018-03-14 11:39 - 2018-02-22 03:50 - 000362904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-14 11:39 - 2018-02-22 02:41 - 020286120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-03-14 11:39 - 2018-02-22 02:31 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-03-14 11:39 - 2018-02-22 02:30 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2018-03-14 11:39 - 2018-02-22 02:30 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-03-14 11:38 - 2018-03-02 05:02 - 000037888 _____ C:\Windows\system32\SpectrumSyncClient.dll
2018-03-14 11:38 - 2018-03-02 05:01 - 000640000 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000248320 _____ (Microsoft Corporation) C:\Windows\system32\svf.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\HoloShellRuntime.dll
2018-03-14 11:38 - 2018-03-02 04:59 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-03-14 11:38 - 2018-03-01 22:28 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HoloShellRuntime.dll
2018-03-14 11:38 - 2018-03-01 09:50 - 000270744 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 11:38 - 2018-03-01 09:49 - 000389536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 11:38 - 2018-03-01 09:48 - 000664472 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 11:38 - 2018-03-01 09:47 - 000749464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 11:38 - 2018-03-01 09:47 - 000035224 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-03-14 11:38 - 2018-03-01 09:46 - 001568664 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 11:38 - 2018-03-01 09:46 - 000609176 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 11:38 - 2018-03-01 09:46 - 000138144 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 11:38 - 2018-03-01 09:45 - 000070040 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-03-14 11:38 - 2018-03-01 09:40 - 000461720 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-03-14 11:38 - 2018-03-01 09:40 - 000273304 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-14 11:38 - 2018-03-01 09:30 - 000540064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-03-14 11:38 - 2018-03-01 09:30 - 000264040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-03-14 11:38 - 2018-03-01 09:26 - 000170912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-14 11:38 - 2018-03-01 09:25 - 000377752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-14 11:38 - 2018-03-01 09:19 - 000710768 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-03-14 11:38 - 2018-03-01 09:17 - 000519152 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2018-03-14 11:38 - 2018-03-01 09:14 - 005105664 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2018-03-14 11:38 - 2018-03-01 09:14 - 000128928 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-03-14 11:38 - 2018-03-01 09:12 - 000677272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-03-14 11:38 - 2018-03-01 09:12 - 000250264 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2018-03-14 11:38 - 2018-03-01 09:12 - 000189344 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2018-03-14 11:38 - 2018-03-01 09:10 - 000022936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-14 11:38 - 2018-03-01 08:39 - 000213400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-03-14 11:38 - 2018-03-01 08:29 - 000574960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-03-14 11:38 - 2018-03-01 08:28 - 000115096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2018-03-14 11:38 - 2018-03-01 08:27 - 000221592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2018-03-14 11:38 - 2018-03-01 08:23 - 005105664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2018-03-14 11:38 - 2018-03-01 08:01 - 000019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-14 11:38 - 2018-03-01 08:00 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-14 11:38 - 2018-03-01 07:59 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 11:38 - 2018-03-01 07:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2018-03-14 11:38 - 2018-03-01 07:54 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2018-03-14 11:38 - 2018-03-01 07:51 - 002329088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-03-14 11:38 - 2018-03-01 07:51 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-03-14 11:38 - 2018-03-01 07:51 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2018-03-14 11:38 - 2018-03-01 07:49 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-03-14 11:38 - 2018-03-01 07:49 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 11:38 - 2018-03-01 07:48 - 000543232 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll
2018-03-14 11:38 - 2018-03-01 07:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2018-03-14 11:38 - 2018-03-01 07:47 - 000484352 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-03-14 11:38 - 2018-03-01 07:46 - 004051968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-03-14 11:38 - 2018-03-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-03-14 11:38 - 2018-03-01 07:44 - 005195776 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-03-14 11:38 - 2018-03-01 07:42 - 003505664 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-14 11:38 - 2018-03-01 07:39 - 002222592 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-03-14 11:38 - 2018-03-01 07:36 - 004050432 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-14 11:38 - 2018-03-01 07:36 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-03-14 11:38 - 2018-03-01 07:35 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-14 11:38 - 2018-03-01 07:35 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-03-14 11:38 - 2018-02-22 04:23 - 001092016 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-14 11:38 - 2018-02-22 04:23 - 000924648 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-03-14 11:38 - 2018-02-22 04:07 - 001415296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-14 11:38 - 2018-02-22 04:07 - 001209248 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-14 11:38 - 2018-02-22 04:07 - 000194456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-03-14 11:38 - 2018-02-22 03:51 - 000097176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2018-03-14 11:38 - 2018-02-22 03:50 - 000229272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2018-03-14 11:38 - 2018-02-22 02:30 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
2018-03-14 11:38 - 2018-02-22 02:27 - 001282048 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-03-14 11:38 - 2018-02-22 02:26 - 000441344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2018-03-14 11:38 - 2018-02-22 02:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2018-03-14 11:38 - 2018-02-22 02:16 - 001286144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2018-03-14 11:38 - 2018-02-22 02:12 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2018-03-10 23:16 - 2018-03-10 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DigitalZone
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-13 08:45 - 2018-02-20 20:00 - 000004208 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{88B5D1AD-41B2-4DF2-80AB-B13E2B65E429}
2018-04-07 18:41 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\AppReadiness
2018-04-07 18:40 - 2018-02-12 01:33 - 003326262 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-07 18:40 - 2018-02-12 00:27 - 001553946 _____ C:\Windows\system32\perfh005.dat
2018-04-07 18:40 - 2018-02-12 00:27 - 000388694 _____ C:\Windows\system32\perfc005.dat
2018-04-07 18:40 - 2018-02-12 00:13 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-07 18:40 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-04-07 18:34 - 2018-02-12 16:32 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-07 18:33 - 2018-02-12 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-07 18:32 - 2018-02-11 23:39 - 000524288 _____ C:\Windows\system32\config\BBI
2018-04-07 12:14 - 2018-02-12 16:18 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-191269715-4099532795-744383957-1002
2018-04-07 11:27 - 2018-02-12 16:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-04-07 09:31 - 2018-02-12 16:04 - 000000000 ____D C:\Users\danie
2018-04-07 09:31 - 2018-02-12 01:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-04-05 14:44 - 2018-02-12 16:05 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2018-04-05 14:43 - 2018-02-12 16:36 - 000000000 ____D C:\Users\danie\AppData\Local\PlaceholderTileLogoFolder
2018-04-05 12:20 - 2018-03-03 16:13 - 000004666 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-05 12:20 - 2018-03-03 16:13 - 000004506 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-05 12:20 - 2018-03-03 16:06 - 000000000 ____D C:\Users\danie\AppData\Local\Adobe
2018-04-05 12:19 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-05 12:19 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-05 11:57 - 2018-03-01 18:19 - 000000000 ____D C:\Users\danie\AppData\Roaming\DAEMON Tools Lite
2018-04-05 11:57 - 2018-02-12 00:06 - 000000000 ____D C:\Windows\INF
2018-04-05 11:57 - 2018-02-11 23:39 - 000000000 ____D C:\Windows\Panther
2018-04-05 00:30 - 2018-03-01 10:32 - 000000000 ____D C:\Users\danie\Documents\DAVAProject
2018-04-02 17:11 - 2018-02-16 16:35 - 000003228 _____ C:\Users\danie\Desktop\Nový textový dokument.txt
2018-04-01 11:11 - 2018-03-05 21:05 - 000000000 ____D C:\Users\danie\AppData\Roaming\.minecraft
2018-03-30 11:40 - 2018-02-12 16:12 - 000002391 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-30 11:40 - 2018-02-12 16:12 - 000000000 ___RD C:\Users\danie\OneDrive
2018-03-22 16:31 - 2018-02-12 16:22 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-16 15:08 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\rescache
2018-03-15 14:44 - 2018-02-12 16:05 - 000000000 ___RD C:\Users\danie\3D Objects
2018-03-15 14:42 - 2018-02-12 01:07 - 000223160 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\TextInput
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\ShellExperiences
2018-03-14 12:26 - 2018-02-11 23:46 - 000000000 ____D C:\Windows\CbsTemp
2018-03-14 12:23 - 2018-02-12 16:24 - 000000000 ____D C:\Windows\system32\MRT
2018-03-14 12:15 - 2018-02-12 16:24 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-14 12:15 - 2018-02-12 16:22 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-14 11:50 - 2017-09-29 15:41 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-03-14 11:50 - 2017-09-29 15:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
==================== Files in the root of some directories =======
2018-04-05 11:51 - 2018-04-05 11:51 - 000000017 _____ () C:\Users\danie\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2018-04-07 18:37 - 2018-04-07 18:37 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180407163735165.dll
2018-04-07 18:38 - 2018-04-07 18:38 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180407163838558.dll
2018-04-07 11:31 - 2018-04-07 11:31 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407093145748.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094342277.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094342979.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094345829.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094350417.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094358944.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094402848.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094455910.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094456583.dll
2018-04-07 11:45 - 2018-04-07 11:45 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094551327.dll
2018-04-07 11:59 - 2018-04-07 11:59 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407095921871.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-04-04 12:07
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by danie (administrator) on DESKTOP-NKLPEP0 (07-04-2018 18:39:04)
Running from C:\Users\danie\Desktop
Loaded Profiles: danie (Available Profiles: danie)
Platform: Windows 10 Home Version 1709 16299.309 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera_crashreporter.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Opera Software) C:\Users\danie\AppData\Local\Programs\Opera\52.0.2871.40\opera.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.251_none_16dd4c82321e5ccc\TiWorker.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.265.202.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8555008 2017-10-16] ()
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5262992 2018-02-22] (Disc Soft Ltd)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd)
HKU\S-1-5-21-191269715-4099532795-744383957-1002\...\MountPoints2: {eb2b36ee-1d48-11e8-9ad4-b870f4fb74e3} - "H:\setup.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.91.240.101 93.91.240.254 10.0.0.1
Tcpip\..\Interfaces\{f3b0c4de-3591-42f3-91c2-8988e26ff204}: [DhcpNameServer] 93.91.240.101 93.91.240.254 10.0.0.1
Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-01] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-01] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2018-04-07]
CHR Extension: (Prezentace) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-12]
CHR Extension: (Forge of Empires) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaphblkfplenhkephgneolhnmjminjg [2018-02-12]
CHR Extension: (Dokumenty) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-12]
CHR Extension: (Disk Google) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-12]
CHR Extension: (YouTube) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-12]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2018-02-12]
CHR Extension: (Tabulky) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-12]
CHR Extension: (AdBlock) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-06]
CHR Extension: (The West) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2018-02-12]
CHR Extension: (Youtube Dark Mode) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhgcomgldfapimdboelilfcipigkgik [2018-02-26]
CHR Extension: (Black red shards) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2018-03-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-12]
CHR Extension: (Chrome Media Router) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-22]
Opera:
=======
OPR Extension: (Dark Theme for YouTube™) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\ilelgdgnlplldkcagifkpgmalglmegia [2018-04-05]
OPR Extension: (Dark Mode) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\jabpfojepndedlelamfloejfoopkogcf [2018-04-05]
OPR Extension: (Dark Skin for Youtube™) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\jmbefbhbhjgnjbegmnhmakmmldnfogcd [2018-04-05]
OPR Extension: (Flash Player for YouTube™) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\knbfimhapmnifdchcafinkbfikmomaak [2018-04-05]
OPR Extension: (Google Překladač) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2018-04-05]
OPR Extension: (Adblock Plus) - C:\Users\danie\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-04-05]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-06-08] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480720 2018-02-22] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526376 2018-03-01] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1076520 2015-02-04] (AnchorFree Inc.)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [8010968 2018-02-25] (LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7677008 2017-10-16] (INCA Internet Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-01] (Microsoft Corporation)
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318648 2017-05-06] (Qualcomm Atheros Communications, Inc.)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-23] (Bluestack System Inc. )
R3 CMUAC; C:\Windows\system32\DRIVERS\Headset6400x1.SYS [387072 2013-10-03] (A4Tech Inc.)
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-05-30] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-05-30] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2015-02-04] (AnchorFree Inc.)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [7238880 2018-02-25] (LLC Mail.Ru)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [419296 2017-05-06] (Realsil Semiconductor Corporation)
S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [64640 2016-04-25] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42184 2015-02-04] (Anchorfree Inc.)
R3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2013-04-09] ()
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-03-01] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [288296 2018-03-01] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-01] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-07 18:39 - 2018-04-07 18:42 - 000014222 _____ C:\Users\danie\Desktop\FRST.txt
2018-04-07 18:27 - 2018-04-07 18:28 - 000004577 _____ C:\Users\TEMP\Desktop\Fixlog.txt
2018-04-07 18:25 - 2018-04-07 18:26 - 000001777 _____ C:\Users\TEMP\Desktop\fixlist.txt.txt
2018-04-07 18:24 - 2018-04-07 18:25 - 012746169 _____ C:\Users\TEMP\Downloads\notepad_7.5.6.exe
2018-04-07 13:12 - 2018-04-07 13:12 - 000007461 _____ C:\Users\TEMP\Desktop\ADD.zip
2018-04-07 13:12 - 2018-04-07 13:12 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\WinRAR
2018-04-07 13:05 - 2018-04-07 13:06 - 000031598 _____ C:\Users\TEMP\Desktop\Addition.txt
2018-04-07 13:00 - 2018-04-07 18:39 - 000000000 ____D C:\FRST
2018-04-07 13:00 - 2018-04-07 13:06 - 000054366 _____ C:\Users\TEMP\Desktop\FRST.txt
2018-04-07 12:59 - 2018-04-07 12:59 - 002403328 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2018-04-07 11:48 - 2018-04-07 11:48 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Google
2018-04-07 11:45 - 2018-04-07 11:45 - 000003948 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1523094296
2018-04-07 11:45 - 2018-04-07 11:45 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-04-07 11:45 - 2018-04-07 11:45 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Opera Software
2018-04-07 11:44 - 2018-04-07 11:46 - 000000000 ____D C:\Program Files\Opera
2018-04-07 11:42 - 2018-04-07 12:14 - 000002388 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-07 11:42 - 2018-04-07 12:14 - 000000000 ___RD C:\Users\TEMP\OneDrive
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ___HD C:\Users\TEMP\MicrosoftEdgeBackups
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\DAEMON Tools Lite
2018-04-07 11:28 - 2018-04-07 11:28 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\ATI
2018-04-07 11:27 - 2018-04-07 18:32 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages
2018-04-07 11:27 - 2018-04-07 11:30 - 000002336 _____ C:\Users\TEMP\Desktop\Google Chrome.lnk
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2018-04-07 11:27 - 2018-04-07 11:27 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2018-04-07 11:26 - 2018-04-07 18:32 - 000000000 ____D C:\Users\TEMP
2018-04-07 11:26 - 2018-04-07 11:26 - 000000020 ___SH C:\Users\TEMP\ntuser.ini
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Šablony
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Soubory cookie
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Poslední
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Okolní tiskárny
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Okolní síť
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Nabídka Start
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Dokumenty
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Obrázky
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Hudba
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Documents\Filmy
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\Data aplikací
2018-04-07 11:26 - 2018-04-07 11:26 - 000000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-04-07 11:25 - 2018-04-07 11:25 - 000000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2018-04-07 11:17 - 2018-04-07 11:39 - 000000000 ____D C:\AdwCleaner
2018-04-07 10:29 - 2018-04-07 10:29 - 000000000 ____D C:\rsit
2018-04-07 10:29 - 2018-04-07 10:29 - 000000000 ____D C:\Program Files\trend micro
2018-04-07 10:28 - 2018-04-07 10:28 - 001222144 _____ C:\Users\danie\Downloads\RSITx64.exe
2018-04-07 10:22 - 2018-04-07 10:22 - 000000000 ____D C:\Users\danie\Downloads\Anti-Keylogger_10.3.1 (1)
2018-04-07 10:18 - 2018-04-07 10:18 - 006065133 _____ C:\Users\danie\Downloads\Anti-Keylogger_10.3.1 (1).zip
2018-04-07 10:16 - 2018-04-07 10:17 - 006065133 _____ C:\Users\danie\Downloads\Anti-Keylogger_10.3.1.zip
2018-04-05 12:04 - 2018-04-05 12:04 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2018-04-05 12:02 - 2018-04-05 12:02 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000004206 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1522922149
2018-04-05 11:56 - 2018-04-05 11:56 - 000001368 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Users\danie\AppData\Roaming\Opera Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Users\danie\AppData\Local\Opera Software
2018-04-05 11:56 - 2018-04-05 11:56 - 000000000 ____D C:\Program Files\AVAST Software
2018-04-05 11:55 - 2018-04-05 12:02 - 000000000 ____D C:\ProgramData\AVAST Software
2018-04-05 11:55 - 2018-04-05 11:56 - 000000000 ____D C:\Program Files\CCleaner
2018-04-05 11:55 - 2018-04-05 11:55 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-04-05 11:55 - 2018-04-05 11:55 - 000002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-04-05 11:55 - 2018-04-05 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-04-05 11:53 - 2018-04-05 11:53 - 001357888 _____ (Opera Software) C:\Users\danie\Downloads\OperaSetup.exe
2018-04-05 11:51 - 2018-04-05 11:53 - 015333512 _____ (Piriform Ltd) C:\Users\danie\Downloads\ccsetup541.exe
2018-04-05 11:51 - 2018-04-05 11:51 - 000000017 _____ C:\Users\danie\AppData\Local\resmon.resmoncfg
2018-04-04 17:48 - 2018-04-04 17:48 - 000001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2018-04-04 17:45 - 2018-04-04 17:47 - 000000000 ____D C:\ProgramData\BlueStacks
2018-04-04 17:45 - 2018-04-04 17:47 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2018-04-04 17:44 - 2018-04-04 17:48 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2018-04-04 17:44 - 2018-04-04 17:47 - 000000000 ____D C:\Users\danie\AppData\Local\Bluestacks
2018-04-04 17:39 - 2018-04-04 17:43 - 298116824 _____ (BlueStack Systems Inc.) C:\Users\danie\Downloads\BlueStacks-Installer_BS3_native.exe
2018-04-04 17:37 - 2018-04-04 17:37 - 000000000 ____D C:\Users\danie\.pickaxe
2018-04-04 16:58 - 2018-04-04 16:59 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-04-04 16:58 - 2018-04-04 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2018-04-04 16:57 - 2018-04-04 17:02 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2018-04-04 16:57 - 2018-04-04 16:57 - 000000000 ____D C:\Users\danie\AppData\Roaming\Hotspot Shield
2018-04-04 16:57 - 2015-02-04 04:01 - 000044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2018-04-03 10:54 - 2018-04-03 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2018-04-03 10:53 - 2018-04-03 10:55 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-03-31 20:26 - 2018-04-06 21:44 - 000000000 ____D C:\Users\danie\AppData\LocalLow\Mozilla
2018-03-31 20:24 - 2018-04-02 17:46 - 000000914 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2018-03-31 20:21 - 2018-03-31 20:22 - 053707712 _____ C:\Users\danie\Downloads\torbrowser-install-7.5.3_en-US.exe
2018-03-31 16:06 - 2018-03-31 16:09 - 000000000 ____D C:\Users\danie\Desktop\girlshare.ro_Switchbotv3_1
2018-03-30 22:15 - 2018-03-30 22:15 - 000000000 ____D C:\Users\danie\Desktop\Godnite
2018-03-30 22:14 - 2018-03-30 22:14 - 1851881418 _____ C:\Users\danie\Desktop\Godnite.rar
2018-03-24 11:11 - 2018-03-24 11:11 - 000000000 ____D C:\ProgramData\McAfee
2018-03-22 17:48 - 2018-03-22 17:48 - 000000000 ____D C:\Users\danie\Desktop\evil-world
2018-03-17 21:04 - 2018-03-17 21:04 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thyone II.lnk
2018-03-17 20:51 - 2018-03-21 21:07 - 000000000 ____D C:\Program Files (x86)\Thyone II
2018-03-17 20:42 - 2018-03-17 20:46 - 1353918303 _____ (SimplyGames.cz ) C:\Users\danie\Desktop\Thyone II instalace.exe
2018-03-15 14:42 - 2018-03-02 23:09 - 000834552 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-15 14:42 - 2018-03-02 23:09 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-14 11:40 - 2018-03-01 09:17 - 000408984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-03-14 11:40 - 2018-03-01 09:14 - 007384576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 11:40 - 2018-03-01 09:10 - 000075168 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2018-03-14 11:40 - 2018-03-01 08:28 - 006480616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2018-03-14 11:40 - 2018-03-01 08:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2018-03-14 11:40 - 2018-03-01 08:01 - 019354624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-03-14 11:40 - 2018-03-01 08:01 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-03-14 11:40 - 2018-03-01 07:58 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-03-14 11:40 - 2018-03-01 07:57 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-03-14 11:40 - 2018-03-01 07:56 - 018922496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-03-14 11:40 - 2018-03-01 07:56 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-03-14 11:40 - 2018-03-01 07:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-03-14 11:40 - 2018-03-01 07:54 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-03-14 11:40 - 2018-02-22 04:00 - 000187296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2018-03-14 11:40 - 2018-02-22 03:54 - 000437144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2018-03-14 11:39 - 2018-03-02 05:36 - 017085440 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-03-14 11:39 - 2018-03-01 09:46 - 002003352 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 11:39 - 2018-03-01 09:40 - 002514936 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-14 11:39 - 2018-03-01 09:37 - 007831760 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-03-14 11:39 - 2018-03-01 09:31 - 008602520 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-14 11:39 - 2018-03-01 09:29 - 000733592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-14 11:39 - 2018-03-01 09:27 - 001173576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-14 11:39 - 2018-03-01 09:23 - 000749976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-03-14 11:39 - 2018-03-01 09:17 - 002710736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-14 11:39 - 2018-03-01 09:15 - 002574232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-03-14 11:39 - 2018-03-01 09:14 - 007675784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 001694224 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 000356952 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-03-14 11:39 - 2018-03-01 09:14 - 000147872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2018-03-14 11:39 - 2018-03-01 09:11 - 000093600 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-03-14 11:39 - 2018-03-01 09:10 - 001779936 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-03-14 11:39 - 2018-03-01 09:09 - 001054272 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-03-14 11:39 - 2018-03-01 08:51 - 000777904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-14 11:39 - 2018-03-01 08:48 - 001930736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-14 11:39 - 2018-03-01 08:30 - 005615968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-03-14 11:39 - 2018-03-01 08:29 - 006092152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-03-14 11:39 - 2018-03-01 08:28 - 002193168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-03-14 11:39 - 2018-03-01 08:27 - 000284112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-03-14 11:39 - 2018-03-01 08:26 - 001524776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-03-14 11:39 - 2018-03-01 08:26 - 001057816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-03-14 11:39 - 2018-03-01 08:21 - 001558856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2018-03-14 11:39 - 2018-03-01 08:09 - 025251840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-03-14 11:39 - 2018-03-01 08:03 - 002902528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-03-14 11:39 - 2018-03-01 08:01 - 006575616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-03-14 11:39 - 2018-03-01 07:58 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2018-03-14 11:39 - 2018-03-01 07:58 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2018-03-14 11:39 - 2018-03-01 07:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-03-14 11:39 - 2018-03-01 07:54 - 003664384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-03-14 11:39 - 2018-03-01 07:54 - 001296896 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-03-14 11:39 - 2018-03-01 07:54 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000536576 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000399872 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-03-14 11:39 - 2018-03-01 07:53 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-03-14 11:39 - 2018-03-01 07:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2018-03-14 11:39 - 2018-03-01 07:53 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\AcSpecfc.dll
2018-03-14 11:39 - 2018-03-01 07:52 - 011923968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-03-14 11:39 - 2018-03-01 07:52 - 006030336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-03-14 11:39 - 2018-03-01 07:51 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2018-03-14 11:39 - 2018-03-01 07:50 - 003677184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-03-14 11:39 - 2018-03-01 07:50 - 002869760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-03-14 11:39 - 2018-03-01 07:49 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-03-14 11:39 - 2018-03-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-14 11:39 - 2018-03-01 07:48 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-03-14 11:39 - 2018-03-01 07:47 - 023674368 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-14 11:39 - 2018-03-01 07:46 - 000770048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-03-14 11:39 - 2018-03-01 07:45 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-14 11:39 - 2018-03-01 07:45 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-14 11:39 - 2018-03-01 07:45 - 000386560 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-14 11:39 - 2018-03-01 07:44 - 008030720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-03-14 11:39 - 2018-03-01 07:43 - 012830208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-14 11:39 - 2018-03-01 07:42 - 002084352 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-03-14 11:39 - 2018-03-01 07:41 - 008103936 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 004745728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-14 11:39 - 2018-03-01 07:41 - 000812032 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-14 11:39 - 2018-03-01 07:40 - 005833216 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 002035712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-03-14 11:39 - 2018-03-01 07:39 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll
2018-03-14 11:39 - 2018-03-01 07:38 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2018-03-14 11:39 - 2018-03-01 07:38 - 000726016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-03-14 11:39 - 2018-03-01 07:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-03-14 11:39 - 2018-02-22 04:13 - 000279456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-03-14 11:39 - 2018-02-22 04:13 - 000077216 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-03-14 11:39 - 2018-02-22 04:11 - 000109984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-03-14 11:39 - 2018-02-22 04:10 - 000285080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2018-03-14 11:39 - 2018-02-22 04:08 - 001206688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-03-14 11:39 - 2018-02-22 04:08 - 001055648 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-03-14 11:39 - 2018-02-22 04:08 - 000571288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-03-14 11:39 - 2018-02-22 04:03 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2018-03-14 11:39 - 2018-02-22 04:03 - 000082848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-03-14 11:39 - 2018-02-22 04:02 - 000149400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2018-03-14 11:39 - 2018-02-22 03:59 - 021351624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-03-14 11:39 - 2018-02-22 03:52 - 000103328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2018-03-14 11:39 - 2018-02-22 03:51 - 000555424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-03-14 11:39 - 2018-02-22 03:51 - 000045472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2018-03-14 11:39 - 2018-02-22 03:50 - 000362904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-14 11:39 - 2018-02-22 02:41 - 020286120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-03-14 11:39 - 2018-02-22 02:31 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-03-14 11:39 - 2018-02-22 02:30 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2018-03-14 11:39 - 2018-02-22 02:30 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-03-14 11:38 - 2018-03-02 05:02 - 000037888 _____ C:\Windows\system32\SpectrumSyncClient.dll
2018-03-14 11:38 - 2018-03-02 05:01 - 000640000 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000248320 _____ (Microsoft Corporation) C:\Windows\system32\svf.dll
2018-03-14 11:38 - 2018-03-02 05:00 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\HoloShellRuntime.dll
2018-03-14 11:38 - 2018-03-02 04:59 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-03-14 11:38 - 2018-03-01 22:28 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HoloShellRuntime.dll
2018-03-14 11:38 - 2018-03-01 09:50 - 000270744 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 11:38 - 2018-03-01 09:49 - 000389536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 11:38 - 2018-03-01 09:48 - 000664472 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 11:38 - 2018-03-01 09:47 - 000749464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 11:38 - 2018-03-01 09:47 - 000035224 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-03-14 11:38 - 2018-03-01 09:46 - 001568664 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 11:38 - 2018-03-01 09:46 - 000609176 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 11:38 - 2018-03-01 09:46 - 000138144 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 11:38 - 2018-03-01 09:45 - 000070040 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-03-14 11:38 - 2018-03-01 09:40 - 000461720 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-03-14 11:38 - 2018-03-01 09:40 - 000273304 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-14 11:38 - 2018-03-01 09:30 - 000540064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-03-14 11:38 - 2018-03-01 09:30 - 000264040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-03-14 11:38 - 2018-03-01 09:26 - 000170912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-14 11:38 - 2018-03-01 09:25 - 000377752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-14 11:38 - 2018-03-01 09:19 - 000710768 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-03-14 11:38 - 2018-03-01 09:17 - 000519152 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2018-03-14 11:38 - 2018-03-01 09:14 - 005105664 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2018-03-14 11:38 - 2018-03-01 09:14 - 000128928 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-03-14 11:38 - 2018-03-01 09:12 - 000677272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-03-14 11:38 - 2018-03-01 09:12 - 000250264 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2018-03-14 11:38 - 2018-03-01 09:12 - 000189344 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2018-03-14 11:38 - 2018-03-01 09:10 - 000022936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-14 11:38 - 2018-03-01 08:39 - 000213400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-03-14 11:38 - 2018-03-01 08:29 - 000574960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-03-14 11:38 - 2018-03-01 08:28 - 000115096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2018-03-14 11:38 - 2018-03-01 08:27 - 000221592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2018-03-14 11:38 - 2018-03-01 08:23 - 005105664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2018-03-14 11:38 - 2018-03-01 08:01 - 000019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-14 11:38 - 2018-03-01 08:00 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-14 11:38 - 2018-03-01 07:59 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 11:38 - 2018-03-01 07:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2018-03-14 11:38 - 2018-03-01 07:54 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2018-03-14 11:38 - 2018-03-01 07:53 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2018-03-14 11:38 - 2018-03-01 07:51 - 002329088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-03-14 11:38 - 2018-03-01 07:51 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-03-14 11:38 - 2018-03-01 07:51 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-14 11:38 - 2018-03-01 07:50 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2018-03-14 11:38 - 2018-03-01 07:49 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-03-14 11:38 - 2018-03-01 07:49 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 11:38 - 2018-03-01 07:48 - 000543232 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll
2018-03-14 11:38 - 2018-03-01 07:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2018-03-14 11:38 - 2018-03-01 07:47 - 000484352 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-03-14 11:38 - 2018-03-01 07:46 - 004051968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-03-14 11:38 - 2018-03-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-03-14 11:38 - 2018-03-01 07:44 - 005195776 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-03-14 11:38 - 2018-03-01 07:42 - 003505664 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-14 11:38 - 2018-03-01 07:39 - 002222592 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-03-14 11:38 - 2018-03-01 07:36 - 004050432 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-14 11:38 - 2018-03-01 07:36 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-03-14 11:38 - 2018-03-01 07:35 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-14 11:38 - 2018-03-01 07:35 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-03-14 11:38 - 2018-02-22 04:23 - 001092016 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-14 11:38 - 2018-02-22 04:23 - 000924648 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-03-14 11:38 - 2018-02-22 04:07 - 001415296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-14 11:38 - 2018-02-22 04:07 - 001209248 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-14 11:38 - 2018-02-22 04:07 - 000194456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-03-14 11:38 - 2018-02-22 03:51 - 000097176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2018-03-14 11:38 - 2018-02-22 03:50 - 000229272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2018-03-14 11:38 - 2018-02-22 02:30 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
2018-03-14 11:38 - 2018-02-22 02:27 - 001282048 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-03-14 11:38 - 2018-02-22 02:26 - 000441344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2018-03-14 11:38 - 2018-02-22 02:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2018-03-14 11:38 - 2018-02-22 02:16 - 001286144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2018-03-14 11:38 - 2018-02-22 02:12 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2018-03-10 23:16 - 2018-03-10 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DigitalZone
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-13 08:45 - 2018-02-20 20:00 - 000004208 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{88B5D1AD-41B2-4DF2-80AB-B13E2B65E429}
2018-04-07 18:41 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\AppReadiness
2018-04-07 18:40 - 2018-02-12 01:33 - 003326262 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-07 18:40 - 2018-02-12 00:27 - 001553946 _____ C:\Windows\system32\perfh005.dat
2018-04-07 18:40 - 2018-02-12 00:27 - 000388694 _____ C:\Windows\system32\perfc005.dat
2018-04-07 18:40 - 2018-02-12 00:13 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-07 18:40 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-04-07 18:34 - 2018-02-12 16:32 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-07 18:33 - 2018-02-12 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-07 18:32 - 2018-02-11 23:39 - 000524288 _____ C:\Windows\system32\config\BBI
2018-04-07 12:14 - 2018-02-12 16:18 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-191269715-4099532795-744383957-1002
2018-04-07 11:27 - 2018-02-12 16:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-04-07 09:31 - 2018-02-12 16:04 - 000000000 ____D C:\Users\danie
2018-04-07 09:31 - 2018-02-12 01:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-04-05 14:44 - 2018-02-12 16:05 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2018-04-05 14:43 - 2018-02-12 16:36 - 000000000 ____D C:\Users\danie\AppData\Local\PlaceholderTileLogoFolder
2018-04-05 12:20 - 2018-03-03 16:13 - 000004666 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-05 12:20 - 2018-03-03 16:13 - 000004506 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-05 12:20 - 2018-03-03 16:06 - 000000000 ____D C:\Users\danie\AppData\Local\Adobe
2018-04-05 12:19 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-05 12:19 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-05 11:57 - 2018-03-01 18:19 - 000000000 ____D C:\Users\danie\AppData\Roaming\DAEMON Tools Lite
2018-04-05 11:57 - 2018-02-12 00:06 - 000000000 ____D C:\Windows\INF
2018-04-05 11:57 - 2018-02-11 23:39 - 000000000 ____D C:\Windows\Panther
2018-04-05 00:30 - 2018-03-01 10:32 - 000000000 ____D C:\Users\danie\Documents\DAVAProject
2018-04-02 17:11 - 2018-02-16 16:35 - 000003228 _____ C:\Users\danie\Desktop\Nový textový dokument.txt
2018-04-01 11:11 - 2018-03-05 21:05 - 000000000 ____D C:\Users\danie\AppData\Roaming\.minecraft
2018-03-30 11:40 - 2018-02-12 16:12 - 000002391 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-30 11:40 - 2018-02-12 16:12 - 000000000 ___RD C:\Users\danie\OneDrive
2018-03-22 16:31 - 2018-02-12 16:22 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-16 15:08 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\rescache
2018-03-15 14:44 - 2018-02-12 16:05 - 000000000 ___RD C:\Users\danie\3D Objects
2018-03-15 14:42 - 2018-02-12 01:07 - 000223160 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\TextInput
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-15 14:38 - 2018-02-12 00:13 - 000000000 ____D C:\Windows\ShellExperiences
2018-03-14 12:26 - 2018-02-11 23:46 - 000000000 ____D C:\Windows\CbsTemp
2018-03-14 12:23 - 2018-02-12 16:24 - 000000000 ____D C:\Windows\system32\MRT
2018-03-14 12:15 - 2018-02-12 16:24 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-14 12:15 - 2018-02-12 16:22 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-14 11:50 - 2017-09-29 15:41 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-03-14 11:50 - 2017-09-29 15:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
==================== Files in the root of some directories =======
2018-04-05 11:51 - 2018-04-05 11:51 - 000000017 _____ () C:\Users\danie\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2018-04-07 18:37 - 2018-04-07 18:37 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180407163735165.dll
2018-04-07 18:38 - 2018-04-07 18:38 - 002183680 _____ (Opera Software) C:\Users\danie\AppData\Local\Temp\Opera_installer_180407163838558.dll
2018-04-07 11:31 - 2018-04-07 11:31 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407093145748.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094342277.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094342979.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094345829.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094350417.dll
2018-04-07 11:43 - 2018-04-07 11:43 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094358944.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 001876992 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094402848.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094455910.dll
2018-04-07 11:44 - 2018-04-07 11:44 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094456583.dll
2018-04-07 11:45 - 2018-04-07 11:45 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407094551327.dll
2018-04-07 11:59 - 2018-04-07 11:59 - 002183680 _____ (Opera Software) C:\Users\TEMP\AppData\Local\Temp\Opera_installer_180407095921871.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-04-04 12:07
==================== End of FRST.txt ============================
- Přílohy
-
- add.zip
- (7.29 KiB) Staženo 40 x
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prověření logu
Tak nevím, ale FRST smazal vše, co bylo ve fixlistu. Nevím konkrétně, o které věci vám jde, čistil jsem v podstatě jen vyložené zbytečnosti. Regulérí soft (vč. her) jsem tam ponechal. Čistíme PC jen od virů, AdWarů a zbytečností. Nic z toho tam nemáte. Pokud nechcete mít v PC některé aplikace, budete je muset běžným způsobem odinstalovat. My nevíme, co v PC mít chcete a co ne.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?