Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomaly system, pomale nacitani prohlizece

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Cervotoc
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 06 kvě 2008 23:36

Pomaly system, pomale nacitani prohlizece

#1 Příspěvek od Cervotoc »

Dobry den,
prosim o radu ohledne pomaleho systemu (pomaly start, najizdeni aplikaci, pomale nacitani webu v prohlizeci,...). Diky moc z cas. Log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kuratko at 2018-05-22 22:57:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 96 GB (41%) free of 232 GB
Total RAM: 8089 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:57:43, on 22.5.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19003)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\trend micro\Kuratko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\o2flash.exe (file missing)
O23 - Service: O2SDIOAssist - Unknown owner - C:\Windows\SysWOW64\srvany.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7927 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe"
C:\Windows\system32\WLANExt.exe 27693584
\??\C:\Windows\system32\conhost.exe "37824587352964296-1580855897-115885051039580934-19116985671187997358-664344922
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe"
C:\Windows\system32\o2flash.exe
C:\Windows\SysWOW64\srvany.exe
C:\Windows\sysWOW64\SDIOAssist.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE"
"C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe"
"C:\Program Files (x86)\MagicDisc\MagicDisc.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-048f0325-469e-48b8-8e4f-9bc5884ef8bc -SystemEventPortName:HostProcess-544234ae-bb53-4199-ba6b-dd5492570072 -IoCancelEventPortName:HostProcess-e91bfa43-47bc-4dbb-b0c5-89542b377156 -NonStateChangingEventPortName:HostProcess-b4399f78-68f1-4a86-91a0-706b72f4018a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6cd652e8-020b-4425-9c41-c29e33cc29a5 -DeviceGroupId:WpdFsGroup
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "838643087-8144185351748121521-714837279529965618489520977-1076381708-1546479602
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3660.0.977540442\679188137" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\Kuratko\AppData\LocalLow\Mozilla\Temp-{bca178d9-68e0-4f01-822c-05f7978ab301}" 3660 "\\.\pipe\gecko-crash-server-pipe.3660" 1156 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3660.3.1993111688\554320325" -childID 1 -isForBrowser -boolPrefs 299:0| -stringPrefs 285:38;{bca178d9-68e0-4f01-822c-05f7978ab301}| -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 3660 "\\.\pipe\gecko-crash-server-pipe.3660" 1528 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3660.13.1846870955\2096225446" -childID 2 -isForBrowser -boolPrefs 299:0| -stringPrefs 285:38;{bca178d9-68e0-4f01-822c-05f7978ab301}| -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 3660 "\\.\pipe\gecko-crash-server-pipe.3660" 2660 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3660.34.1009075413\1938288732" -childID 5 -isForBrowser -boolPrefs 299:0| -stringPrefs 285:38;{bca178d9-68e0-4f01-822c-05f7978ab301}| -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 3660 "\\.\pipe\gecko-crash-server-pipe.3660" 3348 tab
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3660.48.161621748\22076197" -childID 7 -isForBrowser -boolPrefs 299:0| -stringPrefs 285:38;{bca178d9-68e0-4f01-822c-05f7978ab301}| -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 3660 "\\.\pipe\gecko-crash-server-pipe.3660" 2552 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3660.55.2031403838\88949579" -childID 8 -isForBrowser -boolPrefs 299:0| -stringPrefs 285:38;{bca178d9-68e0-4f01-822c-05f7978ab301}| -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 3660 "\\.\pipe\gecko-crash-server-pipe.3660" 3540 tab

"C:\Users\Kuratko\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\CCleaner Update.job - C:\Program Files\CCleaner\CCUpdate.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Kuratko\AppData\Roaming\Mozilla\Firefox\Profiles\domv9q8u.default

prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "keyword.URL" - "http://search.centrum.cz/?charset=UTF-8 ... toolbar-ff, ch-toolbar-ff-searchbox&utm_source=ch-toolbar&utm_medium=ff-centrum-cz&utm_content=toolbar-searchbox&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.171 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.171 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 6133848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2012-09-05 686744]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2013-02-21 698712]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-03-14 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-03-14 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-03-14 442352]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [2011-01-18 6492672]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-14 1841496]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-04-12 18334528]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [2018-02-02 575952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2013-05-02 1282120]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2013-02-19 453736]

C:\Users\Kuratko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-02-22 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-05-22 22:57:38 ----D---- C:\rsit
2018-05-22 22:57:38 ----D---- C:\Program Files\trend micro
2018-05-16 19:41:05 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-05-16 19:41:05 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-05-16 19:41:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-05-16 19:41:04 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-05-16 19:41:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-05-16 19:41:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-05-16 19:41:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-05-16 19:41:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-05-16 19:41:04 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-05-16 19:41:04 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-05-16 19:41:04 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-05-16 19:41:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-05-16 19:41:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-05-16 19:41:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-05-16 19:41:03 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-05-16 19:41:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-05-16 19:41:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-05-16 19:41:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-05-16 19:41:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-05-16 19:41:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-05-16 19:41:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-05-16 19:41:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-05-16 19:41:00 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-05-16 19:40:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-05-16 19:40:59 ----A---- C:\Windows\SYSWOW64\itss.dll
2018-05-16 19:40:59 ----A---- C:\Windows\SYSWOW64\itircl.dll
2018-05-16 19:40:59 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-05-16 19:40:58 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-05-16 19:40:58 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2018-05-16 19:40:58 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-05-16 19:40:58 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2018-05-16 19:40:58 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-05-16 19:40:56 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-05-16 19:40:56 ----A---- C:\Windows\SYSWOW64\user.exe
2018-05-16 19:40:56 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-05-16 19:40:55 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2018-05-16 19:40:55 ----A---- C:\Windows\SYSWOW64\wups.dll
2018-05-16 19:40:55 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2018-05-16 19:40:55 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2018-05-16 19:40:55 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2018-05-16 19:40:55 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-05-16 19:40:55 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-05-16 19:40:54 ----A---- C:\Windows\SYSWOW64\sscore.dll
2018-05-16 19:40:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-05-16 19:40:54 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-05-16 19:40:54 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-05-16 19:40:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-05-16 19:40:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-05-16 19:40:53 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-05-16 19:40:53 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2018-05-16 19:40:53 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-05-16 19:40:53 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-05-16 19:40:53 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-05-16 19:40:53 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-05-16 19:40:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-05-16 19:40:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-05-16 19:40:48 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-05-16 19:40:48 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-05-16 19:40:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-05-16 19:40:48 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-05-16 19:40:47 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-05-16 19:40:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-05-16 19:40:46 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-05-16 19:40:46 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-05-16 19:40:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-05-16 19:40:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-05-16 19:40:46 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-05-16 19:40:46 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-05-16 19:40:46 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-05-16 19:40:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-05-16 19:40:46 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-05-16 19:40:45 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-05-16 19:40:45 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-05-16 19:40:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-05-16 19:40:45 ----A---- C:\Windows\SYSWOW64\hhsetup.dll
2018-05-16 19:40:45 ----A---- C:\Windows\SYSWOW64\hh.exe
2018-05-16 19:40:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-05-16 19:40:45 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-05-16 19:40:45 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-05-16 19:40:45 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-05-16 19:40:45 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-05-16 19:39:40 ----A---- C:\Windows\system32\wow64win.dll
2018-05-16 19:39:40 ----A---- C:\Windows\system32\wow64cpu.dll
2018-05-16 19:39:39 ----A---- C:\Windows\system32\wuwebv.dll
2018-05-16 19:39:39 ----A---- C:\Windows\system32\wups2.dll
2018-05-16 19:39:39 ----A---- C:\Windows\system32\wucltux.dll
2018-05-16 19:39:39 ----A---- C:\Windows\system32\wuaueng.dll
2018-05-16 19:39:39 ----A---- C:\Windows\system32\wuauclt.exe
2018-05-16 19:39:39 ----A---- C:\Windows\system32\wuapp.exe
2018-05-16 19:39:39 ----A---- C:\Windows\system32\wow64.dll
2018-05-16 19:39:39 ----A---- C:\Windows\system32\winsrv.dll
2018-05-16 19:39:39 ----A---- C:\Windows\system32\WinSetupUI.dll
2018-05-16 19:39:39 ----A---- C:\Windows\system32\win32k.sys
2018-05-16 19:39:39 ----A---- C:\Windows\system32\ntvdm64.dll
2018-05-16 19:39:38 ----A---- C:\Windows\system32\wups.dll
2018-05-16 19:39:38 ----A---- C:\Windows\system32\wudriver.dll
2018-05-16 19:39:38 ----A---- C:\Windows\system32\wuapi.dll
2018-05-16 19:39:37 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2018-05-16 19:39:37 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-05-16 19:39:36 ----A---- C:\Windows\system32\wdigest.dll
2018-05-16 19:39:36 ----A---- C:\Windows\system32\TSpkg.dll
2018-05-16 19:39:36 ----A---- C:\Windows\system32\sscore.dll
2018-05-16 19:39:36 ----A---- C:\Windows\system32\srvsvc.dll
2018-05-16 19:39:36 ----A---- C:\Windows\system32\srcore.dll
2018-05-16 19:39:36 ----A---- C:\Windows\system32\srclient.dll
2018-05-16 19:39:36 ----A---- C:\Windows\system32\smss.exe
2018-05-16 19:39:36 ----A---- C:\Windows\system32\schannel.dll
2018-05-16 19:39:36 ----A---- C:\Windows\system32\rstrui.exe
2018-05-16 19:39:36 ----A---- C:\Windows\system32\msv1_0.dll
2018-05-16 19:39:36 ----A---- C:\Windows\system32\kerberos.dll
2018-05-16 19:39:36 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-05-16 19:39:36 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-05-16 19:39:36 ----A---- C:\Windows\system32\drivers\srv.sys
2018-05-16 19:39:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-05-16 19:39:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-05-16 19:39:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-05-16 19:39:36 ----A---- C:\Windows\system32\credssp.dll
2018-05-16 19:39:36 ----A---- C:\Windows\system32\apisetschema.dll
2018-05-16 19:39:35 ----A---- C:\Windows\system32\vbscript.dll
2018-05-16 19:39:35 ----A---- C:\Windows\system32\jscript9diag.dll
2018-05-16 19:39:35 ----A---- C:\Windows\system32\jscript9.dll
2018-05-16 19:39:35 ----A---- C:\Windows\system32\jscript.dll
2018-05-16 19:39:34 ----A---- C:\Windows\system32\rpchttp.dll
2018-05-16 19:39:34 ----A---- C:\Windows\system32\rpcrt4.dll
2018-05-16 19:39:34 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-05-16 19:39:32 ----A---- C:\Windows\system32\oleaut32.dll
2018-05-16 19:39:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-05-16 19:39:31 ----A---- C:\Windows\system32\ntdll.dll
2018-05-16 19:39:31 ----A---- C:\Windows\system32\ncrypt.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-05-16 19:39:30 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-05-16 19:39:30 ----A---- C:\Windows\system32\msobjs.dll
2018-05-16 19:39:30 ----A---- C:\Windows\system32\msaudite.dll
2018-05-16 19:39:30 ----A---- C:\Windows\system32\auditpol.exe
2018-05-16 19:39:30 ----A---- C:\Windows\system32\adtschema.dll
2018-05-16 19:39:28 ----A---- C:\Windows\system32\sspisrv.dll
2018-05-16 19:39:28 ----A---- C:\Windows\system32\sspicli.dll
2018-05-16 19:39:28 ----A---- C:\Windows\system32\secur32.dll
2018-05-16 19:39:28 ----A---- C:\Windows\system32\lsass.exe
2018-05-16 19:39:28 ----A---- C:\Windows\system32\lsasrv.dll
2018-05-16 19:39:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-05-16 19:39:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-05-16 19:39:27 ----A---- C:\Windows\system32\KernelBase.dll
2018-05-16 19:39:27 ----A---- C:\Windows\system32\kernel32.dll
2018-05-16 19:39:26 ----A---- C:\Windows\system32\ieui.dll
2018-05-16 19:39:26 ----A---- C:\Windows\system32\ieframe.dll
2018-05-16 19:39:22 ----A---- C:\Windows\system32\webcheck.dll
2018-05-16 19:39:22 ----A---- C:\Windows\system32\occache.dll
2018-05-16 19:39:22 ----A---- C:\Windows\system32\msrating.dll
2018-05-16 19:39:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-05-16 19:39:22 ----A---- C:\Windows\system32\inseng.dll
2018-05-16 19:39:22 ----A---- C:\Windows\system32\ieUnatt.exe
2018-05-16 19:39:22 ----A---- C:\Windows\system32\iesetup.dll
2018-05-16 19:39:22 ----A---- C:\Windows\system32\iertutil.dll
2018-05-16 19:39:22 ----A---- C:\Windows\system32\iernonce.dll
2018-05-16 19:39:22 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-05-16 19:39:22 ----A---- C:\Windows\system32\ie4uinit.exe
2018-05-16 19:39:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-05-16 19:39:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-05-16 19:39:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-05-16 19:39:20 ----A---- C:\Windows\system32\mshtmled.dll
2018-05-16 19:39:20 ----A---- C:\Windows\system32\mshtml.dll
2018-05-16 19:39:20 ----A---- C:\Windows\system32\msfeeds.dll
2018-05-16 19:39:19 ----A---- C:\Windows\system32\iedkcs32.dll
2018-05-16 19:39:19 ----A---- C:\Windows\system32\ieapfltr.dll
2018-05-16 19:39:19 ----A---- C:\Windows\system32\dxtrans.dll
2018-05-16 19:39:19 ----A---- C:\Windows\system32\dxtmsft.dll
2018-05-16 19:39:18 ----A---- C:\Windows\system32\wininet.dll
2018-05-16 19:39:18 ----A---- C:\Windows\system32\jsproxy.dll
2018-05-16 19:39:17 ----A---- C:\Windows\system32\tzres.dll
2018-05-16 19:39:16 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-05-16 19:39:13 ----A---- C:\Windows\system32\urlmon.dll
2018-05-16 19:39:13 ----A---- C:\Windows\system32\itss.dll
2018-05-16 19:39:13 ----A---- C:\Windows\system32\itircl.dll
2018-05-16 19:39:13 ----A---- C:\Windows\system32\hhsetup.dll
2018-05-16 19:39:13 ----A---- C:\Windows\hh.exe
2018-05-16 19:39:12 ----A---- C:\Windows\system32\hal.dll
2018-05-16 19:39:08 ----A---- C:\Windows\system32\csrsrv.dll
2018-05-16 19:39:08 ----A---- C:\Windows\system32\cryptbase.dll
2018-05-16 19:39:07 ----A---- C:\Windows\system32\oleres.dll
2018-05-16 19:39:07 ----A---- C:\Windows\system32\conhost.exe
2018-05-16 19:39:07 ----A---- C:\Windows\system32\comcat.dll
2018-05-16 19:39:07 ----A---- C:\Windows\system32\clfs.sys
2018-05-16 19:39:06 ----A---- C:\Windows\system32\rpcss.dll
2018-05-16 19:39:06 ----A---- C:\Windows\system32\ole32.dll
2018-05-16 19:39:05 ----A---- C:\Windows\system32\certcli.dll
2018-05-16 19:39:02 ----A---- C:\Windows\system32\comsvcs.dll
2018-05-16 19:39:02 ----A---- C:\Windows\system32\catsrvut.dll
2018-05-16 19:39:02 ----A---- C:\Windows\system32\bcrypt.dll
2018-05-16 19:39:01 ----A---- C:\Windows\system32\winload.exe
2018-05-16 19:38:59 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-05-16 19:38:59 ----A---- C:\Windows\system32\drivers\appid.sys
2018-05-16 19:38:59 ----A---- C:\Windows\system32\appidsvc.dll
2018-05-16 19:38:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-05-16 19:38:59 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-05-16 19:38:59 ----A---- C:\Windows\system32\appidapi.dll
2018-05-16 19:38:59 ----A---- C:\Windows\system32\advapi32.dll
2018-05-16 07:32:51 ----A---- C:\Program Files (x86)\GUTCD1F.tmp
2018-05-16 07:32:47 ----D---- C:\Program Files (x86)\GUMCD1E.tmp
2018-05-15 22:32:55 ----D---- C:\Program Files\CCleaner
2018-05-15 22:32:29 ----D---- C:\Program Files (x86)\Google
2018-05-14 17:44:39 ----D---- C:\cfa2566d1382acdd7b78dc336b4282a2
2018-05-09 19:31:50 ----D---- C:\26a002b44142e2a570443f35e7a340
2018-05-08 19:26:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2018-05-22 22:57:43 ----D---- C:\Windows\Prefetch
2018-05-22 22:57:38 ----RD---- C:\Program Files
2018-05-22 22:07:12 ----D---- C:\Windows\system32\config
2018-05-22 21:53:57 ----D---- C:\Windows\Temp
2018-05-22 21:53:53 ----SHD---- C:\System Volume Information
2018-05-22 21:53:53 ----D---- C:\Windows\rescache
2018-05-22 21:29:49 ----D---- C:\Windows\System32
2018-05-22 21:29:49 ----D---- C:\Windows\inf
2018-05-22 21:29:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-05-22 19:24:07 ----D---- C:\Windows\debug
2018-05-22 18:45:58 ----A---- C:\Windows\SYSWOW64\log.txt
2018-05-19 20:02:42 ----SHD---- C:\Windows\Installer
2018-05-19 19:57:43 ----RD---- C:\Program Files (x86)
2018-05-19 19:52:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-19 19:52:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2018-05-17 13:55:29 ----D---- C:\Windows\Microsoft.NET
2018-05-17 13:52:16 ----RSD---- C:\Windows\assembly
2018-05-17 13:09:58 ----D---- C:\Windows\winsxs
2018-05-17 13:05:25 ----D---- C:\Program Files\Internet Explorer
2018-05-17 13:05:24 ----D---- C:\Program Files (x86)\Internet Explorer
2018-05-17 13:05:23 ----D---- C:\Windows\SYSWOW64\sk-SK
2018-05-17 13:05:23 ----D---- C:\Windows\SYSWOW64\en-US
2018-05-17 13:05:22 ----D---- C:\Windows\SysWOW64
2018-05-17 13:05:16 ----D---- C:\Windows\system32\sk-SK
2018-05-17 13:05:16 ----D---- C:\Windows\system32\en-US
2018-05-17 13:05:16 ----D---- C:\Windows\system32\drivers\en-US
2018-05-17 13:05:16 ----D---- C:\Windows\system32\drivers
2018-05-17 13:05:08 ----D---- C:\Windows\AppPatch
2018-05-17 13:05:08 ----D---- C:\Windows
2018-05-17 13:05:07 ----D---- C:\Windows\system32\Boot
2018-05-17 12:07:04 ----D---- C:\ProgramData\Microsoft Help
2018-05-17 12:01:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2018-05-17 08:12:30 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-05-16 21:58:43 ----D---- C:\Users\Kuratko\AppData\Roaming\MPC-HC
2018-05-16 21:57:03 ----D---- C:\Windows\system32\Tasks
2018-05-16 14:02:51 ----D---- C:\Windows\Tasks
2018-05-16 07:32:40 ----D---- C:\Windows\SoftwareDistribution
2018-05-15 22:33:58 ----D---- C:\Windows\Panther
2018-05-15 22:33:50 ----D---- C:\Windows\Logs
2018-05-15 22:33:49 ----D---- C:\Windows\Minidump
2018-05-08 22:27:14 ----D---- C:\Windows\system32\catroot2
2018-05-08 19:46:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-05-08 19:43:09 ----D---- C:\Windows\system32\Macromed
2018-05-08 19:42:36 ----D---- C:\Windows\SYSWOW64\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-15 22128]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-06-07 138296]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Acceler;Accelerometer Service; C:\Windows\system32\drivers\accelern.sys [2012-05-23 27760]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\drivers\Apfiltr.sys [2013-02-21 489264]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2011-01-18 22592]
R3 BCM43XX;Ovládač karty DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-01-18 4719680]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-02-22 5358016]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-02-27 342528]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\DRIVERS\O2MDRw7x64.sys [2011-01-03 74984]
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7x64.sys [2011-11-14 84712]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 MpKsl788e1b3f;MpKsl788e1b3f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0255BB21-AD93-4DFE-82C4-3455E257D8CC}\MpKsl788e1b3f.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-10-02 29696]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FoxitReaderService;Foxit Reader Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2016-12-29 1659592]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-03 325656]
R2 O2FLASH;O2FLASH; C:\Windows\system32\o2flash.exe [2011-11-16 244328]
R2 O2SDIOAssist;O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [2003-04-18 8192]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-03 2656280]
R2 wltrysvc;DW WLAN Tray Service; C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE [2011-01-18 48128]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-16 153168]
S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08 272384]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-03-14 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-16 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-04-22 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-05-19 194512]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-04-11 185528]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-21 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomaly system, pomale nacitani prohlizece

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Cervotoc
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 06 kvě 2008 23:36

Re: Pomaly system, pomale nacitani prohlizece

#3 Příspěvek od Cervotoc »

Nazdar,
díky moc za reakci, níže je log:

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-22.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2018
# Duration: 00:00:08
# OS: Windows 7 Home Premium
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{D3190106-C322-4406-8A3D-03F6DD7ED1CE}C:\users\kuratko\appdata\local\popcorn time offical\node-webkit\popcorn time.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{8F1BDD5F-B9D8-4173-A4AB-427464FEA644}C:\users\kuratko\appdata\local\popcorn time offical\node-webkit\popcorn time.exe

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomaly system, pomale nacitani prohlizece

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Cervotoc
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 06 kvě 2008 23:36

Re: Pomaly system, pomale nacitani prohlizece

#5 Příspěvek od Cervotoc »

FRSTLauncher spustit nešel. Logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Kuratko (administrator) on KURATKO-PC (24-05-2018 23:25:39)
Running from C:\Users\Kuratko\Desktop
Loaded Profiles: Kuratko (Available Profiles: Kuratko & Hasbend & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(O2Micro International) C:\Windows\System32\o2flash.exe
() C:\Windows\SysWOW64\srvany.exe
(O2Micro.) C:\Windows\SysWOW64\SDIOAssist.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] ()
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [6492672 2011-01-18] (Dell Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2280483659-30636890-3053837617-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334528 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-2280483659-30636890-3053837617-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [575952 2018-02-02] (ZONER software)
HKU\S-1-5-21-2280483659-30636890-3053837617-1001\...\MountPoints2: {5c654601-203e-11e8-b1d1-1c659df7a1b6} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2280483659-30636890-3053837617-1001\...\MountPoints2: {cc99ce9d-8375-11e4-a8a5-1c659df7a1b6} - Z:\SETUP.EXE
Startup: C:\Users\Kuratko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2015-01-12]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9566151D-266C-4FF5-B7C2-EAF2AA87BC2D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B0F31A8E-66B5-4943-9A49-0AC5EDBD2494}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\Kuratko\AppData\Roaming\Mozilla\Firefox\Profiles\domv9q8u.default [2018-05-24]
FF Homepage: Mozilla\Firefox\Profiles\domv9q8u.default -> www.google.com
FF Extension: (Adblock Plus) - C:\Users\Kuratko\AppData\Roaming\Mozilla\Firefox\Profiles\domv9q8u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-17]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\Kuratko\AppData\Roaming\Mozilla\Firefox\Profiles\domv9q8u.default\features\{2683b749-fc2d-4648-ac0f-a4a04ad079fc}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-05-24] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-12-29] (Foxit Software Inc.)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
R2 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5839872 2011-01-18] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S1 MpKsl788e1b3f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0255BB21-AD93-4DFE-82C4-3455E257D8CC}\MpKsl788e1b3f.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-24 23:25 - 2018-05-24 23:26 - 000011452 _____ C:\Users\Kuratko\Desktop\FRST.txt
2018-05-24 23:24 - 2018-05-24 23:25 - 000000000 ____D C:\FRST
2018-05-23 20:38 - 2018-05-23 20:39 - 000000000 ____D C:\AdwCleaner
2018-05-23 20:37 - 2018-05-23 20:37 - 007271632 _____ (Malwarebytes) C:\Users\Kuratko\Desktop\adwcleaner_7.1.1.exe
2018-05-22 23:01 - 2018-05-24 23:23 - 000000000 _____ C:\Users\Kuratko\Desktop\FRSTLauncher.exe
2018-05-22 23:00 - 2018-05-22 23:00 - 002413056 _____ (Farbar) C:\Users\Kuratko\Desktop\FRST64.exe
2018-05-22 22:57 - 2018-05-22 22:57 - 000000000 ____D C:\rsit
2018-05-22 22:57 - 2018-05-22 22:57 - 000000000 ____D C:\Program Files\trend micro
2018-05-22 22:28 - 2018-05-22 22:28 - 001222144 _____ C:\Users\Kuratko\Desktop\RSITx64.exe
2018-05-18 21:06 - 2018-05-19 21:40 - 000000000 ____D C:\Users\Kuratko\Desktop\happy foto vyber
2018-05-16 21:57 - 2018-05-16 21:57 - 000002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-05-16 19:43 - 2018-05-16 19:43 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-16 19:41 - 2018-04-23 20:02 - 000348832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-16 19:41 - 2018-04-23 02:12 - 004047040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-05-16 19:41 - 2018-04-23 02:12 - 003958464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-05-16 19:41 - 2018-04-23 01:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-05-16 19:41 - 2018-04-23 01:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-05-16 19:41 - 2018-04-23 01:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-05-16 19:41 - 2018-04-22 09:03 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-05-16 19:41 - 2018-04-22 09:02 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-05-16 19:41 - 2018-04-22 09:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-16 19:41 - 2018-04-22 08:57 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-05-16 19:41 - 2018-04-22 08:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-05-16 19:41 - 2018-04-22 08:39 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-05-16 19:41 - 2018-04-22 08:37 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-05-16 19:41 - 2018-04-22 08:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-16 19:41 - 2018-04-22 08:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-16 19:40 - 2018-04-23 01:44 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-05-16 19:40 - 2018-04-23 01:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-05-16 19:40 - 2018-04-23 01:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-05-16 19:40 - 2018-04-23 01:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-05-16 19:40 - 2018-04-23 01:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-05-16 19:40 - 2018-04-23 01:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-05-16 19:40 - 2018-04-23 01:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-05-16 19:40 - 2018-04-23 01:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-05-16 19:40 - 2018-04-23 01:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-05-16 19:40 - 2018-04-23 01:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-05-16 19:40 - 2018-04-23 01:24 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-05-16 19:40 - 2018-04-23 01:19 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-05-16 19:40 - 2018-04-23 01:19 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-05-16 19:40 - 2018-04-23 01:19 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-05-16 19:40 - 2018-04-23 01:19 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-05-16 19:40 - 2018-04-23 01:18 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-05-16 19:40 - 2018-04-22 09:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-16 19:40 - 2018-04-22 09:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-05-16 19:40 - 2018-04-22 09:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-16 19:40 - 2018-04-22 09:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-05-16 19:40 - 2018-04-22 09:03 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-05-16 19:40 - 2018-04-22 08:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-05-16 19:40 - 2018-04-22 08:55 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-05-16 19:40 - 2018-04-22 08:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-16 19:40 - 2018-04-22 08:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-16 19:40 - 2018-04-22 08:53 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-05-16 19:40 - 2018-04-22 08:45 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-05-16 19:40 - 2018-04-22 08:40 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-05-16 19:40 - 2018-04-22 08:37 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-05-16 19:40 - 2018-04-22 08:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-05-16 19:40 - 2018-04-22 08:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-05-16 19:40 - 2018-04-22 08:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-16 19:40 - 2018-04-22 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-16 19:40 - 2018-04-22 08:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-16 19:40 - 2018-04-22 08:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-16 19:40 - 2018-04-22 08:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-16 19:40 - 2018-04-22 08:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-05-16 19:40 - 2018-04-22 08:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-16 19:40 - 2018-04-18 17:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-16 19:40 - 2018-04-18 17:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-05-16 19:40 - 2018-04-18 17:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-05-16 19:40 - 2018-04-11 18:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-16 19:40 - 2018-04-11 18:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-16 19:40 - 2018-04-10 18:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-16 19:40 - 2018-04-10 18:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-16 19:40 - 2018-04-10 18:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-05-16 19:40 - 2018-03-19 00:16 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-05-16 19:40 - 2018-03-14 19:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-16 19:40 - 2018-03-14 18:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-16 19:40 - 2018-03-14 18:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-16 19:40 - 2018-03-14 18:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-16 19:40 - 2018-03-14 18:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-05-16 19:39 - 2018-04-23 20:57 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-05-16 19:39 - 2018-04-23 02:35 - 005583552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-16 19:39 - 2018-04-23 02:35 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-16 19:39 - 2018-04-23 02:35 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-05-16 19:39 - 2018-04-23 02:35 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-05-16 19:39 - 2018-04-23 02:35 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-05-16 19:39 - 2018-04-23 02:10 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-05-16 19:39 - 2018-04-23 02:07 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000512512 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 02:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-05-16 19:39 - 2018-04-23 01:31 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-05-16 19:39 - 2018-04-23 01:28 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-05-16 19:39 - 2018-04-23 01:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-05-16 19:39 - 2018-04-23 01:27 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-05-16 19:39 - 2018-04-23 01:25 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-05-16 19:39 - 2018-04-23 01:24 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-05-16 19:39 - 2018-04-23 01:24 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-05-16 19:39 - 2018-04-23 01:23 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-05-16 19:39 - 2018-04-23 01:23 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-05-16 19:39 - 2018-04-22 10:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-16 19:39 - 2018-04-22 09:53 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-05-16 19:39 - 2018-04-22 09:53 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-05-16 19:39 - 2018-04-22 09:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-16 19:39 - 2018-04-22 09:39 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-05-16 19:39 - 2018-04-22 09:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-16 19:39 - 2018-04-22 09:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-05-16 19:39 - 2018-04-22 09:38 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-05-16 19:39 - 2018-04-22 09:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-05-16 19:39 - 2018-04-22 09:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-16 19:39 - 2018-04-22 09:31 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-05-16 19:39 - 2018-04-22 09:30 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-05-16 19:39 - 2018-04-22 09:27 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-05-16 19:39 - 2018-04-22 09:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-16 19:39 - 2018-04-22 09:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-16 19:39 - 2018-04-22 09:26 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-05-16 19:39 - 2018-04-22 09:26 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-05-16 19:39 - 2018-04-22 09:18 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-05-16 19:39 - 2018-04-22 09:15 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-05-16 19:39 - 2018-04-22 09:08 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-05-16 19:39 - 2018-04-22 09:08 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-05-16 19:39 - 2018-04-22 09:07 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-05-16 19:39 - 2018-04-22 09:04 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-05-16 19:39 - 2018-04-22 09:04 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-05-16 19:39 - 2018-04-22 09:02 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-05-16 19:39 - 2018-04-22 09:00 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-05-16 19:39 - 2018-04-22 08:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-16 19:39 - 2018-04-22 08:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-16 19:39 - 2018-04-22 08:49 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-05-16 19:39 - 2018-04-22 08:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-16 19:39 - 2018-04-22 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-16 19:39 - 2018-04-22 08:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-05-16 19:39 - 2018-04-22 08:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-16 19:39 - 2018-04-22 08:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-16 19:39 - 2018-04-22 08:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-16 19:39 - 2018-04-18 18:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-16 19:39 - 2018-04-18 18:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-05-16 19:39 - 2018-04-18 17:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-05-16 19:39 - 2018-04-11 18:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-16 19:39 - 2018-04-11 18:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-16 19:39 - 2018-04-10 21:45 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-16 19:39 - 2018-04-10 18:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-05-16 19:39 - 2018-04-10 18:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-05-16 19:39 - 2018-04-10 18:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-16 19:39 - 2018-04-10 18:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-16 19:39 - 2018-04-10 17:54 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-16 19:39 - 2018-04-10 17:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-05-16 19:39 - 2018-04-10 17:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-16 19:39 - 2018-04-10 17:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-05-16 19:39 - 2018-04-07 18:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-05-16 19:39 - 2018-03-19 00:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-05-16 19:39 - 2018-03-14 19:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-16 19:39 - 2018-03-14 19:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-16 19:39 - 2018-03-14 19:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-16 19:39 - 2018-03-14 19:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-05-16 19:39 - 2018-03-14 18:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-16 19:39 - 2018-03-14 18:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-16 19:39 - 2018-03-14 18:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-16 19:39 - 2018-03-14 18:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-16 19:39 - 2018-03-14 18:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-16 19:39 - 2018-03-14 18:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-16 19:39 - 2018-03-14 18:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-16 19:38 - 2018-04-23 02:00 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-05-16 19:38 - 2018-04-23 02:00 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-05-16 19:38 - 2018-04-23 02:00 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-05-16 19:38 - 2018-04-23 02:00 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-05-16 19:38 - 2018-04-23 01:32 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-05-16 19:38 - 2018-04-23 01:32 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-05-16 19:38 - 2018-04-23 01:32 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-05-16 14:02 - 2018-05-19 19:57 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-16 14:02 - 2018-05-19 19:57 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 07:32 - 2018-05-16 07:35 - 000000000 ____D C:\Program Files (x86)\GUMCD1E.tmp
2018-05-16 07:32 - 2018-05-16 07:32 - 007649280 _____ C:\Program Files (x86)\GUTCD1F.tmp
2018-05-16 07:27 - 2018-05-16 07:27 - 000000000 ____D C:\Users\Kuratko\AppData\Local\Google
2018-05-15 22:32 - 2018-05-15 22:33 - 000000000 ____D C:\Users\Hasbend\AppData\Local\Google
2018-05-15 22:32 - 2018-05-15 22:33 - 000000000 ____D C:\Program Files\CCleaner
2018-05-15 22:32 - 2018-05-15 22:32 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-15 22:32 - 2018-05-15 22:32 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-15 22:32 - 2018-05-15 22:32 - 000000829 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-15 22:32 - 2018-05-15 22:32 - 000000300 ____H C:\Windows\Tasks\CCleaner Update.job
2018-05-15 22:32 - 2018-05-15 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-15 22:32 - 2018-05-15 22:32 - 000000000 ____D C:\Program Files (x86)\Google
2018-05-15 22:31 - 2018-05-15 22:31 - 015813864 _____ (Piriform Ltd) C:\Users\Hasbend\Downloads\ccsetup542(1).exe
2018-05-14 17:44 - 2018-05-14 17:46 - 000000000 ____D C:\cfa2566d1382acdd7b78dc336b4282a2
2018-05-09 19:31 - 2018-05-09 19:32 - 000000000 ____D C:\26a002b44142e2a570443f35e7a340
2018-05-08 19:26 - 2018-05-08 19:42 - 006084096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-24 23:23 - 2009-07-14 07:13 - 000790882 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-24 23:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-05-24 22:22 - 2009-07-14 06:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-05-24 22:22 - 2009-07-14 06:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-05-24 22:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-24 21:28 - 2009-07-14 07:08 - 000032600 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-05-24 21:16 - 2017-08-30 13:36 - 000000000 ____D C:\Users\Kuratko\AppData\Local\CrashDumps
2018-05-24 21:02 - 2016-11-21 21:45 - 000000000 ____D C:\Users\Kuratko\AppData\LocalLow\Mozilla
2018-05-22 22:45 - 2015-01-12 00:08 - 000000000 ____D C:\Users\Kuratko\AppData\Local\GHISLER
2018-05-22 21:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-05-19 19:52 - 2016-11-19 14:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-19 19:52 - 2014-10-12 22:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-17 13:08 - 2009-07-14 06:45 - 000442488 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-17 12:01 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-05-17 08:12 - 2014-02-21 12:01 - 000766100 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-05-16 21:58 - 2015-02-22 21:44 - 000000000 ____D C:\Users\Kuratko\AppData\Roaming\MPC-HC
2018-05-16 19:42 - 2017-03-14 18:25 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-16 07:27 - 2014-10-12 22:00 - 000120728 _____ C:\Users\Kuratko\AppData\Local\GDIPFONTCACHEV1.DAT
2018-05-15 22:37 - 2016-12-29 20:51 - 000000000 ____D C:\Users\Hasbend\AppData\LocalLow\Mozilla
2018-05-15 22:34 - 2016-12-30 09:48 - 000000000 ____D C:\Users\Hasbend\AppData\Roaming\MPC-HC
2018-05-15 22:33 - 2015-07-03 08:16 - 000000000 ____D C:\Windows\Minidump
2018-05-15 22:33 - 2014-02-21 03:07 - 000000000 ____D C:\Windows\Panther
2018-05-09 20:42 - 2015-09-03 21:12 - 000000000 ____D C:\Users\Guest
2018-05-09 20:39 - 2016-12-29 20:50 - 000000000 ____D C:\Users\Hasbend
2018-05-08 19:46 - 2014-10-13 20:44 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-08 19:46 - 2014-10-13 20:44 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-08 19:43 - 2014-10-13 12:54 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-08 19:42 - 2014-10-13 12:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed

==================== Files in the root of some directories =======

2018-05-16 07:32 - 2018-05-16 07:32 - 007649280 _____ () C:\Program Files (x86)\GUTCD1F.tmp
2017-10-03 08:49 - 2017-10-03 08:49 - 000180736 _____ () C:\Users\Kuratko\AppData\Local\TempPrihlaska-do-kroužku-Mihalík Šimon-1001 klub dětí a maminek I. Mikulov.xls

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-18 22:30

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Kuratko (24-05-2018 23:27:14)
Running from C:\Users\Kuratko\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-10-12 19:59:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2280483659-30636890-3053837617-500 - Administrator - Disabled)
Guest (S-1-5-21-2280483659-30636890-3053837617-501 - Limited - Disabled) => C:\Users\Guest
Hasbend (S-1-5-21-2280483659-30636890-3053837617-1003 - Administrator - Enabled) => C:\Users\Hasbend
HomeGroupUser$ (S-1-5-21-2280483659-30636890-3053837617-1002 - Limited - Enabled)
Kuratko (S-1-5-21-2280483659-30636890-3053837617-1001 - Administrator - Enabled) => C:\Users\Kuratko

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.34 - STMicroelectronics)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.01 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
DriverIdentifier 5.1 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.100.235.13 - Dell Inc.)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.0.2051 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
KeyShot 6 64 bit (HKLM-x32\...\KeyShot 6_64) (Version: 6.1 64 bit - Luxion ApS)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 60.0.1 (x64 cs)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.1.6710 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 cs)) (Version: 45.7.1 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\{D1F99472-746B-4D3D-8A11-0818B81A666F}) (Version: 3.0.07.43 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{D1F99472-746B-4D3D-8A11-0818B81A666F}) (Version: 3.0.07.43 - O2Micro International LTD.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd)
Registrace uživatele zařízení Canon MG6400 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG6400 series) (Version: - ‭Canon Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Solid Edge ST9 (HKLM\...\{1E02E133-6790-460A-B9C7-9CEA71CB502A}) (Version: 109.00.00111 - Siemens)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1802.2.51 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-12-23] (Foxit Software Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-22] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-12-23] (Foxit Software Inc.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)
ContextMenuHandlers4_S-1-5-21-2280483659-30636890-3053837617-1001: [Fb2kShellExt] -> {511D48AF-9E45-4CB8-8F02-9C1BE4BC3CF8} => C:\Program Files (x86)\foobar2000\ShellExt64.dll [2013-04-03] (Peter Pawlowski)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10DE42E5-720E-4935-9C1F-62F5D3526158} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-16] (Google Inc.)
Task: {180CF518-423C-43A6-ADC5-BCFA2E69DF02} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe
Task: {30772C16-73D8-4D4E-AA32-ED196941DAC1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B
Task: {3B42A6BB-4CD5-41A0-9774-3ACDBD05CEB4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-16] (Google Inc.)
Task: {505CA976-F056-4749-874E-B6E35EB0C7F4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-5d => C:\Windows\system32\GWX\GWX.exe
Task: {60B048F5-B291-4819-9951-E9FAAE6EB78D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {6E4160EF-B835-43BA-9597-7C54B539D529} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe
Task: {AA87F48A-CF55-4C72-8C3D-4D779D5E2FA0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe
Task: {AE365E2A-E8CD-4AC9-B15D-C9BAEEB97B28} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-04-12] (Piriform Ltd)
Task: {D85482EB-F909-4275-96D6-E1C1920F9EF3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-03-26 16:45 - 2003-04-18 19:06 - 000008192 _____ () C:\Windows\SysWOW64\srvany.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-26 16:30 - 2012-09-05 13:51 - 000686744 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2014-03-03 16:04 - 2013-02-22 15:43 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2280483659-30636890-3053837617-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuratko\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4EF7D027-9C13-432F-B29A-EF04644D3E34}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9AD892DA-9346-45BE-A687-C6D8FE18BE04}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D2E9921B-6479-4853-BD8B-9F3B9D856F4A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3D2CDA05-838A-4E63-A8E6-93E8D25F58C1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{C42F74F2-2136-49B3-8AEE-87146D019681}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{17F88FEA-FCF1-4A94-AFCF-0182F4D52A96}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{2794BC24-1004-4F05-B343-36237EA87CB0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{838634C7-7FD8-40B6-BB6C-D3A478B64386}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0899D100-7A73-4902-BB52-27F20FF4BC94}C:\users\hasbend\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hasbend\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{3FC86143-2DA4-4CC9-9BB7-056EA13DDD47}C:\users\hasbend\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hasbend\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{71A48190-42F6-4A58-B918-C1491A0C5B90}] => (Allow) C:\Program Files\KeyShot6\bin\keyshot6.exe
FirewallRules: [{9B752875-59D5-4C0E-A90A-2842FD54AA86}] => (Allow) C:\Program Files\KeyShot6\bin\keyshot_daemon.exe
FirewallRules: [{2C9E8581-C0D5-4E12-9E37-8DC2BCC065B8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: MpKsl788e1b3f
Description: MpKsl788e1b3f
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl788e1b3f
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/24/2018 11:23:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/24/2018 11:23:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/24/2018 10:21:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/24/2018 10:21:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/24/2018 10:17:49 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemôže získať prístup k súboru C:\Windows\System32\sysmain.dll kvôli jednej z nasledujúcich príčin:
existuje problém so sieťovým pripojením, diskom, na ktorom je súbor uložený, alebo ovládačmi pamäťových
zariadení inštalovanými v tomto počítači; alebo chýba disk.
Systém Windows kvôli tejto chybe zavrel program Host Process for Windows Services.

Program: Host Process for Windows Services
Súbor: C:\Windows\System32\sysmain.dll

Hodnota chyby sa uvádza v sekcii Ďalšie údaje.
Akcia používateľa
1. Otvorte znova súbor.
Táto situácia môže byť dočasným problémom, ktorý sa vyrieši sám pri ďalšom spustení programu.
2.
Ak sa k súboru naďalej nedá získať prístup a
- je v sieti,
váš správca siete by mal overiť, či sa nevyskytol problém so sieťou a či sa server dá kontaktovať.
- je na vymeniteľnom disku, napríklad na diskete alebo disku CD-ROM, overte či je disk úplne vložený v počítači.
3. Skontrolujte a opravte systém súborov spustením programu CHKDSK. Ak chcete spustiť program CHKDSK, kliknite na tlačidlo Štart, kliknite na položku Spustiť, zadajte CMD a potom kliknite na tlačidlo OK. V príkazovom riadku zadajte príkaz CHKDSK /F a potom stlačte kláves ENTER.
4. Ak problém pretrváva, obnovte súbor zo záložnej kópie.
5. Zistite, či sa dajú otvoriť iné súbory na tom istom disku. Ak nie, disk môže byť poškodený. Ak ide o pevný disk, požiadajte o pomoc svojho správcu systému alebo
dodávateľa počítačového hardvéru.

Ďalšie údaje
Chybová hodnota: C0000185
Typ disku: 3

Error: (05/24/2018 10:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: svchost.exe_SysMain, verzia: 6.1.7600.16385, časová značka: 0x4a5bc3c1
Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.24117, časová značka: 0x5add228d
Kód výnimky: 0xc0000006
Odstup chyby: 0x0000000000040175
Identifikácia chybného procesu: 0x880
Čas spustenia chybnej aplikácie: 0x01d3f3918e0c3e0c
Cesta chybnej aplikácie: C:\Windows\system32\svchost.exe
Cesta chybného modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 86db0783-5f8f-11e8-b69c-1c659df7a1b6

Error: (05/24/2018 10:15:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/24/2018 09:23:19 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemôže získať prístup k súboru C:\Windows\System32\browser.dll kvôli jednej z nasledujúcich príčin:
existuje problém so sieťovým pripojením, diskom, na ktorom je súbor uložený, alebo ovládačmi pamäťových
zariadení inštalovanými v tomto počítači; alebo chýba disk.
Systém Windows kvôli tejto chybe zavrel program Host Process for Windows Services.

Program: Host Process for Windows Services
Súbor: C:\Windows\System32\browser.dll

Hodnota chyby sa uvádza v sekcii Ďalšie údaje.
Akcia používateľa
1. Otvorte znova súbor.
Táto situácia môže byť dočasným problémom, ktorý sa vyrieši sám pri ďalšom spustení programu.
2.
Ak sa k súboru naďalej nedá získať prístup a
- je v sieti,
váš správca siete by mal overiť, či sa nevyskytol problém so sieťou a či sa server dá kontaktovať.
- je na vymeniteľnom disku, napríklad na diskete alebo disku CD-ROM, overte či je disk úplne vložený v počítači.
3. Skontrolujte a opravte systém súborov spustením programu CHKDSK. Ak chcete spustiť program CHKDSK, kliknite na tlačidlo Štart, kliknite na položku Spustiť, zadajte CMD a potom kliknite na tlačidlo OK. V príkazovom riadku zadajte príkaz CHKDSK /F a potom stlačte kláves ENTER.
4. Ak problém pretrváva, obnovte súbor zo záložnej kópie.
5. Zistite, či sa dajú otvoriť iné súbory na tom istom disku. Ak nie, disk môže byť poškodený. Ak ide o pevný disk, požiadajte o pomoc svojho správcu systému alebo
dodávateľa počítačového hardvéru.

Ďalšie údaje
Chybová hodnota: C0000185
Typ disku: 3


System errors:
=============
Error: (05/24/2018 11:24:02 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.39.
The computer with the IP address 192.168.1.4 did not allow the name to be claimed by
this computer.

Error: (05/24/2018 11:18:51 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.39.
The computer with the IP address 192.168.1.4 did not allow the name to be claimed by
this computer.

Error: (05/24/2018 11:13:41 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.39.
The computer with the IP address 192.168.1.4 did not allow the name to be claimed by
this computer.

Error: (05/24/2018 11:08:31 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.39.
The computer with the IP address 192.168.1.4 did not allow the name to be claimed by
this computer.

Error: (05/24/2018 11:03:20 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.39.
The computer with the IP address 192.168.1.4 did not allow the name to be claimed by
this computer.

Error: (05/24/2018 11:02:15 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.39.
The computer with the IP address 192.168.1.4 did not allow the name to be claimed by
this computer.

Error: (05/24/2018 10:57:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.39.
The computer with the IP address 192.168.1.4 did not allow the name to be claimed by
this computer.

Error: (05/24/2018 10:51:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.39.
The computer with the IP address 192.168.1.4 did not allow the name to be claimed by
this computer.


CodeIntegrity:
===================================

Date: 2018-05-18 11:09:02.148
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Setup.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-05-18 11:07:24.218
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Microsoft Security Client\Setup.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 36%
Total physical RAM: 8088.93 MB
Available physical RAM: 5122.19 MB
Total Virtual: 16176.04 MB
Available Virtual: 13119.46 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:226.84 GB) (Free:93.14 GB) NTFS
Drive f: (EOS_DIGITAL) (Removable) (Total:7.28 GB) (Free:5.99 GB) FAT32
Drive z: (OFFICE14) (CDROM) (Total:2.39 GB) (Free:0 GB) UDF

\\?\Volume{6e75f045-4f92-11e4-b4a7-806e6f6e6963}\ (System) (Fixed) (Total:6.04 GB) (Free:0.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: C99C98BB)
Partition 1: (Active) - (Size=6 GB) - (Type=27)
Partition 2: (Not Active) - (Size=226.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 7.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomaly system, pomale nacitani prohlizece

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

Folder: C:\cfa2566d1382acdd7b78dc336b4282a2
Folder: C:\26a002b44142e2a570443f35e7a340

HKU\S-1-5-21-2280483659-30636890-3053837617-1001\...\MountPoints2: {5c654601-203e-11e8-b1d1-1c659df7a1b6} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2280483659-30636890-3053837617-1001\...\MountPoints2: {cc99ce9d-8375-11e4-a8a5-1c659df7a1b6} - Z:\SETUP.EXE
S1 MpKsl788e1b3f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0255BB21-AD93-4DFE-82C4-3455E257D8CC}\MpKsl788e1b3f.sys [X]
Task: {180CF518-423C-43A6-ADC5-BCFA2E69DF02} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe
Task: {30772C16-73D8-4D4E-AA32-ED196941DAC1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B
Task: {505CA976-F056-4749-874E-B6E35EB0C7F4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-5d => C:\Windows\system32\GWX\GWX.exe

C:\Program Files (x86)\*.tmp

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Cervotoc
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 06 kvě 2008 23:36

Re: Pomaly system, pomale nacitani prohlizece

#7 Příspěvek od Cervotoc »

Ahoj, omlouvam se za prodlenou reakci, ale pracovali jsme na nasem taboristi na priprave tabora. Zde je log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Kuratko (29-05-2018 20:48:17) Run:1
Running from C:\Users\Kuratko\Desktop
Loaded Profiles: Kuratko (Available Profiles: Kuratko & Hasbend & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Folder: C:\cfa2566d1382acdd7b78dc336b4282a2
Folder: C:\26a002b44142e2a570443f35e7a340

HKU\S-1-5-21-2280483659-30636890-3053837617-1001\...\MountPoints2: {5c654601-203e-11e8-b1d1-1c659df7a1b6} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2280483659-30636890-3053837617-1001\...\MountPoints2: {cc99ce9d-8375-11e4-a8a5-1c659df7a1b6} - Z:\SETUP.EXE
S1 MpKsl788e1b3f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0255BB21-AD93-4DFE-82C4-3455E257D8CC}\MpKsl788e1b3f.sys [X]
Task: {180CF518-423C-43A6-ADC5-BCFA2E69DF02} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe
Task: {30772C16-73D8-4D4E-AA32-ED196941DAC1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B
Task: {505CA976-F056-4749-874E-B6E35EB0C7F4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-5d => C:\Windows\system32\GWX\GWX.exe

C:\Program Files (x86)\*.tmp

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= Folder: C:\cfa2566d1382acdd7b78dc336b4282a2 ========================

2018-03-17 00:39 - 2018-03-17 00:39 - 000016118 ____N [CD131D41791A543CC6F6ED1EA5BD257C] () C:\cfa2566d1382acdd7b78dc336b4282a2\DHtmlHeader.html
2017-02-14 13:00 - 2017-02-14 13:00 - 000007306 ____N [F524CFC2CAA73FCE34CE1278DE6E31AD] () C:\cfa2566d1382acdd7b78dc336b4282a2\header.bmp
2018-04-02 23:33 - 2018-04-02 23:33 - 041467904 ____N [8DBAEC131594A06E3D593B7C6C8394F3] () C:\cfa2566d1382acdd7b78dc336b4282a2\NDP47-KB4096418.msp
2018-04-02 23:33 - 2018-04-02 23:33 - 000089196 ____N [02487EFE3EE05A829C3D044C27F7A966] () C:\cfa2566d1382acdd7b78dc336b4282a2\ParameterInfo.xml
2018-03-21 06:49 - 2018-03-21 06:49 - 000088160 ____N [CE4D225D82CFA64D4595750AC88F30CE] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\Setup.exe
2018-03-21 06:49 - 2018-03-21 06:49 - 000888992 ____N [9AD704968414FCC4CD1A1CAC2460006F] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\SetupEngine.dll
2018-03-21 06:49 - 2018-03-21 06:49 - 000320144 ____N [F1B1281D766D0D84AA082C399BA0D35F] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\SetupUi.dll
2018-03-21 04:43 - 2018-03-21 04:43 - 000032572 ____N [A9F6A028E93F3F6822EB900EC3FDA7AD] () C:\cfa2566d1382acdd7b78dc336b4282a2\SetupUi.xsd
2018-03-21 06:49 - 2018-03-21 06:49 - 000221288 ____N [425C50F99B858489ABCAA4DFBE162E75] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\SetupUtility.exe
2017-02-14 13:14 - 2017-02-14 13:14 - 000196662 ____N [F683273DBD7230AAAE9166984F6CB2AC] () C:\cfa2566d1382acdd7b78dc336b4282a2\SplashScreen.bmp
2018-04-02 19:37 - 2018-04-02 19:37 - 000226456 ____N [6404765DEB80C2D8986F60DCE505915B] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\sqmapi.dll
2017-02-14 13:14 - 2017-02-14 13:14 - 000014092 ____N [87D3128A627B017EC3F02C91332ECBB3] () C:\cfa2566d1382acdd7b78dc336b4282a2\Strings.xml
2017-02-14 13:14 - 2017-02-14 13:14 - 000036428 ____N [149A6B697D8B8AF48F7CDA3F94154A97] () C:\cfa2566d1382acdd7b78dc336b4282a2\UiInfo.xml
2017-02-14 13:00 - 2017-02-14 13:00 - 000110348 ____N [414B690D91B1E6A3BC4B8A02B373E561] () C:\cfa2566d1382acdd7b78dc336b4282a2\watermark.bmp
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1025
2018-04-02 19:36 - 2018-04-02 19:36 - 000124495 ____N [BC8A899443E94AA88B0EFA37692D39D7] () C:\cfa2566d1382acdd7b78dc336b4282a2\1025\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000079158 ____N [A7E98AAED7EC0990F1D0367691C6A9EE] () C:\cfa2566d1382acdd7b78dc336b4282a2\1025\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000028840 ____N [EB50A8D2B67C7B3B35D21B89DEA474AE] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1025\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1028
2018-04-02 19:36 - 2018-04-02 19:36 - 000160295 ____N [4E7525532E037599BD981C604C9E0B58] () C:\cfa2566d1382acdd7b78dc336b4282a2\1028\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000068192 ____N [9D2B5800A25617446A075595603A831B] () C:\cfa2566d1382acdd7b78dc336b4282a2\1028\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000025408 ____N [4A6C948AF89745BE7C49590008E6BDE8] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1028\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1029
2018-04-02 19:36 - 2018-04-02 19:36 - 000132348 ____N [C39D3B9DB59960BA9CEB6B9D3C2AABC1] () C:\cfa2566d1382acdd7b78dc336b4282a2\1029\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000084916 ____N [86C26D043EF55E0B7AC449E9D0BEB260] () C:\cfa2566d1382acdd7b78dc336b4282a2\1029\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030016 ____N [C0CFE5A1C38ACD15B97A453646D75F64] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1029\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1030
2018-04-02 19:36 - 2018-04-02 19:36 - 000131637 ____N [1714BF464118FC48E951A079A29F4D11] () C:\cfa2566d1382acdd7b78dc336b4282a2\1030\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000082546 ____N [B93AFB7E48CB0BB1AC7DCC74A6A7FD06] () C:\cfa2566d1382acdd7b78dc336b4282a2\1030\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030024 ____N [32E37964FB5952F9429E25CBA649C0FB] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1030\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1031
2018-04-02 19:36 - 2018-04-02 19:36 - 000111186 ____N [8A4A240A60BB32E3CD53E1ABA87C0C79] () C:\cfa2566d1382acdd7b78dc336b4282a2\1031\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000087144 ____N [D75F2C803EB3743201F5B7334DCED9EB] () C:\cfa2566d1382acdd7b78dc336b4282a2\1031\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000031040 ____N [B21F58DCB002EDC7FBBB3DDC6AA2D0FE] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1031\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1032
2018-04-02 19:36 - 2018-04-02 19:36 - 000142041 ____N [7DFBC4B3B86DEBE4B46E03C633346CCC] () C:\cfa2566d1382acdd7b78dc336b4282a2\1032\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000089200 ____N [ED1ADF35AA276CBC30EBFA8ED2F7C338] () C:\cfa2566d1382acdd7b78dc336b4282a2\1032\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000031552 ____N [67EB9DAABD1CA2E4D338E3981CBBC42C] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1032\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1033
2018-04-02 19:36 - 2018-04-02 19:36 - 000128314 ____N [A9CC9946D59444327FC2DE158C43AA38] () C:\cfa2566d1382acdd7b78dc336b4282a2\1033\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000082156 ____N [E3F4221595539E72ED44B584599E2DF9] () C:\cfa2566d1382acdd7b78dc336b4282a2\1033\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000028992 ____N [78159F82C18C2BA2893FA39D4BCEB3D8] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1033\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1035
2018-04-02 19:36 - 2018-04-02 19:36 - 000137247 ____N [406D246B68E5437CAC90ADE45ACDDF36] () C:\cfa2566d1382acdd7b78dc336b4282a2\1035\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000083002 ____N [411846D9D906107D90A6964C2317766F] () C:\cfa2566d1382acdd7b78dc336b4282a2\1035\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030016 ____N [2BD5F1A2A6BD883927CB59EAE3E963CE] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1035\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1036
2018-04-02 19:36 - 2018-04-02 19:36 - 000156440 ____N [7BBE5ABC6BEA511D2F1BC3AAD0375839] () C:\cfa2566d1382acdd7b78dc336b4282a2\1036\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000086914 ____N [22F09B1C83130D4C058A794B9E4268AF] () C:\cfa2566d1382acdd7b78dc336b4282a2\1036\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000031040 ____N [EABE668BF36A1EF4A1BFDB09FB7D7E6C] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1036\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1037
2018-04-02 19:36 - 2018-04-02 19:36 - 000146392 ____N [3BE1992CD2E4D9CA5D89621F25559378] () C:\cfa2566d1382acdd7b78dc336b4282a2\1037\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000077616 ____N [0A69033B2ABF83D2054076105C18F2F3] () C:\cfa2566d1382acdd7b78dc336b4282a2\1037\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000028480 ____N [5BD12F7AA3C014AEF1424624BEA7A583] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1037\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1038
2018-04-02 19:36 - 2018-04-02 19:36 - 000158420 ____N [293E0D15A4C1BEE5B9780C2A1874664E] () C:\cfa2566d1382acdd7b78dc336b4282a2\1038\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000085746 ____N [9F53428893FB832B79B5ECE1C4EF51F7] () C:\cfa2566d1382acdd7b78dc336b4282a2\1038\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000031040 ____N [6096C23C2A5810736122A0CBA8FE4F28] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1038\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1040
2018-04-02 19:36 - 2018-04-02 19:36 - 000147275 ____N [67A9F0946D135A41E51D90220C0C8C67] () C:\cfa2566d1382acdd7b78dc336b4282a2\1040\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000084758 ____N [74BF52FD98A259ACFFE4E73B04AD4574] () C:\cfa2566d1382acdd7b78dc336b4282a2\1040\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030536 ____N [9AE34118F6AFAA8556C2CA80734575D3] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1040\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1041
2018-04-02 19:36 - 2018-04-02 19:36 - 000155616 ____N [D3F251C6FCF02EA716013D9AA8300AAE] () C:\cfa2566d1382acdd7b78dc336b4282a2\1041\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000074068 ____N [0C5B4D8338EF972A0D411A437C650038] () C:\cfa2566d1382acdd7b78dc336b4282a2\1041\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000026944 ____N [2D6C3EA27B58047C2A23ADE1C69C6260] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1041\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1042
2018-04-02 19:36 - 2018-04-02 19:36 - 000259432 ____N [BC276E5145DB5CA24127CB921C5E2808] () C:\cfa2566d1382acdd7b78dc336b4282a2\1042\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000072368 ____N [34603AF0C03C284F58542D1E0D559AC6] () C:\cfa2566d1382acdd7b78dc336b4282a2\1042\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000026432 ____N [2CAE2C2EB3D578693D1298D00E744224] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1042\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1043
2018-04-02 19:36 - 2018-04-02 19:36 - 000137812 ____N [44A3F631D72D0253913344A6451C9C04] () C:\cfa2566d1382acdd7b78dc336b4282a2\1043\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000084344 ____N [D320287DB2ADADA1D34C2EA9934A1AAB] () C:\cfa2566d1382acdd7b78dc336b4282a2\1043\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000031048 ____N [395170A73A1C14D494740AD3C69C645A] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1043\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1044
2018-04-02 19:36 - 2018-04-02 19:36 - 000148376 ____N [9E163591854612B03E48DC660157778A] () C:\cfa2566d1382acdd7b78dc336b4282a2\1044\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000083860 ____N [33D28A6DB915C727A30ABD5FD4B98B78] () C:\cfa2566d1382acdd7b78dc336b4282a2\1044\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000029504 ____N [957DFE8DE7DC212704BAF9AE8E3CE555] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1044\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1045
2018-04-02 19:36 - 2018-04-02 19:36 - 000151635 ____N [AB648E920DC59FB45DD2F9FD9022395F] () C:\cfa2566d1382acdd7b78dc336b4282a2\1045\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000086776 ____N [679919134BD90B2992A82EF0FD25BB84] () C:\cfa2566d1382acdd7b78dc336b4282a2\1045\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030528 ____N [83671A02F05FDB271C6391A22B82B445] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1045\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1046
2018-04-02 19:36 - 2018-04-02 19:36 - 000137226 ____N [38D9C6729A26CE70A4C1FDCDF713330C] () C:\cfa2566d1382acdd7b78dc336b4282a2\1046\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000083644 ____N [084F75F2AA48151487B3E4FC35BDB4EA] () C:\cfa2566d1382acdd7b78dc336b4282a2\1046\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030016 ____N [AAF52770F33F92941C1F51861B569F71] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1046\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1049
2018-04-02 19:36 - 2018-04-02 19:36 - 000188741 ____N [2DC63EF2D9079C2035E938A163E01654] () C:\cfa2566d1382acdd7b78dc336b4282a2\1049\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000085334 ____N [36827D02F4AEFE62B6399BAEE0440D61] () C:\cfa2566d1382acdd7b78dc336b4282a2\1049\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030528 ____N [572461BD452E1C6B35ADD669EE0B737D] (Корпорация Майкрософт) C:\cfa2566d1382acdd7b78dc336b4282a2\1049\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1053
2018-04-02 19:36 - 2018-04-02 19:36 - 000149236 ____N [8CA89FAFA113BDCA3DFB5A141E206B84] () C:\cfa2566d1382acdd7b78dc336b4282a2\1053\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000082488 ____N [64CBC05BD2920C4DBEA44C66F4BBDBB7] () C:\cfa2566d1382acdd7b78dc336b4282a2\1053\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030016 ____N [0CB55319697BDD27C1DEF2D3A0F29FF0] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1053\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\1055
2018-04-02 19:36 - 2018-04-02 19:36 - 000140171 ____N [3414258B3034783490A8BA099B2DAB25] () C:\cfa2566d1382acdd7b78dc336b4282a2\1055\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000082458 ____N [AEC5CE346CF4627EDA59632477F56641] () C:\cfa2566d1382acdd7b78dc336b4282a2\1055\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030024 ____N [F63EBCAC5BC43564803BAD12CFF5272F] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\1055\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\2052
2018-04-02 19:36 - 2018-04-02 19:36 - 000146273 ____N [FD7FADA8C96C3CDD1B3B411F4FBF483D] () C:\cfa2566d1382acdd7b78dc336b4282a2\2052\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000068160 ____N [C3AF1BFD755FE3EB5E14EFCE645E2AE1] () C:\cfa2566d1382acdd7b78dc336b4282a2\2052\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000025408 ____N [56110B7DB85703CDAFA8745CBD90778C] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\2052\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\2070
2018-04-02 19:36 - 2018-04-02 19:36 - 000147662 ____N [FE8360F7B19F7869E6492990DBF85F78] () C:\cfa2566d1382acdd7b78dc336b4282a2\2070\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000085284 ____N [312C4E86F121D86005D1A2BAC2D5405A] () C:\cfa2566d1382acdd7b78dc336b4282a2\2070\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030536 ____N [E00A04601F1D04F999980AA977A61C86] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\2070\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\3082
2018-04-02 19:36 - 2018-04-02 19:36 - 000129883 ____N [0F3C263C53AFADA86D3992BFCD7D91E5] () C:\cfa2566d1382acdd7b78dc336b4282a2\3082\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000084564 ____N [A42ECA4C40EC39DAEAE7227E6F18ECC7] () C:\cfa2566d1382acdd7b78dc336b4282a2\3082\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030536 ____N [148544301C6B041782956FFCA0FE5D8E] (Microsoft Corporation) C:\cfa2566d1382acdd7b78dc336b4282a2\3082\SetupResources.dll
2018-05-14 17:44 - 2018-05-14 17:44 - 000000000 ____D [00000000000000000000000000000000] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics
2018-04-02 19:37 - 2018-04-02 19:37 - 000126132 ____N [D39BAD9DDA7B91613CB29B6BD55F0901] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Print.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143901 ____N [9B70C7FA81DCA6D3B992037D0C251D92] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Rotate1.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143932 ____N [0CCA04A3468575FDCEFEE9957E32F904] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Rotate10.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000144110 ____N [F824905E5501603E6720B784ADD71BDD] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Rotate2.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000144151 ____N [0ADE6BE0DF29400E5534AA71ABFA03F6] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Rotate3.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000144033 ____N [267B198FEF022D3B1D44CCA7FE589373] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Rotate4.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143871 ____N [25F0D572761CB610BDAD6DD980C46CC7] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Rotate5.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143881 ____N [5AC2B8E1A766C204F996D9CE33FB3DB4] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Rotate6.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000144084 ____N [B4947D242AB4A902031FCD1FFD3A56CD] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Rotate7.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143835 ____N [E7A252C763CE259F800183FD9DD1F512] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Rotate8.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000144064 ____N [8853DA1F831CAE28E59D45F5E51885AC] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Rotate9.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000126548 ____N [C66BBE8F84496EF85F7AF6BED5212CEC] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Save.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000126246 ____N [6125F32AA97772AFDFF2649BD403419B] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\Setup.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000190199 ____N [7D1BCCCE4F2EE7C824C6304C4A2F9736] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\stop.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000136313 ____N [889472312E724195D7B946EECAEA20C1] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\SysReqMet.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143990 ____N [ECA24331CE0850D188BD2EB5C22DE684] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\SysReqNotMet.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000199341 ____N [C8824EA3CE0A54FF1E89F8A296B4E64B] () C:\cfa2566d1382acdd7b78dc336b4282a2\Graphics\warn.ico

====== End of Folder: ======


========================= Folder: C:\26a002b44142e2a570443f35e7a340 ========================

2018-03-17 00:39 - 2018-03-17 00:39 - 000016118 ____N [CD131D41791A543CC6F6ED1EA5BD257C] () C:\26a002b44142e2a570443f35e7a340\DHtmlHeader.html
2017-02-14 13:00 - 2017-02-14 13:00 - 000007306 ____N [F524CFC2CAA73FCE34CE1278DE6E31AD] () C:\26a002b44142e2a570443f35e7a340\header.bmp
2018-04-02 23:33 - 2018-04-02 23:33 - 041467904 ____N [8DBAEC131594A06E3D593B7C6C8394F3] () C:\26a002b44142e2a570443f35e7a340\NDP47-KB4096418.msp
2018-04-02 23:33 - 2018-04-02 23:33 - 000089196 ____N [02487EFE3EE05A829C3D044C27F7A966] () C:\26a002b44142e2a570443f35e7a340\ParameterInfo.xml
2018-03-21 06:49 - 2018-03-21 06:49 - 000088160 ____N [CE4D225D82CFA64D4595750AC88F30CE] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\Setup.exe
2018-03-21 06:49 - 2018-03-21 06:49 - 000888992 ____N [9AD704968414FCC4CD1A1CAC2460006F] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\SetupEngine.dll
2018-03-21 06:49 - 2018-03-21 06:49 - 000320144 ____N [F1B1281D766D0D84AA082C399BA0D35F] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\SetupUi.dll
2018-03-21 04:43 - 2018-03-21 04:43 - 000032572 ____N [A9F6A028E93F3F6822EB900EC3FDA7AD] () C:\26a002b44142e2a570443f35e7a340\SetupUi.xsd
2018-03-21 06:49 - 2018-03-21 06:49 - 000221288 ____N [425C50F99B858489ABCAA4DFBE162E75] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\SetupUtility.exe
2017-02-14 13:14 - 2017-02-14 13:14 - 000196662 ____N [F683273DBD7230AAAE9166984F6CB2AC] () C:\26a002b44142e2a570443f35e7a340\SplashScreen.bmp
2018-04-02 19:37 - 2018-04-02 19:37 - 000226456 ____N [6404765DEB80C2D8986F60DCE505915B] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\sqmapi.dll
2017-02-14 13:14 - 2017-02-14 13:14 - 000014092 ____N [87D3128A627B017EC3F02C91332ECBB3] () C:\26a002b44142e2a570443f35e7a340\Strings.xml
2017-02-14 13:14 - 2017-02-14 13:14 - 000036428 ____N [149A6B697D8B8AF48F7CDA3F94154A97] () C:\26a002b44142e2a570443f35e7a340\UiInfo.xml
2017-02-14 13:00 - 2017-02-14 13:00 - 000110348 ____N [414B690D91B1E6A3BC4B8A02B373E561] () C:\26a002b44142e2a570443f35e7a340\watermark.bmp
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1025
2018-04-02 19:36 - 2018-04-02 19:36 - 000124495 ____N [BC8A899443E94AA88B0EFA37692D39D7] () C:\26a002b44142e2a570443f35e7a340\1025\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000079158 ____N [A7E98AAED7EC0990F1D0367691C6A9EE] () C:\26a002b44142e2a570443f35e7a340\1025\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000028840 ____N [EB50A8D2B67C7B3B35D21B89DEA474AE] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1025\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1028
2018-04-02 19:36 - 2018-04-02 19:36 - 000160295 ____N [4E7525532E037599BD981C604C9E0B58] () C:\26a002b44142e2a570443f35e7a340\1028\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000068192 ____N [9D2B5800A25617446A075595603A831B] () C:\26a002b44142e2a570443f35e7a340\1028\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000025408 ____N [4A6C948AF89745BE7C49590008E6BDE8] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1028\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1029
2018-04-02 19:36 - 2018-04-02 19:36 - 000132348 ____N [C39D3B9DB59960BA9CEB6B9D3C2AABC1] () C:\26a002b44142e2a570443f35e7a340\1029\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000084916 ____N [86C26D043EF55E0B7AC449E9D0BEB260] () C:\26a002b44142e2a570443f35e7a340\1029\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030016 ____N [C0CFE5A1C38ACD15B97A453646D75F64] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1029\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1030
2018-04-02 19:36 - 2018-04-02 19:36 - 000131637 ____N [1714BF464118FC48E951A079A29F4D11] () C:\26a002b44142e2a570443f35e7a340\1030\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000082546 ____N [B93AFB7E48CB0BB1AC7DCC74A6A7FD06] () C:\26a002b44142e2a570443f35e7a340\1030\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030024 ____N [32E37964FB5952F9429E25CBA649C0FB] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1030\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1031
2018-04-02 19:36 - 2018-04-02 19:36 - 000111186 ____N [8A4A240A60BB32E3CD53E1ABA87C0C79] () C:\26a002b44142e2a570443f35e7a340\1031\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000087144 ____N [D75F2C803EB3743201F5B7334DCED9EB] () C:\26a002b44142e2a570443f35e7a340\1031\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000031040 ____N [B21F58DCB002EDC7FBBB3DDC6AA2D0FE] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1031\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1032
2018-04-02 19:36 - 2018-04-02 19:36 - 000142041 ____N [7DFBC4B3B86DEBE4B46E03C633346CCC] () C:\26a002b44142e2a570443f35e7a340\1032\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000089200 ____N [ED1ADF35AA276CBC30EBFA8ED2F7C338] () C:\26a002b44142e2a570443f35e7a340\1032\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000031552 ____N [67EB9DAABD1CA2E4D338E3981CBBC42C] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1032\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1033
2018-04-02 19:36 - 2018-04-02 19:36 - 000128314 ____N [A9CC9946D59444327FC2DE158C43AA38] () C:\26a002b44142e2a570443f35e7a340\1033\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000082156 ____N [E3F4221595539E72ED44B584599E2DF9] () C:\26a002b44142e2a570443f35e7a340\1033\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000028992 ____N [78159F82C18C2BA2893FA39D4BCEB3D8] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1033\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1035
2018-04-02 19:36 - 2018-04-02 19:36 - 000137247 ____N [406D246B68E5437CAC90ADE45ACDDF36] () C:\26a002b44142e2a570443f35e7a340\1035\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000083002 ____N [411846D9D906107D90A6964C2317766F] () C:\26a002b44142e2a570443f35e7a340\1035\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030016 ____N [2BD5F1A2A6BD883927CB59EAE3E963CE] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1035\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1036
2018-04-02 19:36 - 2018-04-02 19:36 - 000156440 ____N [7BBE5ABC6BEA511D2F1BC3AAD0375839] () C:\26a002b44142e2a570443f35e7a340\1036\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000086914 ____N [22F09B1C83130D4C058A794B9E4268AF] () C:\26a002b44142e2a570443f35e7a340\1036\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000031040 ____N [EABE668BF36A1EF4A1BFDB09FB7D7E6C] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1036\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1037
2018-04-02 19:36 - 2018-04-02 19:36 - 000146392 ____N [3BE1992CD2E4D9CA5D89621F25559378] () C:\26a002b44142e2a570443f35e7a340\1037\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000077616 ____N [0A69033B2ABF83D2054076105C18F2F3] () C:\26a002b44142e2a570443f35e7a340\1037\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000028480 ____N [5BD12F7AA3C014AEF1424624BEA7A583] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1037\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1038
2018-04-02 19:36 - 2018-04-02 19:36 - 000158420 ____N [293E0D15A4C1BEE5B9780C2A1874664E] () C:\26a002b44142e2a570443f35e7a340\1038\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000085746 ____N [9F53428893FB832B79B5ECE1C4EF51F7] () C:\26a002b44142e2a570443f35e7a340\1038\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000031040 ____N [6096C23C2A5810736122A0CBA8FE4F28] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1038\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1040
2018-04-02 19:36 - 2018-04-02 19:36 - 000147275 ____N [67A9F0946D135A41E51D90220C0C8C67] () C:\26a002b44142e2a570443f35e7a340\1040\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000084758 ____N [74BF52FD98A259ACFFE4E73B04AD4574] () C:\26a002b44142e2a570443f35e7a340\1040\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030536 ____N [9AE34118F6AFAA8556C2CA80734575D3] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1040\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1041
2018-04-02 19:36 - 2018-04-02 19:36 - 000155616 ____N [D3F251C6FCF02EA716013D9AA8300AAE] () C:\26a002b44142e2a570443f35e7a340\1041\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000074068 ____N [0C5B4D8338EF972A0D411A437C650038] () C:\26a002b44142e2a570443f35e7a340\1041\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000026944 ____N [2D6C3EA27B58047C2A23ADE1C69C6260] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1041\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1042
2018-04-02 19:36 - 2018-04-02 19:36 - 000259432 ____N [BC276E5145DB5CA24127CB921C5E2808] () C:\26a002b44142e2a570443f35e7a340\1042\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000072368 ____N [34603AF0C03C284F58542D1E0D559AC6] () C:\26a002b44142e2a570443f35e7a340\1042\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000026432 ____N [2CAE2C2EB3D578693D1298D00E744224] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1042\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1043
2018-04-02 19:36 - 2018-04-02 19:36 - 000137812 ____N [44A3F631D72D0253913344A6451C9C04] () C:\26a002b44142e2a570443f35e7a340\1043\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000084344 ____N [D320287DB2ADADA1D34C2EA9934A1AAB] () C:\26a002b44142e2a570443f35e7a340\1043\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000031048 ____N [395170A73A1C14D494740AD3C69C645A] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1043\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1044
2018-04-02 19:36 - 2018-04-02 19:36 - 000148376 ____N [9E163591854612B03E48DC660157778A] () C:\26a002b44142e2a570443f35e7a340\1044\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000083860 ____N [33D28A6DB915C727A30ABD5FD4B98B78] () C:\26a002b44142e2a570443f35e7a340\1044\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000029504 ____N [957DFE8DE7DC212704BAF9AE8E3CE555] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1044\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1045
2018-04-02 19:36 - 2018-04-02 19:36 - 000151635 ____N [AB648E920DC59FB45DD2F9FD9022395F] () C:\26a002b44142e2a570443f35e7a340\1045\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000086776 ____N [679919134BD90B2992A82EF0FD25BB84] () C:\26a002b44142e2a570443f35e7a340\1045\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030528 ____N [83671A02F05FDB271C6391A22B82B445] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1045\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1046
2018-04-02 19:36 - 2018-04-02 19:36 - 000137226 ____N [38D9C6729A26CE70A4C1FDCDF713330C] () C:\26a002b44142e2a570443f35e7a340\1046\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000083644 ____N [084F75F2AA48151487B3E4FC35BDB4EA] () C:\26a002b44142e2a570443f35e7a340\1046\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030016 ____N [AAF52770F33F92941C1F51861B569F71] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1046\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1049
2018-04-02 19:36 - 2018-04-02 19:36 - 000188741 ____N [2DC63EF2D9079C2035E938A163E01654] () C:\26a002b44142e2a570443f35e7a340\1049\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000085334 ____N [36827D02F4AEFE62B6399BAEE0440D61] () C:\26a002b44142e2a570443f35e7a340\1049\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030528 ____N [572461BD452E1C6B35ADD669EE0B737D] (Корпорация Майкрософт) C:\26a002b44142e2a570443f35e7a340\1049\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1053
2018-04-02 19:36 - 2018-04-02 19:36 - 000149236 ____N [8CA89FAFA113BDCA3DFB5A141E206B84] () C:\26a002b44142e2a570443f35e7a340\1053\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000082488 ____N [64CBC05BD2920C4DBEA44C66F4BBDBB7] () C:\26a002b44142e2a570443f35e7a340\1053\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030016 ____N [0CB55319697BDD27C1DEF2D3A0F29FF0] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1053\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\1055
2018-04-02 19:36 - 2018-04-02 19:36 - 000140171 ____N [3414258B3034783490A8BA099B2DAB25] () C:\26a002b44142e2a570443f35e7a340\1055\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000082458 ____N [AEC5CE346CF4627EDA59632477F56641] () C:\26a002b44142e2a570443f35e7a340\1055\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030024 ____N [F63EBCAC5BC43564803BAD12CFF5272F] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\1055\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\2052
2018-04-02 19:36 - 2018-04-02 19:36 - 000146273 ____N [FD7FADA8C96C3CDD1B3B411F4FBF483D] () C:\26a002b44142e2a570443f35e7a340\2052\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000068160 ____N [C3AF1BFD755FE3EB5E14EFCE645E2AE1] () C:\26a002b44142e2a570443f35e7a340\2052\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000025408 ____N [56110B7DB85703CDAFA8745CBD90778C] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\2052\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\2070
2018-04-02 19:36 - 2018-04-02 19:36 - 000147662 ____N [FE8360F7B19F7869E6492990DBF85F78] () C:\26a002b44142e2a570443f35e7a340\2070\eula.rtf
2018-04-02 19:52 - 2018-04-02 19:52 - 000085284 ____N [312C4E86F121D86005D1A2BAC2D5405A] () C:\26a002b44142e2a570443f35e7a340\2070\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030536 ____N [E00A04601F1D04F999980AA977A61C86] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\2070\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\3082
2018-04-02 19:36 - 2018-04-02 19:36 - 000129883 ____N [0F3C263C53AFADA86D3992BFCD7D91E5] () C:\26a002b44142e2a570443f35e7a340\3082\eula.rtf
2018-04-02 19:51 - 2018-04-02 19:51 - 000084564 ____N [A42ECA4C40EC39DAEAE7227E6F18ECC7] () C:\26a002b44142e2a570443f35e7a340\3082\LocalizedData.xml
2018-03-21 07:35 - 2018-03-21 07:35 - 000030536 ____N [148544301C6B041782956FFCA0FE5D8E] (Microsoft Corporation) C:\26a002b44142e2a570443f35e7a340\3082\SetupResources.dll
2018-05-09 19:31 - 2018-05-09 19:31 - 000000000 ____D [00000000000000000000000000000000] () C:\26a002b44142e2a570443f35e7a340\Graphics
2018-04-02 19:37 - 2018-04-02 19:37 - 000126132 ____N [D39BAD9DDA7B91613CB29B6BD55F0901] () C:\26a002b44142e2a570443f35e7a340\Graphics\Print.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143901 ____N [9B70C7FA81DCA6D3B992037D0C251D92] () C:\26a002b44142e2a570443f35e7a340\Graphics\Rotate1.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143932 ____N [0CCA04A3468575FDCEFEE9957E32F904] () C:\26a002b44142e2a570443f35e7a340\Graphics\Rotate10.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000144110 ____N [F824905E5501603E6720B784ADD71BDD] () C:\26a002b44142e2a570443f35e7a340\Graphics\Rotate2.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000144151 ____N [0ADE6BE0DF29400E5534AA71ABFA03F6] () C:\26a002b44142e2a570443f35e7a340\Graphics\Rotate3.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000144033 ____N [267B198FEF022D3B1D44CCA7FE589373] () C:\26a002b44142e2a570443f35e7a340\Graphics\Rotate4.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143871 ____N [25F0D572761CB610BDAD6DD980C46CC7] () C:\26a002b44142e2a570443f35e7a340\Graphics\Rotate5.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143881 ____N [5AC2B8E1A766C204F996D9CE33FB3DB4] () C:\26a002b44142e2a570443f35e7a340\Graphics\Rotate6.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000144084 ____N [B4947D242AB4A902031FCD1FFD3A56CD] () C:\26a002b44142e2a570443f35e7a340\Graphics\Rotate7.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143835 ____N [E7A252C763CE259F800183FD9DD1F512] () C:\26a002b44142e2a570443f35e7a340\Graphics\Rotate8.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000144064 ____N [8853DA1F831CAE28E59D45F5E51885AC] () C:\26a002b44142e2a570443f35e7a340\Graphics\Rotate9.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000126548 ____N [C66BBE8F84496EF85F7AF6BED5212CEC] () C:\26a002b44142e2a570443f35e7a340\Graphics\Save.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000126246 ____N [6125F32AA97772AFDFF2649BD403419B] () C:\26a002b44142e2a570443f35e7a340\Graphics\Setup.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000190199 ____N [7D1BCCCE4F2EE7C824C6304C4A2F9736] () C:\26a002b44142e2a570443f35e7a340\Graphics\stop.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000136313 ____N [889472312E724195D7B946EECAEA20C1] () C:\26a002b44142e2a570443f35e7a340\Graphics\SysReqMet.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000143990 ____N [ECA24331CE0850D188BD2EB5C22DE684] () C:\26a002b44142e2a570443f35e7a340\Graphics\SysReqNotMet.ico
2018-04-02 19:37 - 2018-04-02 19:37 - 000199341 ____N [C8824EA3CE0A54FF1E89F8A296B4E64B] () C:\26a002b44142e2a570443f35e7a340\Graphics\warn.ico

====== End of Folder: ======

"HKU\S-1-5-21-2280483659-30636890-3053837617-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c654601-203e-11e8-b1d1-1c659df7a1b6}" => removed successfully
HKLM\Software\Classes\CLSID\{5c654601-203e-11e8-b1d1-1c659df7a1b6} => not found
"HKU\S-1-5-21-2280483659-30636890-3053837617-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc99ce9d-8375-11e4-a8a5-1c659df7a1b6}" => removed successfully
HKLM\Software\Classes\CLSID\{cc99ce9d-8375-11e4-a8a5-1c659df7a1b6} => not found
"HKLM\System\CurrentControlSet\Services\MpKsl788e1b3f" => removed successfully
MpKsl788e1b3f => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{180CF518-423C-43A6-ADC5-BCFA2E69DF02}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{180CF518-423C-43A6-ADC5-BCFA2E69DF02}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30772C16-73D8-4D4E-AA32-ED196941DAC1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30772C16-73D8-4D4E-AA32-ED196941DAC1}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{505CA976-F056-4749-874E-B6E35EB0C7F4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{505CA976-F056-4749-874E-B6E35EB0C7F4}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-5d => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully

=========== "C:\Program Files (x86)\*.tmp" ==========

C:\Program Files (x86)\GUTCD1F.tmp => moved successfully

========= End -> "C:\Program Files (x86)\*.tmp" ========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34139828 B
Java, Flash, Steam htmlcache => 1043 B
Windows/system/drivers => 391414716 B
Edge => 0 B
Chrome => 0 B
Firefox => 385695575 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 47704584 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66356 B
LocalService => 39542 B
NetworkService => 36949100 B
Kuratko => 2335627 B
Hasbend => 212513 B
Guest => 47777942 B

RecycleBin => 1806894403 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:52:01 ====
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomaly system, pomale nacitani prohlizece

#8 Příspěvek od Conder »

:arrow: Nevadi. Ako to momentalne vyzera s PC? Nastala nejaka zmena, su este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Cervotoc
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 06 kvě 2008 23:36

Re: Pomaly system, pomale nacitani prohlizece

#9 Příspěvek od Cervotoc »

Otestovali jsme to (pravda, delší dobu) a pořád je problém. Systém občas zamrzne, nereaguje, pak se rozběhne. Bylo by možné se na to ještě podívat?
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomaly system, pomale nacitani prohlizece

#10 Příspěvek od Conder »

:arrow: Urob v MBAM uplny sken
  • Stiahni a nainstaluj Malwarebytes (MBAM): https://www.malwarebytes.com/mwb-download/thankyou/
  • Ignoruj skusobnu trial verziu
  • Otvor MBAM a vlavo klikni na "Skenovat"
  • Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
  • Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
  • Klikni na Skenovat teraz a pockaj na dokoncenie
  • Po dokonceni klikni na Exportovat zhrnutie -> Textovy subor, zadaj nejaky nazov suboru a uloz na plochu
  • Obsah tohto suboru sem skopiruj
  • Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Cervotoc
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 06 kvě 2008 23:36

Re: Pomaly system, pomale nacitani prohlizece

#11 Příspěvek od Cervotoc »

Tak po několikátém, několikahodinovém pokusu o provedení scanu jsem to vzdal. MBAM se buď vůbec nespustí a pokud dokončí scan (což se podařilo jednou), tak spadne... :roll:
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomaly system, pomale nacitani prohlizece

#12 Příspěvek od Conder »

:arrow: Vyskusaj spusit sken v nudzovom rezime. https://support.microsoft.com/help/1237 ... -safe-mode
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Cervotoc
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 06 kvě 2008 23:36

Re: Pomaly system, pomale nacitani prohlizece

#13 Příspěvek od Cervotoc »

Omlouvám se, že jsem si tenhle zakladní postup neuvědomil. Log níže:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 13.06.18
Čas skenování: 21:23
Logovací soubor: 4772a027-6f3f-11e8-a806-000000000000.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.374
Aktualizovat verzi balíku komponent: 1.0.5462
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Kuratko-PC\Kuratko

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 326778
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 5 hod, 23 min, 59 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Pomaly system, pomale nacitani prohlizece

#14 Příspěvek od Conder »

:arrow: Ziadny problem. Kazdopadne vyzera to, ze problem nebude sposobeny malwarom. Zatial skus v normalnom rezime nasledujuce:

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
:arrow: Posli nove aktualne FRST logy (bez FRSTLauncheru).
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Cervotoc
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 06 kvě 2008 23:36

Re: Pomaly system, pomale nacitani prohlizece

#15 Příspěvek od Cervotoc »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by Kuratko (administrator) on KURATKO-PC (17-06-2018 11:19:55)
Running from C:\Users\Kuratko\Desktop
Loaded Profiles: Kuratko & (Available Profiles: Kuratko & Hasbend & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(O2Micro International) C:\Windows\System32\o2flash.exe
() C:\Windows\SysWOW64\srvany.exe
(O2Micro.) C:\Windows\SysWOW64\SDIOAssist.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] ()
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [6492672 2011-01-18] (Dell Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2280483659-30636890-3053837617-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334528 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-2280483659-30636890-3053837617-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [575952 2018-02-02] (ZONER software)
HKU\S-1-5-21-2280483659-30636890-3053837617-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06172018111825872\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334528 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-2280483659-30636890-3053837617-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06172018111825872\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [575952 2018-02-02] (ZONER software)
HKU\S-1-5-21-2280483659-30636890-3053837617-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06172018111827244\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [575952 2018-02-02] (ZONER software)
HKU\S-1-5-21-2280483659-30636890-3053837617-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06172018111827244\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\Kuratko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2015-01-12]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9566151D-266C-4FF5-B7C2-EAF2AA87BC2D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B0F31A8E-66B5-4943-9A49-0AC5EDBD2494}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\Kuratko\AppData\Roaming\Mozilla\Firefox\Profiles\domv9q8u.default [2018-06-17]
FF Homepage: Mozilla\Firefox\Profiles\domv9q8u.default -> http://www.google.com
FF Extension: (Adblock Plus) - C:\Users\Kuratko\AppData\Roaming\Mozilla\Firefox\Profiles\domv9q8u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-17]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\Kuratko\AppData\Roaming\Mozilla\Firefox\Profiles\domv9q8u.default\features\{2aaa45e8-ff5f-4ccd-a5f4-53d46217c8a8}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-06-14] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-07] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-12-29] (Foxit Software Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
R2 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5839872 2011-01-18] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-06-14] (Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-14] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112872 2018-06-17] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-17] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94840 2018-06-17] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-17 11:19 - 2018-06-17 11:23 - 000012440 _____ C:\Users\Kuratko\Desktop\FRST.txt
2018-06-17 11:19 - 2018-06-17 11:19 - 000000000 ____D C:\Users\Kuratko\Desktop\FRST-OlderVersion
2018-06-14 23:45 - 2018-06-14 23:45 - 000053321 _____ C:\Users\Kuratko\Desktop\sfcdetails.txt
2018-06-14 17:17 - 2018-06-14 17:29 - 000000000 ____D C:\Users\Hasbend\AppData\Local\CrashDumps
2018-06-14 09:57 - 2018-06-17 11:17 - 000112872 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-06-14 09:57 - 2018-06-17 11:17 - 000094840 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-06-14 09:57 - 2018-06-17 11:17 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-14 09:57 - 2018-06-14 09:57 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-06-13 20:09 - 2018-06-14 05:38 - 000222854 _____ C:\Windows\ntbtlog.txt
2018-06-09 22:21 - 2018-06-17 11:17 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-09 22:21 - 2018-06-14 09:56 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-09 22:21 - 2018-06-09 22:21 - 000001874 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-06-09 22:21 - 2018-06-09 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-09 22:21 - 2018-06-09 22:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-09 22:21 - 2018-06-09 22:21 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-24 23:24 - 2018-06-17 11:19 - 000000000 ____D C:\FRST
2018-05-23 20:38 - 2018-05-23 20:39 - 000000000 ____D C:\AdwCleaner
2018-05-23 20:37 - 2018-05-23 20:37 - 007271632 _____ (Malwarebytes) C:\Users\Kuratko\Desktop\adwcleaner_7.1.1.exe
2018-05-22 23:00 - 2018-06-17 11:19 - 002413056 _____ (Farbar) C:\Users\Kuratko\Desktop\FRST64.exe
2018-05-22 22:57 - 2018-05-22 22:57 - 000000000 ____D C:\rsit
2018-05-22 22:57 - 2018-05-22 22:57 - 000000000 ____D C:\Program Files\trend micro
2018-05-22 22:28 - 2018-05-22 22:28 - 001222144 _____ C:\Users\Kuratko\Desktop\RSITx64.exe
2018-05-18 21:06 - 2018-05-19 21:40 - 000000000 ____D C:\Users\Kuratko\Desktop\happy foto vyber

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-17 11:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-17 11:14 - 2009-07-14 07:13 - 000790882 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-17 11:11 - 2017-08-30 13:36 - 000000000 ____D C:\Users\Kuratko\AppData\Local\CrashDumps
2018-06-17 10:45 - 2009-07-14 06:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-17 10:45 - 2009-07-14 06:45 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-17 10:43 - 2018-05-15 22:32 - 000000000 ____D C:\Program Files\CCleaner
2018-06-17 10:37 - 2016-11-21 21:45 - 000000000 ____D C:\Users\Kuratko\AppData\LocalLow\Mozilla
2018-06-17 10:34 - 2014-10-12 21:59 - 000000000 ____D C:\Users\Kuratko
2018-06-15 11:58 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-06-14 18:18 - 2016-12-29 20:51 - 000000000 ____D C:\Users\Hasbend\AppData\LocalLow\Mozilla
2018-06-14 17:22 - 2009-07-14 07:08 - 000032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-06-14 09:53 - 2016-12-29 20:50 - 000120728 _____ C:\Users\Hasbend\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-13 20:03 - 2018-05-15 22:32 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-13 20:03 - 2018-05-15 22:32 - 000002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-09 21:22 - 2016-11-19 14:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-06-09 21:22 - 2014-10-12 22:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-07 20:37 - 2018-03-13 21:37 - 000004470 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-07 20:37 - 2014-10-13 20:44 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-07 20:37 - 2014-10-13 20:44 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-07 20:37 - 2014-10-13 20:44 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-06-07 20:37 - 2014-10-13 12:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-06-07 20:37 - 2014-10-13 12:54 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-31 21:39 - 2016-12-29 20:50 - 000000000 ____D C:\Users\Hasbend
2018-05-22 22:45 - 2015-01-12 00:08 - 000000000 ____D C:\Users\Kuratko\AppData\Local\GHISLER
2018-05-22 21:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-05-19 19:57 - 2018-05-16 14:02 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-19 19:57 - 2018-05-16 14:02 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2017-10-03 08:49 - 2017-10-03 08:49 - 000180736 _____ () C:\Users\Kuratko\AppData\Local\TempPrihlaska-do-kroužku-Mihalík Šimon-1001 klub dětí a maminek I. Mikulov.xls

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-10 21:59

==================== End of FRST.txt ============================
Přílohy
sfcdetails.zip
(3.29 KiB) Staženo 41 x
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“