Dobrý den,
mám problém se startem počítače a nejsem si jistý, jestli jde o problém s HW nebo jestli se jedná o virus.
Při stratu se objevuje bílá obrazovka nebo počítač spadne do spánkového režimu.
Přikládám FRST log.
Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by Dan (administrator) on DAN-PC (09-09-2018 15:28:34)
Running from G:\PROGRAMY
Loaded Profiles: Dan (Available Profiles: Dan)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(Dell Inc.) C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
(Dell Inc.) C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr64.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\pcdrwi.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe [424448 2007-05-06] (SigmaTel, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178504 2018-07-25] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\MountPoints2: {4be4e01f-8134-11e8-a708-001aa0ad2fdb} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2018-07-06]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 100.100.100.1 0.0.0.0
Tcpip\..\Interfaces\{DA9DCABD-9F01-4DA9-BC91-C1DB42FA9DE8}: [DhcpNameServer] 100.100.100.1 0.0.0.0
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-23] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: fifkgai9.default
FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default [2018-09-09]
FF Homepage: Mozilla\Firefox\Profiles\fifkgai9.default -> hxxps://mail.google.com/mail/u/0/#inbox
FF Session Restore: Mozilla\Firefox\Profiles\fifkgai9.default -> is enabled.
FF Extension: (To Google Translate) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-07]
FF Extension: (Screengrab!) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2018-07-06]
FF Extension: (HTML Validator) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}.xpi [2018-07-06]
FF Extension: (Web Developer) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2018-07-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-09-01] ()
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-09-01] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-06] (NVIDIA Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 dcevt64; C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe [222168 2011-01-21] (Dell Inc.)
R2 dcstor64; C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr64.exe [293336 2011-01-21] (Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe [935744 2018-07-16] (PC-Doctor, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [4175928 2017-02-15] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\system32\STacSV64.exe [112128 2007-05-06] (SigmaTel, Inc.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45016 2018-07-08] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2010-11-25] (Dell Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-25] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109920 2018-07-25] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-07-25] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50144 2018-07-25] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-07-25] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61552 2018-07-25] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [110376 2018-07-25] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-07-12] (Malwarebytes)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193256 2018-09-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [117472 2018-09-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [52328 2018-09-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [98616 2018-09-09] (Malwarebytes)
R3 STHDA; C:\Windows\System32\drivers\stwrt64.sys [388096 2007-05-06] (SigmaTel, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-09 15:28 - 2018-09-09 15:28 - 000000000 ____D C:\FRST
2018-09-09 12:40 - 2018-09-09 14:12 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-09-09 12:40 - 2018-09-09 14:11 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-09-09 12:40 - 2018-09-09 12:40 - 000001409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-09-09 12:40 - 2018-09-09 12:40 - 000001397 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-09-09 12:40 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2018-09-09 12:28 - 2018-09-09 12:28 - 000000000 ____D C:\Users\Dan\AppData\Local\mbam
2018-09-09 12:27 - 2018-09-09 15:24 - 000098616 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-09-09 12:27 - 2018-09-09 14:10 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-09 12:27 - 2018-09-09 14:10 - 000117472 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-09-09 12:27 - 2018-09-09 14:10 - 000052328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-09-09 12:27 - 2018-09-09 12:27 - 000193256 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-09-09 12:27 - 2018-09-09 12:27 - 000001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-09 12:27 - 2018-09-09 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-09 12:27 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-09 12:26 - 2018-09-09 12:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-09 12:26 - 2018-09-09 12:26 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-09 09:14 - 2018-09-09 09:16 - 000960592 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-06 16:59 - 2018-09-06 17:44 - 000029338 _____ C:\Users\Dan\Documents\rodina_Málkova.cdr
2018-09-06 16:59 - 2018-09-06 16:59 - 000063227 _____ C:\Users\Dan\Documents\Backup_of_rodina_Málkova.cdr
2018-09-06 15:24 - 2018-09-06 15:24 - 000235669 _____ C:\Users\Dan\Documents\Zadost_o_vraceni_RO.pdf
2018-09-01 23:07 - 2018-09-01 23:07 - 000000000 ____D C:\Users\Dan\AppData\Local\CrashDumps
2018-09-01 11:24 - 2018-09-09 09:39 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-01 11:24 - 2018-09-01 11:24 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-01 11:24 - 2018-09-01 11:24 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-01 11:24 - 2018-09-01 11:24 - 000004520 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-01 11:24 - 2018-09-01 11:24 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-09-01 11:24 - 2018-09-01 11:24 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-01 11:24 - 2018-09-01 11:24 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Macromedia
2018-09-01 10:06 - 2018-09-03 01:22 - 000000000 ____D C:\Users\Dan\AppData\Roaming\AIMP
2018-09-01 10:06 - 2018-09-01 10:06 - 000000895 _____ C:\Users\Public\Desktop\AIMP.lnk
2018-09-01 10:06 - 2018-09-01 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2018-09-01 10:05 - 2018-09-01 10:06 - 000000000 ____D C:\Program Files (x86)\AIMP
2018-08-28 13:26 - 2018-08-28 13:26 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt
2018-08-14 19:21 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-14 19:21 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-14 19:21 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-14 19:21 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-14 19:21 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-14 19:21 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-14 19:21 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-14 19:21 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-14 19:21 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-14 19:21 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-14 19:21 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-14 19:21 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-14 19:21 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 19:21 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-14 19:21 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-14 19:21 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-14 19:21 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-14 19:21 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-14 19:21 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-14 19:21 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-14 19:21 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-14 19:21 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-14 19:21 - 2018-07-20 01:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-14 19:21 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-14 19:21 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-14 19:21 - 2018-07-19 06:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-14 19:21 - 2018-07-19 06:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-14 19:21 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-14 19:21 - 2018-07-19 06:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-14 19:21 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-14 19:21 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-14 19:21 - 2018-07-19 06:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-14 19:21 - 2018-07-19 06:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-14 19:21 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-14 19:21 - 2018-07-19 06:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-14 19:21 - 2018-07-19 06:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-14 19:21 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-14 19:21 - 2018-07-19 06:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-14 19:21 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-14 19:21 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-14 19:21 - 2018-07-19 06:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-14 19:21 - 2018-07-19 06:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-14 19:21 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-14 19:21 - 2018-07-19 06:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-14 19:21 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-14 19:21 - 2018-07-19 06:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-14 19:21 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-14 19:21 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-14 19:21 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-14 19:21 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-14 19:21 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-14 19:21 - 2018-07-19 06:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-14 19:21 - 2018-07-19 06:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-14 19:21 - 2018-07-19 05:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-14 19:21 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-14 19:21 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-14 19:21 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-14 19:21 - 2018-07-19 05:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-14 19:21 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-14 19:21 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-14 19:21 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-14 19:21 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-14 19:21 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-14 19:21 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-14 19:21 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-14 19:21 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-14 19:21 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-14 19:21 - 2018-07-19 05:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-14 19:21 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-14 19:21 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-14 19:21 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-14 19:21 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-14 19:21 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-14 19:21 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-14 19:21 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-14 19:21 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-14 19:21 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-14 19:21 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-14 19:21 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-14 19:21 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-14 19:21 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-14 19:21 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-14 19:21 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-14 19:21 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-14 19:21 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-14 19:21 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-14 19:21 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-14 19:21 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-14 19:21 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-14 19:21 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-14 19:21 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-14 19:21 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-14 19:21 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-14 19:21 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-14 19:21 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-14 19:21 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-14 19:21 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-14 19:21 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-14 19:21 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-14 19:21 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-14 19:21 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-14 19:21 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-14 19:21 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-14 19:21 - 2018-06-29 17:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-14 19:21 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-14 19:21 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-14 19:21 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-14 19:21 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-14 19:21 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-14 19:21 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-14 19:21 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-14 19:21 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-14 19:21 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-09 14:18 - 2009-07-14 06:45 - 000018272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-09 14:18 - 2009-07-14 06:45 - 000018272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-09 14:15 - 2009-07-14 17:18 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-09-09 14:15 - 2009-07-14 17:18 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-09-09 14:15 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-09 14:15 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-09 14:14 - 2018-07-06 15:12 - 000000000 ____D C:\Users\Dan\AppData\LocalLow\Mozilla
2018-09-09 14:10 - 2018-07-06 15:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-09 14:10 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-09 12:26 - 2018-07-06 14:48 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-09 11:55 - 2018-07-06 18:06 - 000000000 ____D C:\Users\Dan\AppData\Local\ElevatedDiagnostics
2018-09-09 01:07 - 2018-07-06 18:26 - 000000000 ____D C:\Users\Dan\AppData\Roaming\vlc
2018-09-08 20:53 - 2018-07-06 23:25 - 000000000 ____D C:\Users\Dan\AppData\Roaming\uTorrent
2018-09-08 18:45 - 2018-07-23 18:21 - 000000148 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-09-08 09:10 - 2018-07-06 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-07 10:36 - 2018-07-06 15:11 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-07 10:36 - 2018-07-06 15:11 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-07 10:36 - 2018-07-06 15:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-05 22:59 - 2018-07-06 20:14 - 000004208 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-09-05 14:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-09-04 06:47 - 2018-07-13 17:12 - 000000000 ____D C:\Users\Dan\AppData\Roaming\XnViewMP
2018-09-03 13:55 - 2018-07-06 18:26 - 000000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-01 11:24 - 2018-07-06 15:56 - 000000000 ____D C:\Users\Dan\AppData\Local\Adobe
2018-08-16 12:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-08-14 21:03 - 2018-07-06 14:49 - 000000000 ____D C:\Windows\system32\MRT
2018-08-14 20:59 - 2018-07-06 16:59 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Files in the root of some directories =======
2018-07-07 13:32 - 2018-07-07 13:32 - 000000033 _____ () C:\Users\Dan\AppData\Roaming\AdobeWLCMCache.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-05 09:17
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém při startu Windows
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Problém při startu Windows
Ahoj 
Program Spybot - Search & Destroy je uz zastaraly, odporucam ho odinstalovat. Navyse je tam uz nainstalovany ESET, co je kvalitny AV.
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Program Spybot - Search & Destroy je uz zastaraly, odporucam ho odinstalovat. Navyse je tam uz nainstalovany ESET, co je kvalitny AV. Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Problém při startu Windows
AdwCleaner jsem spustil podle instrukci, ale po spuštění oprav a léčení program vždy spadne.
Vkládám výsledky skenování:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-09-2018
# Duration: 00:00:15
# OS: Windows 7 Professional
# Scanned: 41889
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
AdwCleaner jsem spustil podle instrukcí, ale při
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [1257 octets] - [09/09/2018 18:16:45]
AdwCleaner_Debug.log - [37968 octets] - [09/09/2018 18:19:28]
AdwCleaner[S01].txt - [1380 octets] - [09/09/2018 18:19:44]
AdwCleaner[S02].txt - [1442 octets] - [09/09/2018 18:27:35]
AdwCleaner[S03].txt - [1503 octets] - [09/09/2018 18:30:05]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########
Vkládám výsledky skenování:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-09-2018
# Duration: 00:00:15
# OS: Windows 7 Professional
# Scanned: 41889
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
AdwCleaner jsem spustil podle instrukcí, ale při
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [1257 octets] - [09/09/2018 18:16:45]
AdwCleaner_Debug.log - [37968 octets] - [09/09/2018 18:19:28]
AdwCleaner[S01].txt - [1380 octets] - [09/09/2018 18:19:44]
AdwCleaner[S02].txt - [1442 octets] - [09/09/2018 18:27:35]
AdwCleaner[S03].txt - [1503 octets] - [09/09/2018 18:30:05]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########
Re: Problém při startu Windows
Skus AdwCleaner este raz v nudzovom rezime. Ak to ani tam nepojde, tak v normalnom rezime vytvor a posli obidva nove logy z FRST (FRST.txt a Addition.txt). Posli aj log C:\AdwCleaner\Logs\AdwCleaner_Debug.logAbsolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Problém při startu Windows
Zde jsou logy FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by Dan (administrator) on DAN-PC (09-09-2018 15:28:34)
Running from G:\PROGRAMY
Loaded Profiles: Dan (Available Profiles: Dan)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(Dell Inc.) C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
(Dell Inc.) C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr64.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\pcdrwi.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe [424448 2007-05-06] (SigmaTel, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178504 2018-07-25] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\MountPoints2: {4be4e01f-8134-11e8-a708-001aa0ad2fdb} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2018-07-06]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 100.100.100.1 0.0.0.0
Tcpip\..\Interfaces\{DA9DCABD-9F01-4DA9-BC91-C1DB42FA9DE8}: [DhcpNameServer] 100.100.100.1 0.0.0.0
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-23] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: fifkgai9.default
FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default [2018-09-09]
FF Homepage: Mozilla\Firefox\Profiles\fifkgai9.default -> hxxps://mail.google.com/mail/u/0/#inbox
FF Session Restore: Mozilla\Firefox\Profiles\fifkgai9.default -> is enabled.
FF Extension: (To Google Translate) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-07]
FF Extension: (Screengrab!) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2018-07-06]
FF Extension: (HTML Validator) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}.xpi [2018-07-06]
FF Extension: (Web Developer) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2018-07-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-09-01] ()
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-09-01] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-06] (NVIDIA Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 dcevt64; C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe [222168 2011-01-21] (Dell Inc.)
R2 dcstor64; C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr64.exe [293336 2011-01-21] (Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe [935744 2018-07-16] (PC-Doctor, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [4175928 2017-02-15] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\system32\STacSV64.exe [112128 2007-05-06] (SigmaTel, Inc.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45016 2018-07-08] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2010-11-25] (Dell Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-25] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109920 2018-07-25] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-07-25] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50144 2018-07-25] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-07-25] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61552 2018-07-25] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [110376 2018-07-25] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-07-12] (Malwarebytes)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193256 2018-09-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [117472 2018-09-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [52328 2018-09-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [98616 2018-09-09] (Malwarebytes)
R3 STHDA; C:\Windows\System32\drivers\stwrt64.sys [388096 2007-05-06] (SigmaTel, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-09 15:28 - 2018-09-09 15:28 - 000000000 ____D C:\FRST
2018-09-09 12:40 - 2018-09-09 14:12 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-09-09 12:40 - 2018-09-09 14:11 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-09-09 12:40 - 2018-09-09 12:40 - 000001409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-09-09 12:40 - 2018-09-09 12:40 - 000001397 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-09-09 12:40 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2018-09-09 12:28 - 2018-09-09 12:28 - 000000000 ____D C:\Users\Dan\AppData\Local\mbam
2018-09-09 12:27 - 2018-09-09 15:24 - 000098616 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-09-09 12:27 - 2018-09-09 14:10 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-09 12:27 - 2018-09-09 14:10 - 000117472 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-09-09 12:27 - 2018-09-09 14:10 - 000052328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-09-09 12:27 - 2018-09-09 12:27 - 000193256 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-09-09 12:27 - 2018-09-09 12:27 - 000001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-09 12:27 - 2018-09-09 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-09 12:27 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-09 12:26 - 2018-09-09 12:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-09 12:26 - 2018-09-09 12:26 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-09 09:14 - 2018-09-09 09:16 - 000960592 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-06 16:59 - 2018-09-06 17:44 - 000029338 _____ C:\Users\Dan\Documents\rodina_Málkova.cdr
2018-09-06 16:59 - 2018-09-06 16:59 - 000063227 _____ C:\Users\Dan\Documents\Backup_of_rodina_Málkova.cdr
2018-09-06 15:24 - 2018-09-06 15:24 - 000235669 _____ C:\Users\Dan\Documents\Zadost_o_vraceni_RO.pdf
2018-09-01 23:07 - 2018-09-01 23:07 - 000000000 ____D C:\Users\Dan\AppData\Local\CrashDumps
2018-09-01 11:24 - 2018-09-09 09:39 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-01 11:24 - 2018-09-01 11:24 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-01 11:24 - 2018-09-01 11:24 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-01 11:24 - 2018-09-01 11:24 - 000004520 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-01 11:24 - 2018-09-01 11:24 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-09-01 11:24 - 2018-09-01 11:24 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-01 11:24 - 2018-09-01 11:24 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Macromedia
2018-09-01 10:06 - 2018-09-03 01:22 - 000000000 ____D C:\Users\Dan\AppData\Roaming\AIMP
2018-09-01 10:06 - 2018-09-01 10:06 - 000000895 _____ C:\Users\Public\Desktop\AIMP.lnk
2018-09-01 10:06 - 2018-09-01 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2018-09-01 10:05 - 2018-09-01 10:06 - 000000000 ____D C:\Program Files (x86)\AIMP
2018-08-28 13:26 - 2018-08-28 13:26 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt
2018-08-14 19:21 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-14 19:21 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-14 19:21 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-14 19:21 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-14 19:21 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-14 19:21 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-14 19:21 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-14 19:21 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-14 19:21 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-14 19:21 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-14 19:21 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-14 19:21 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-14 19:21 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 19:21 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-14 19:21 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-14 19:21 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-14 19:21 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-14 19:21 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-14 19:21 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-14 19:21 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-14 19:21 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-14 19:21 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-14 19:21 - 2018-07-20 01:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-14 19:21 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-14 19:21 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-14 19:21 - 2018-07-19 06:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-14 19:21 - 2018-07-19 06:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-14 19:21 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-14 19:21 - 2018-07-19 06:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-14 19:21 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-14 19:21 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-14 19:21 - 2018-07-19 06:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-14 19:21 - 2018-07-19 06:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-14 19:21 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-14 19:21 - 2018-07-19 06:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-14 19:21 - 2018-07-19 06:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-14 19:21 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-14 19:21 - 2018-07-19 06:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-14 19:21 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-14 19:21 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-14 19:21 - 2018-07-19 06:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-14 19:21 - 2018-07-19 06:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-14 19:21 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-14 19:21 - 2018-07-19 06:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-14 19:21 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-14 19:21 - 2018-07-19 06:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-14 19:21 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-14 19:21 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-14 19:21 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-14 19:21 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-14 19:21 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-14 19:21 - 2018-07-19 06:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-14 19:21 - 2018-07-19 06:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-14 19:21 - 2018-07-19 05:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-14 19:21 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-14 19:21 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-14 19:21 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-14 19:21 - 2018-07-19 05:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-14 19:21 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-14 19:21 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-14 19:21 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-14 19:21 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-14 19:21 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-14 19:21 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-14 19:21 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-14 19:21 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-14 19:21 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-14 19:21 - 2018-07-19 05:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-14 19:21 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-14 19:21 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-14 19:21 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-14 19:21 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-14 19:21 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-14 19:21 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-14 19:21 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-14 19:21 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-14 19:21 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-14 19:21 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-14 19:21 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-14 19:21 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-14 19:21 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-14 19:21 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-14 19:21 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-14 19:21 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-14 19:21 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-14 19:21 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-14 19:21 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-14 19:21 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-14 19:21 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-14 19:21 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-14 19:21 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-14 19:21 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-14 19:21 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-14 19:21 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-14 19:21 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-14 19:21 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-14 19:21 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-14 19:21 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-14 19:21 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-14 19:21 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-14 19:21 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-14 19:21 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-14 19:21 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-14 19:21 - 2018-06-29 17:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-14 19:21 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-14 19:21 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-14 19:21 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-14 19:21 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-14 19:21 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-14 19:21 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-14 19:21 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-14 19:21 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-14 19:21 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-09 14:18 - 2009-07-14 06:45 - 000018272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-09 14:18 - 2009-07-14 06:45 - 000018272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-09 14:15 - 2009-07-14 17:18 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-09-09 14:15 - 2009-07-14 17:18 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-09-09 14:15 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-09 14:15 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-09 14:14 - 2018-07-06 15:12 - 000000000 ____D C:\Users\Dan\AppData\LocalLow\Mozilla
2018-09-09 14:10 - 2018-07-06 15:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-09 14:10 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-09 12:26 - 2018-07-06 14:48 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-09 11:55 - 2018-07-06 18:06 - 000000000 ____D C:\Users\Dan\AppData\Local\ElevatedDiagnostics
2018-09-09 01:07 - 2018-07-06 18:26 - 000000000 ____D C:\Users\Dan\AppData\Roaming\vlc
2018-09-08 20:53 - 2018-07-06 23:25 - 000000000 ____D C:\Users\Dan\AppData\Roaming\uTorrent
2018-09-08 18:45 - 2018-07-23 18:21 - 000000148 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-09-08 09:10 - 2018-07-06 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-07 10:36 - 2018-07-06 15:11 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-07 10:36 - 2018-07-06 15:11 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-07 10:36 - 2018-07-06 15:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-05 22:59 - 2018-07-06 20:14 - 000004208 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-09-05 14:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-09-04 06:47 - 2018-07-13 17:12 - 000000000 ____D C:\Users\Dan\AppData\Roaming\XnViewMP
2018-09-03 13:55 - 2018-07-06 18:26 - 000000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-01 11:24 - 2018-07-06 15:56 - 000000000 ____D C:\Users\Dan\AppData\Local\Adobe
2018-08-16 12:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-08-14 21:03 - 2018-07-06 14:49 - 000000000 ____D C:\Windows\system32\MRT
2018-08-14 20:59 - 2018-07-06 16:59 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Files in the root of some directories =======
2018-07-07 13:32 - 2018-07-07 13:32 - 000000033 _____ () C:\Users\Dan\AppData\Roaming\AdobeWLCMCache.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-05 09:17
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Dan (09-09-2018 15:29:06)
Running from G:\PROGRAMY
Windows 7 Professional Service Pack 1 (X64) (2018-07-06 12:28:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2513878808-783942235-2138259458-500 - Administrator - Disabled)
Dan (S-1-5-21-2513878808-783942235-2138259458-1000 - Administrator - Enabled) => C:\Users\Dan
Guest (S-1-5-21-2513878808-783942235-2138259458-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2513878808-783942235-2138259458-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2080, 07.07.2018 - AIMP DevTeam)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.9.2 - CrystalIDEA Software)
Dell Client Configuration Toolkit (HKLM-x32\...\{C8EA30FC-B20B-465E-9D8A-CDDC09EA72D4}) (Version: 2.0.1 - Dell)
Dell OpenManage Client Instrumentation (HKLM\...\{47F8D37E-D1F2-44E2-8920-40FAB519A624}) (Version: 8.0.1.150 - Dell)
Dell SupportAssist (HKLM\...\{4CB4741A-20C1-454E-8276-993D06A76D67}) (Version: 2.2.3.2 - Dell Inc.)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.23) (Version: 9.23 - Artifex Software Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
LibreOffice 6.0.5.2 (HKLM\...\{9645CDEF-085C-45F7-A3CD-B4B7046EF78C}) (Version: 6.0.5.2 - The Document Foundation)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 62.0 (x64 cs) (HKLM\...\Mozilla Firefox 62.0 (x64 cs)) (Version: 62.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.9 - F.J. Wechselberger)
NetSpot (HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\a6e43da6e76c5494) (Version: 2.8.1.600 - Etwok LLC)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA nView 148.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.47 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.84 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.84 - NVIDIA Corporation)
NVIDIA WMI 2.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.29.0 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.84 - NVIDIA Corporation) Hidden
SigmaTel Audio (HKLM-x32\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5102.0 - SigmaTel)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XnViewMP 0.90 (HKLM\...\XnViewMP_is1) (Version: 0.90 - Gougelet Pierre-e)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-09-01] (AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-06-30] ()
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-09-01] (AIMP DevTeam)
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2017-02-15] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-02-06] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BC9690E-2459-401B-AC2D-CC28F8CDFBB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-01] (Adobe Systems Incorporated)
Task: {11EB401D-F111-467F-9B33-AB71981B3616} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {2A368F58-5F46-4015-9A98-447F2ED0C0AC} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-07-08] (Dell Inc.)
Task: {8CD04490-DC81-4DB4-BE11-E6E8A54D2A0F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {AA7BE2D1-3D92-491B-B2A2-750003E5A90A} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2017-02-15] ()
Task: {AD7321E3-841E-447C-B510-8A31436CBD39} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {FDE8D1C8-745C-417D-8CC6-360BDFFF6CD4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-09-01] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-07-06 21:44 - 2017-02-06 23:32 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-06-30 14:51 - 2018-06-30 14:51 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-04-20 08:28 - 2018-04-20 08:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-09-09 12:27 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-09 12:27 - 2018-08-06 14:20 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-07-16 23:15 - 2018-07-16 23:15 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\libprotobuf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 100.100.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{093A559A-2E05-4A30-B171-CA9AC652C76F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3CBF6085-1152-4660-85E1-E16A9AED6841}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{532159F4-118F-4A92-B9F0-C6C1FCF73A1E}] => (Allow) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D269E5CA-7ADA-4385-B46D-9C7A46215B4D}] => (Allow) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
21-08-2018 19:10:09 Windows Update
26-08-2018 09:41:41 Windows Update
01-09-2018 09:22:41 Windows Update
04-09-2018 15:20:29 Windows Update
08-09-2018 09:25:54 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/04/2018 03:24:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dsm_sa_eventmgr64.exe, verze: 5.9.5.3801, časové razítko: 0x4d39fb5a
Název chybujícího modulu: dcsupt64.dll, verze: 5.9.5.696, časové razítko: 0x4d39fa4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004750
ID chybujícího procesu: 0x6fc
Čas spuštění chybující aplikace: 0x01d444518d853586
Cesta k chybující aplikaci: C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
Cesta k chybujícímu modulu: C:\Program Files\Dell\SysMgt\shared\bin\dcsupt64.dll
ID zprávy: c8df51cc-b045-11e8-823d-001aa0ad2fdb
Error: (09/04/2018 06:36:24 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[Vzdálený název nelze rozpoznat: 'downloads.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ v System.Net.HttpWebRequest.GetResponse()
v eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="6CWN13J" SMBIOSMajVer="2" SMBIOSMinVer="3" SMBIOSBIOSVer="A08" SMBIOSPresent="True" Rel_Date="20080425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Precision WorkStation 490" Ident_Num="DAN-PC" TimeZone="(UTC+01:00) Praha, Bratislava, Budapešť, Bělehrad, Lublaň" OSName="Microsoft Windows 7 Professional"/><HostIP>169.254.211.187</HostIP></Exception>
Error: (09/01/2018 11:07:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000004120fae
ID chybujícího procesu: 0x630
Čas spuštění chybující aplikace: 0x01d441c42c2c40fa
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 06460c12-ae2b-11e8-8a27-001aa0ad2fdb
Error: (09/01/2018 11:07:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000004120fae
ID chybujícího procesu: 0x630
Čas spuštění chybující aplikace: 0x01d441c42c2c40fa
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 026cbb15-ae2b-11e8-8a27-001aa0ad2fdb
Error: (09/01/2018 09:26:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dsm_sa_eventmgr64.exe, verze: 5.9.5.3801, časové razítko: 0x4d39fb5a
Název chybujícího modulu: dcsupt64.dll, verze: 5.9.5.696, časové razítko: 0x4d39fa4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004750
ID chybujícího procesu: 0x704
Čas spuštění chybující aplikace: 0x01d441c42c6300a1
Cesta k chybující aplikaci: C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
Cesta k chybujícímu modulu: C:\Program Files\Dell\SysMgt\shared\bin\dcsupt64.dll
ID zprávy: 6698d043-adb8-11e8-8a27-001aa0ad2fdb
Error: (08/27/2018 06:32:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dsm_sa_eventmgr64.exe, verze: 5.9.5.3801, časové razítko: 0x4d39fb5a
Název chybujícího modulu: dcsupt64.dll, verze: 5.9.5.696, časové razítko: 0x4d39fa4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004750
ID chybujícího procesu: 0x6fc
Čas spuštění chybující aplikace: 0x01d43dbde975fdba
Cesta k chybující aplikaci: C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
Cesta k chybujícímu modulu: C:\Program Files\Dell\SysMgt\shared\bin\dcsupt64.dll
ID zprávy: 28389dad-a9b2-11e8-a705-001aa0ad2fdb
Error: (08/07/2018 12:24:09 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[Vzdálený název nelze rozpoznat: 'downloads.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ v System.Net.HttpWebRequest.GetResponse()
v eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="6CWN13J" SMBIOSMajVer="2" SMBIOSMinVer="3" SMBIOSBIOSVer="A08" SMBIOSPresent="True" Rel_Date="20080425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Precision WorkStation 490" Ident_Num="DAN-PC" TimeZone="(UTC+01:00) Praha, Bratislava, Budapešť, Bělehrad, Lublaň" OSName="Microsoft Windows 7 Professional"/><HostIP>127.0.0.1</HostIP></Exception>
Error: (07/28/2018 11:03:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dsm_sa_eventmgr64.exe, verze: 5.9.5.3801, časové razítko: 0x4d39fb5a
Název chybujícího modulu: dcsupt64.dll, verze: 5.9.5.696, časové razítko: 0x4d39fa4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004750
ID chybujícího procesu: 0x614
Čas spuštění chybující aplikace: 0x01d42650d4f26f5d
Cesta k chybující aplikaci: C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
Cesta k chybujícímu modulu: C:\Program Files\Dell\SysMgt\shared\bin\dcsupt64.dll
ID zprávy: 0d7f0f6e-9245-11e8-ba83-001aa0ad2fdb
System errors:
=============
Error: (09/09/2018 02:10:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spy Emergency Health Check neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (09/09/2018 02:10:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adobe Genuine Software Integrity Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (09/09/2018 02:10:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adobe Genuine Monitor Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (09/09/2018 02:10:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:47:39, 9.9.2018) bylo neočekávané.
Error: (09/09/2018 02:07:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby DiagTrack bylo dosaženo časového limitu (30000 ms).
Error: (09/09/2018 02:06:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby dcstor64 bylo dosaženo časového limitu (30000 ms).
Error: (09/09/2018 11:58:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adobe Genuine Software Integrity Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (09/09/2018 11:58:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adobe Genuine Monitor Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
===================================
Date: 2018-07-06 14:46:08.457
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Date: 2018-07-06 14:46:08.457
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU 5160 @ 3.00GHz
Percentage of memory in use: 75%
Total physical RAM: 4093.65 MB
Available physical RAM: 1019.35 MB
Total Virtual: 10230.8 MB
Available Virtual: 5569.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:68.46 GB) NTFS
Drive e: (OLD) (Fixed) (Total:149.03 GB) (Free:60.63 GB) NTFS
Drive f: () (Fixed) (Total:69.82 GB) (Free:1.77 GB) NTFS
Drive g: (Starý disk) (Fixed) (Total:395.94 GB) (Free:86.34 GB) NTFS
Drive h: () (Fixed) (Total:232.88 GB) (Free:6.93 GB) NTFS
\\?\Volume{1f9603c2-8117-11e8-ab21-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 579A6D50)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 33B08E54)
Partition 1: (Active) - (Size=395.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=69.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 149.1 GB) (Disk ID: E8AE847D)
Partition 1: (Not Active) - (Size=149 GB) - (Type=0F Extended)
========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 3E778052)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
a log AdwCleaner Debug:
2018-09-09 16:19:28 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:19:31 : <INFO> [Button clicked] Scan
2018-09-09 16:19:31 : <INFO> [Scan] Started
2018-09-09 16:19:31 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:19:31 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:19:31 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:19:31 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:19:31 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:19:31 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:19:31 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:19:31 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:19:31 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:19:31 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:19:31 : <INFO> [Database] Downloading database
2018-09-09 16:19:31 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:19:31 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:19:31 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:19:31 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:19:31 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:19:31 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:19:31 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:19:31 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:19:31 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:19:31 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:19:32 : <INFO> [Database] Checking integrity
2018-09-09 16:19:32 : <INFO> [Database] Found 0 families
2018-09-09 16:19:32 : <INFO> [Database] Database v "2018-09-06.1"
2018-09-09 16:19:33 : <INFO> [Loading paths] Local paths loaded
2018-09-09 16:19:33 : <INFO> [Loading paths] Chrome paths loaded
2018-09-09 16:19:33 : <INFO> [Loading paths] User Keys loaded
2018-09-09 16:19:33 : <INFO> [Module added] Folder
2018-09-09 16:19:33 : <INFO> [Module added] File
2018-09-09 16:19:33 : <INFO> [Module added] URL
2018-09-09 16:19:33 : <INFO> [Module added] Service
2018-09-09 16:19:33 : <INFO> [Module added] TaskName
2018-09-09 16:19:33 : <INFO> [Module added] TaskContent
2018-09-09 16:19:33 : <INFO> [Module added] App Init
2018-09-09 16:19:33 : <INFO> [Module added] Classes
2018-09-09 16:19:33 : <INFO> [Module added] DNS
2018-09-09 16:19:33 : <INFO> [Module added] Firewall
2018-09-09 16:19:33 : <INFO> [Module added] GUID
2018-09-09 16:19:33 : <INFO> [Module added] IEPolicy
2018-09-09 16:19:33 : <INFO> [Module added] RegOther
2018-09-09 16:19:33 : <INFO> [Module added] ProductID
2018-09-09 16:19:33 : <INFO> [Module added] Software
2018-09-09 16:19:33 : <INFO> [Module added] Startup
2018-09-09 16:19:33 : <INFO> [Module added] Winlogon
2018-09-09 16:19:33 : <INFO> [Module added] WMI
2018-09-09 16:19:33 : <INFO> [Module added] Chromium
2018-09-09 16:19:33 : <INFO> [Module added] FF
2018-09-09 16:19:33 : <INFO> [Module added] RegGeneric
2018-09-09 16:19:33 : <INFO> [Module added] FileSystem
2018-09-09 16:19:33 : <INFO> [Module initialize] File/Folder
2018-09-09 16:19:33 : <INFO> [Module initialize] File/Folder
2018-09-09 16:19:33 : <INFO> [Module initialize] URL
2018-09-09 16:19:33 : <INFO> [Module initialize] Service
2018-09-09 16:19:33 : <INFO> [Module initialize] TaskName
2018-09-09 16:19:35 : <INFO> [Module initialize] TaskContent
2018-09-09 16:19:35 : <INFO> [Module initialize] App Init
2018-09-09 16:19:35 : <INFO> [Module initialize] Classes
2018-09-09 16:19:35 : <INFO> [Module initialize] DNS
2018-09-09 16:19:35 : <INFO> [Module initialize] Firewall
2018-09-09 16:19:35 : <INFO> [Module initialize] GUID
2018-09-09 16:19:35 : <INFO> [Module initialize] IEPolicy
2018-09-09 16:19:35 : <INFO> [Module initialize] RegOther
2018-09-09 16:19:35 : <INFO> [Module initialize] ProductID
2018-09-09 16:19:35 : <INFO> [Module initialize] Software
2018-09-09 16:19:35 : <INFO> [Module initialize] Startup
2018-09-09 16:19:35 : <INFO> [Module Initialized] Winlogon
2018-09-09 16:19:35 : <INFO> [Module initialized] WMI
2018-09-09 16:19:35 : <INFO> [Module initialize] Chromium
2018-09-09 16:19:35 : <INFO> [Module initialize] FF
2018-09-09 16:19:35 : <INFO> [Module initialize] RegGeneric
2018-09-09 16:19:35 : <INFO> [Module initialize] FileSystem
2018-09-09 16:19:35 : <INFO> [Module initialize] Scan Browser
2018-09-09 16:19:36 : <INFO> [Module initialize] Scan Browser FF
2018-09-09 16:19:36 : <INFO> [Module initialize] FF start pages loaded
2018-09-09 16:19:36 : <INFO> [Module initialize] FF search providers loaded
2018-09-09 16:19:36 : <INFO> [Module initialize] FF plugin list loaded
2018-09-09 16:19:36 : <INFO> [Scan] Exclusions loaded
2018-09-09 16:19:44 : <INFO> [Telemetry] Sending to Influx
2018-09-09 16:19:45 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2018-09-09 16:19:45 : <INFO> [SslCert] Issued to ("telemetry-01.adwc.fr33tux.org")
2018-09-09 16:19:45 : <INFO> [SslCert] Locality Name ()
2018-09-09 16:19:45 : <INFO> [SslCert] Organization ()
2018-09-09 16:19:45 : <INFO> [SslCert] Certificate EffectiveDate: "pá 8 3 09:04:38 2018 GMT"
2018-09-09 16:19:45 : <INFO> [SslCert] Certificate ExpirationDate: "et 11 1 09:04:38 2018 GMT"
2018-09-09 16:19:45 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:19:45 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:19:45 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:19:45 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:19:45 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2018-09-09 16:19:45 : <INFO> [Telemetry] Sending to DSE
2018-09-09 16:19:46 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:19:46 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:19:46 : <INFO> [SslCert] Locality Name ("San Jose")
2018-09-09 16:19:46 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2018-09-09 16:19:46 : <INFO> [SslCert] Certificate EffectiveDate: "et 2 22 00:00:00 2018 GMT"
2018-09-09 16:19:46 : <INFO> [SslCert] Certificate ExpirationDate: "st 4 22 12:00:00 2020 GMT"
2018-09-09 16:19:46 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:19:46 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:19:46 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:19:46 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:19:46 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2018-09-09 16:19:46 : <INFO> [Scan] Finished
2018-09-09 16:19:48 : <INFO> [Button clicked] View log
2018-09-09 16:20:39 : <INFO> [Button clicked] Basic repair
2018-09-09 16:20:58 : <INFO> [Button clicked] Generic button clicked [ 4 ]
2018-09-09 16:20:58 : <INFO> [Cleaning] Started
2018-09-09 16:20:58 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2018-09-09 16:20:58 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2018-09-09 16:21:12 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 16:21:13 : <INFO> [MBInstaller] Checking Iris
2018-09-09 16:21:13 : <INFO> [IRIS] Making request
2018-09-09 16:21:14 : <INFO> [Telemetry] Sending hello
2018-09-09 16:21:15 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:21:15 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:21:15 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:21:15 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:21:15 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:21:15 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:21:15 : <INFO> [SslCert] ALPN: None
2018-09-09 16:21:15 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:21:15 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:21:15 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:21:15 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:21:15 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:21:15 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:21:15 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:21:15 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:21:15 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:21:15 : <INFO> [SslCert] ALPN: None
2018-09-09 16:21:15 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:21:15 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:21:15 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:21:15 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 16:21:15 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 16:21:15 : <INFO> [IRIS] Failed
2018-09-09 16:21:17 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:21:17 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
2018-09-09 16:21:31 : <INFO> [Button clicked] Quarantine menu item
2018-09-09 16:21:32 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:21:35 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:21:38 : <INFO> [Application] Closing AdwCleaner
2018-09-09 16:24:58 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 16:25:01 : <INFO> [MBInstaller] Checking Iris
2018-09-09 16:25:01 : <INFO> [IRIS] Making request
2018-09-09 16:25:02 : <INFO> [Telemetry] Sending hello
2018-09-09 16:25:02 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:25:02 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:25:02 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:25:02 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:25:02 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:25:02 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:25:02 : <INFO> [SslCert] ALPN: None
2018-09-09 16:25:02 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:25:02 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:25:02 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:25:02 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:25:02 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:25:02 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:25:02 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:25:02 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:25:02 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:25:02 : <INFO> [SslCert] ALPN: None
2018-09-09 16:25:02 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:25:02 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:25:02 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:25:02 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 16:25:03 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 16:25:03 : <INFO> [IRIS] Failed
2018-09-09 16:25:05 : <INFO> [Button clicked] Settings menu item
2018-09-09 16:25:52 : <INFO> [Button clicked] Help menu item
2018-09-09 16:25:59 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:25:59 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
2018-09-09 16:26:01 : <INFO> [Button clicked] Quarantine menu item
2018-09-09 16:26:03 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:26:55 : <INFO> [Application] Closing AdwCleaner
2018-09-09 16:27:11 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 16:27:13 : <INFO> [MBInstaller] Checking Iris
2018-09-09 16:27:13 : <INFO> [IRIS] Making request
2018-09-09 16:27:13 : <INFO> [Telemetry] Sending hello
2018-09-09 16:27:14 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:27:14 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:27:14 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:27:14 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:27:14 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:27:14 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:27:14 : <INFO> [SslCert] ALPN: None
2018-09-09 16:27:14 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:14 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:14 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:14 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:27:14 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:27:14 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:27:14 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:27:14 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:27:14 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:27:14 : <INFO> [SslCert] ALPN: None
2018-09-09 16:27:14 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:14 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:14 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:14 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 16:27:15 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 16:27:15 : <INFO> [IRIS] Failed
2018-09-09 16:27:21 : <INFO> [Button clicked] Scan
2018-09-09 16:27:21 : <INFO> [Scan] Started
2018-09-09 16:27:22 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:27:22 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:27:22 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:27:22 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:27:22 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:27:22 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:27:22 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:27:22 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:22 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:22 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:22 : <INFO> [Database] Downloading database
2018-09-09 16:27:22 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:27:22 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:27:22 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:27:22 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:27:22 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:27:22 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:27:22 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:27:22 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:22 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:22 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:23 : <INFO> [Database] Checking integrity
2018-09-09 16:27:23 : <INFO> [Database] Found 0 families
2018-09-09 16:27:23 : <INFO> [Database] Database v "2018-09-06.1"
2018-09-09 16:27:24 : <INFO> [Loading paths] Local paths loaded
2018-09-09 16:27:24 : <INFO> [Loading paths] Chrome paths loaded
2018-09-09 16:27:24 : <INFO> [Loading paths] User Keys loaded
2018-09-09 16:27:24 : <INFO> [Module added] Folder
2018-09-09 16:27:24 : <INFO> [Module added] File
2018-09-09 16:27:24 : <INFO> [Module added] URL
2018-09-09 16:27:24 : <INFO> [Module added] Service
2018-09-09 16:27:24 : <INFO> [Module added] TaskName
2018-09-09 16:27:24 : <INFO> [Module added] TaskContent
2018-09-09 16:27:24 : <INFO> [Module added] App Init
2018-09-09 16:27:24 : <INFO> [Module added] Classes
2018-09-09 16:27:24 : <INFO> [Module added] DNS
2018-09-09 16:27:24 : <INFO> [Module added] Firewall
2018-09-09 16:27:24 : <INFO> [Module added] GUID
2018-09-09 16:27:24 : <INFO> [Module added] IEPolicy
2018-09-09 16:27:24 : <INFO> [Module added] RegOther
2018-09-09 16:27:24 : <INFO> [Module added] ProductID
2018-09-09 16:27:24 : <INFO> [Module added] Software
2018-09-09 16:27:24 : <INFO> [Module added] Startup
2018-09-09 16:27:24 : <INFO> [Module added] Winlogon
2018-09-09 16:27:24 : <INFO> [Module added] WMI
2018-09-09 16:27:24 : <INFO> [Module added] Chromium
2018-09-09 16:27:24 : <INFO> [Module added] FF
2018-09-09 16:27:24 : <INFO> [Module added] RegGeneric
2018-09-09 16:27:24 : <INFO> [Module added] FileSystem
2018-09-09 16:27:24 : <INFO> [Module initialize] File/Folder
2018-09-09 16:27:24 : <INFO> [Module initialize] File/Folder
2018-09-09 16:27:24 : <INFO> [Module initialize] URL
2018-09-09 16:27:25 : <INFO> [Module initialize] Service
2018-09-09 16:27:25 : <INFO> [Module initialize] TaskName
2018-09-09 16:27:26 : <INFO> [Module initialize] TaskContent
2018-09-09 16:27:26 : <INFO> [Module initialize] App Init
2018-09-09 16:27:26 : <INFO> [Module initialize] Classes
2018-09-09 16:27:26 : <INFO> [Module initialize] DNS
2018-09-09 16:27:26 : <INFO> [Module initialize] Firewall
2018-09-09 16:27:26 : <INFO> [Module initialize] GUID
2018-09-09 16:27:26 : <INFO> [Module initialize] IEPolicy
2018-09-09 16:27:26 : <INFO> [Module initialize] RegOther
2018-09-09 16:27:26 : <INFO> [Module initialize] ProductID
2018-09-09 16:27:26 : <INFO> [Module initialize] Software
2018-09-09 16:27:26 : <INFO> [Module initialize] Startup
2018-09-09 16:27:26 : <INFO> [Module Initialized] Winlogon
2018-09-09 16:27:26 : <INFO> [Module initialized] WMI
2018-09-09 16:27:26 : <INFO> [Module initialize] Chromium
2018-09-09 16:27:26 : <INFO> [Module initialize] FF
2018-09-09 16:27:26 : <INFO> [Module initialize] RegGeneric
2018-09-09 16:27:26 : <INFO> [Module initialize] FileSystem
2018-09-09 16:27:26 : <INFO> [Module initialize] Scan Browser
2018-09-09 16:27:27 : <INFO> [Module initialize] Scan Browser FF
2018-09-09 16:27:27 : <INFO> [Module initialize] FF start pages loaded
2018-09-09 16:27:27 : <INFO> [Module initialize] FF search providers loaded
2018-09-09 16:27:27 : <INFO> [Module initialize] FF plugin list loaded
2018-09-09 16:27:27 : <INFO> [Scan] Exclusions loaded
2018-09-09 16:27:35 : <INFO> [Telemetry] Sending to Influx
2018-09-09 16:27:36 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2018-09-09 16:27:36 : <INFO> [SslCert] Issued to ("telemetry-01.adwc.fr33tux.org")
2018-09-09 16:27:36 : <INFO> [SslCert] Locality Name ()
2018-09-09 16:27:36 : <INFO> [SslCert] Organization ()
2018-09-09 16:27:36 : <INFO> [SslCert] Certificate EffectiveDate: "pá 8 3 09:04:38 2018 GMT"
2018-09-09 16:27:36 : <INFO> [SslCert] Certificate ExpirationDate: "et 11 1 09:04:38 2018 GMT"
2018-09-09 16:27:36 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:27:36 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:36 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:36 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:36 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2018-09-09 16:27:36 : <INFO> [Telemetry] Sending to DSE
2018-09-09 16:27:38 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:27:38 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:27:38 : <INFO> [SslCert] Locality Name ("San Jose")
2018-09-09 16:27:38 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2018-09-09 16:27:38 : <INFO> [SslCert] Certificate EffectiveDate: "et 2 22 00:00:00 2018 GMT"
2018-09-09 16:27:38 : <INFO> [SslCert] Certificate ExpirationDate: "st 4 22 12:00:00 2020 GMT"
2018-09-09 16:27:38 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:27:38 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:38 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:38 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:38 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2018-09-09 16:27:38 : <INFO> [Scan] Finished
2018-09-09 16:27:45 : <INFO> [Button clicked] Basic repair
2018-09-09 16:27:49 : <INFO> [Button clicked] Generic button clicked [ 4 ]
2018-09-09 16:27:49 : <INFO> [Cleaning] Started
2018-09-09 16:27:49 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2018-09-09 16:27:49 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2018-09-09 16:27:59 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 16:28:00 : <INFO> [MBInstaller] Checking Iris
2018-09-09 16:28:00 : <INFO> [IRIS] Making request
2018-09-09 16:28:01 : <INFO> [Telemetry] Sending hello
2018-09-09 16:28:02 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:28:02 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:28:02 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:28:02 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:28:02 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:28:02 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:28:02 : <INFO> [SslCert] ALPN: None
2018-09-09 16:28:02 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:28:02 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:28:02 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:28:02 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:28:02 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:28:02 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:28:02 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:28:02 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:28:02 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:28:02 : <INFO> [SslCert] ALPN: None
2018-09-09 16:28:02 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:28:02 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:28:02 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:28:02 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 16:28:02 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 16:28:02 : <INFO> [IRIS] Failed
2018-09-09 16:28:03 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:28:03 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
2018-09-09 16:29:44 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:29:46 : <INFO> [Button clicked] Quarantine menu item
2018-09-09 16:29:47 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:29:51 : <INFO> [Button clicked] Scan
2018-09-09 16:29:51 : <INFO> [Scan] Started
2018-09-09 16:29:52 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:29:52 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:29:52 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:29:52 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:29:52 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:29:52 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:29:52 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:29:52 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:29:52 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:29:52 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:29:52 : <INFO> [Database] Downloading database
2018-09-09 16:29:52 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:29:52 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:29:52 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:29:52 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:29:52 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:29:52 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:29:52 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:29:52 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:29:52 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:29:52 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:29:53 : <INFO> [Database] Checking integrity
2018-09-09 16:29:53 : <INFO> [Database] Found 0 families
2018-09-09 16:29:53 : <INFO> [Database] Database v "2018-09-06.1"
2018-09-09 16:29:54 : <INFO> [Loading paths] Local paths loaded
2018-09-09 16:29:54 : <INFO> [Loading paths] Chrome paths loaded
2018-09-09 16:29:54 : <INFO> [Loading paths] User Keys loaded
2018-09-09 16:29:54 : <INFO> [Module added] Folder
2018-09-09 16:29:54 : <INFO> [Module added] File
2018-09-09 16:29:54 : <INFO> [Module added] URL
2018-09-09 16:29:54 : <INFO> [Module added] Service
2018-09-09 16:29:54 : <INFO> [Module added] TaskName
2018-09-09 16:29:54 : <INFO> [Module added] TaskContent
2018-09-09 16:29:54 : <INFO> [Module added] App Init
2018-09-09 16:29:54 : <INFO> [Module added] Classes
2018-09-09 16:29:54 : <INFO> [Module added] DNS
2018-09-09 16:29:54 : <INFO> [Module added] Firewall
2018-09-09 16:29:54 : <INFO> [Module added] GUID
2018-09-09 16:29:54 : <INFO> [Module added] IEPolicy
2018-09-09 16:29:54 : <INFO> [Module added] RegOther
2018-09-09 16:29:54 : <INFO> [Module added] ProductID
2018-09-09 16:29:54 : <INFO> [Module added] Software
2018-09-09 16:29:54 : <INFO> [Module added] Startup
2018-09-09 16:29:54 : <INFO> [Module added] Winlogon
2018-09-09 16:29:54 : <INFO> [Module added] WMI
2018-09-09 16:29:54 : <INFO> [Module added] Chromium
2018-09-09 16:29:54 : <INFO> [Module added] FF
2018-09-09 16:29:54 : <INFO> [Module added] RegGeneric
2018-09-09 16:29:54 : <INFO> [Module added] FileSystem
2018-09-09 16:29:54 : <INFO> [Module initialize] File/Folder
2018-09-09 16:29:54 : <INFO> [Module initialize] File/Folder
2018-09-09 16:29:54 : <INFO> [Module initialize] URL
2018-09-09 16:29:54 : <INFO> [Module initialize] Service
2018-09-09 16:29:54 : <INFO> [Module initialize] TaskName
2018-09-09 16:29:55 : <INFO> [Module initialize] TaskContent
2018-09-09 16:29:55 : <INFO> [Module initialize] App Init
2018-09-09 16:29:55 : <INFO> [Module initialize] Classes
2018-09-09 16:29:55 : <INFO> [Module initialize] DNS
2018-09-09 16:29:55 : <INFO> [Module initialize] Firewall
2018-09-09 16:29:55 : <INFO> [Module initialize] GUID
2018-09-09 16:29:55 : <INFO> [Module initialize] IEPolicy
2018-09-09 16:29:55 : <INFO> [Module initialize] RegOther
2018-09-09 16:29:55 : <INFO> [Module initialize] ProductID
2018-09-09 16:29:55 : <INFO> [Module initialize] Software
2018-09-09 16:29:55 : <INFO> [Module initialize] Startup
2018-09-09 16:29:55 : <INFO> [Module Initialized] Winlogon
2018-09-09 16:29:55 : <INFO> [Module initialized] WMI
2018-09-09 16:29:55 : <INFO> [Module initialize] Chromium
2018-09-09 16:29:55 : <INFO> [Module initialize] FF
2018-09-09 16:29:55 : <INFO> [Module initialize] RegGeneric
2018-09-09 16:29:55 : <INFO> [Module initialize] FileSystem
2018-09-09 16:29:55 : <INFO> [Module initialize] Scan Browser
2018-09-09 16:29:57 : <INFO> [Module initialize] Scan Browser FF
2018-09-09 16:29:57 : <INFO> [Module initialize] FF start pages loaded
2018-09-09 16:29:57 : <INFO> [Module initialize] FF search providers loaded
2018-09-09 16:29:57 : <INFO> [Module initialize] FF plugin list loaded
2018-09-09 16:29:57 : <INFO> [Scan] Exclusions loaded
2018-09-09 16:30:05 : <INFO> [Telemetry] Sending to Influx
2018-09-09 16:30:05 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2018-09-09 16:30:05 : <INFO> [SslCert] Issued to ("telemetry-01.adwc.fr33tux.org")
2018-09-09 16:30:05 : <INFO> [SslCert] Locality Name ()
2018-09-09 16:30:05 : <INFO> [SslCert] Organization ()
2018-09-09 16:30:05 : <INFO> [SslCert] Certificate EffectiveDate: "pá 8 3 09:04:38 2018 GMT"
2018-09-09 16:30:05 : <INFO> [SslCert] Certificate ExpirationDate: "et 11 1 09:04:38 2018 GMT"
2018-09-09 16:30:05 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:05 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:05 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:05 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:05 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2018-09-09 16:30:05 : <INFO> [Telemetry] Sending to DSE
2018-09-09 16:30:07 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:30:07 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:30:07 : <INFO> [SslCert] Locality Name ("San Jose")
2018-09-09 16:30:07 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2018-09-09 16:30:07 : <INFO> [SslCert] Certificate EffectiveDate: "et 2 22 00:00:00 2018 GMT"
2018-09-09 16:30:07 : <INFO> [SslCert] Certificate ExpirationDate: "st 4 22 12:00:00 2020 GMT"
2018-09-09 16:30:07 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:07 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:07 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:07 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:07 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2018-09-09 16:30:07 : <INFO> [Scan] Finished
2018-09-09 16:30:09 : <INFO> [Button clicked] Basic repair
2018-09-09 16:30:13 : <INFO> [Button clicked] Cancel
2018-09-09 16:30:16 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:30:16 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
2018-09-09 16:30:21 : <INFO> [Button clicked] Quarantine menu item
2018-09-09 16:30:22 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:30:23 : <INFO> [Button clicked] Scan
2018-09-09 16:30:23 : <INFO> [Scan] Started
2018-09-09 16:30:24 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:30:24 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:30:24 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:30:24 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:30:24 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:30:24 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:30:24 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:24 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:24 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:24 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:24 : <INFO> [Database] Downloading database
2018-09-09 16:30:25 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:30:25 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:30:25 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:30:25 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:30:25 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:30:25 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:30:25 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:25 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:25 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:25 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:27 : <INFO> [Database] Checking integrity
2018-09-09 16:30:27 : <INFO> [Database] Found 0 families
2018-09-09 16:30:27 : <INFO> [Database] Database v "2018-09-06.1"
2018-09-09 16:30:27 : <INFO> [Loading paths] Local paths loaded
2018-09-09 16:30:27 : <INFO> [Loading paths] Chrome paths loaded
2018-09-09 16:30:27 : <INFO> [Loading paths] User Keys loaded
2018-09-09 16:30:27 : <INFO> [Module added] Folder
2018-09-09 16:30:27 : <INFO> [Module added] File
2018-09-09 16:30:27 : <INFO> [Module added] URL
2018-09-09 16:30:27 : <INFO> [Module added] Service
2018-09-09 16:30:27 : <INFO> [Module added] TaskName
2018-09-09 16:30:27 : <INFO> [Module added] TaskContent
2018-09-09 16:30:27 : <INFO> [Module added] App Init
2018-09-09 16:30:27 : <INFO> [Module added] Classes
2018-09-09 16:30:27 : <INFO> [Module added] DNS
2018-09-09 16:30:27 : <INFO> [Module added] Firewall
2018-09-09 16:30:27 : <INFO> [Module added] GUID
2018-09-09 16:30:27 : <INFO> [Module added] IEPolicy
2018-09-09 16:30:27 : <INFO> [Module added] RegOther
2018-09-09 16:30:27 : <INFO> [Module added] ProductID
2018-09-09 16:30:27 : <INFO> [Module added] Software
2018-09-09 16:30:27 : <INFO> [Module added] Startup
2018-09-09 16:30:27 : <INFO> [Module added] Winlogon
2018-09-09 16:30:27 : <INFO> [Module added] WMI
2018-09-09 16:30:27 : <INFO> [Module added] Chromium
2018-09-09 16:30:27 : <INFO> [Module added] FF
2018-09-09 16:30:27 : <INFO> [Module added] RegGeneric
2018-09-09 16:30:27 : <INFO> [Module added] FileSystem
2018-09-09 16:30:27 : <INFO> [Module initialize] File/Folder
2018-09-09 16:30:27 : <INFO> [Module initialize] File/Folder
2018-09-09 16:30:28 : <INFO> [Module initialize] URL
2018-09-09 16:30:28 : <INFO> [Module initialize] Service
2018-09-09 16:30:28 : <INFO> [Module initialize] TaskName
2018-09-09 16:30:29 : <INFO> [Module initialize] TaskContent
2018-09-09 16:30:29 : <INFO> [Module initialize] App Init
2018-09-09 16:30:29 : <INFO> [Module initialize] Classes
2018-09-09 16:30:29 : <INFO> [Module initialize] DNS
2018-09-09 16:30:29 : <INFO> [Module initialize] Firewall
2018-09-09 16:30:29 : <INFO> [Module initialize] GUID
2018-09-09 16:30:29 : <INFO> [Module initialize] IEPolicy
2018-09-09 16:30:29 : <INFO> [Module initialize] RegOther
2018-09-09 16:30:29 : <INFO> [Module initialize] ProductID
2018-09-09 16:30:29 : <INFO> [Module initialize] Software
2018-09-09 16:30:29 : <INFO> [Module initialize] Startup
2018-09-09 16:30:29 : <INFO> [Module Initialized] Winlogon
2018-09-09 16:30:29 : <INFO> [Module initialized] WMI
2018-09-09 16:30:29 : <INFO> [Module initialize] Chromium
2018-09-09 16:30:29 : <INFO> [Module initialize] FF
2018-09-09 16:30:29 : <INFO> [Module initialize] RegGeneric
2018-09-09 16:30:29 : <INFO> [Module initialize] FileSystem
2018-09-09 16:30:29 : <INFO> [Module initialize] Scan Browser
2018-09-09 16:30:30 : <INFO> [Module initialize] Scan Browser FF
2018-09-09 16:30:30 : <INFO> [Module initialize] FF start pages loaded
2018-09-09 16:30:30 : <INFO> [Module initialize] FF search providers loaded
2018-09-09 16:30:30 : <INFO> [Module initialize] FF plugin list loaded
2018-09-09 16:30:30 : <INFO> [Scan] Exclusions loaded
2018-09-09 16:30:39 : <INFO> [Telemetry] Sending to Influx
2018-09-09 16:30:39 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2018-09-09 16:30:39 : <INFO> [SslCert] Issued to ("telemetry-01.adwc.fr33tux.org")
2018-09-09 16:30:39 : <INFO> [SslCert] Locality Name ()
2018-09-09 16:30:39 : <INFO> [SslCert] Organization ()
2018-09-09 16:30:39 : <INFO> [SslCert] Certificate EffectiveDate: "pá 8 3 09:04:38 2018 GMT"
2018-09-09 16:30:39 : <INFO> [SslCert] Certificate ExpirationDate: "et 11 1 09:04:38 2018 GMT"
2018-09-09 16:30:39 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:39 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:39 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:39 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:39 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2018-09-09 16:30:39 : <INFO> [Telemetry] Sending to DSE
2018-09-09 16:30:40 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:30:40 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:30:40 : <INFO> [SslCert] Locality Name ("San Jose")
2018-09-09 16:30:40 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2018-09-09 16:30:40 : <INFO> [SslCert] Certificate EffectiveDate: "et 2 22 00:00:00 2018 GMT"
2018-09-09 16:30:40 : <INFO> [SslCert] Certificate ExpirationDate: "st 4 22 12:00:00 2020 GMT"
2018-09-09 16:30:40 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:40 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:40 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:40 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:40 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2018-09-09 16:30:40 : <INFO> [Scan] Finished
2018-09-09 16:30:42 : <INFO> [Button clicked] Basic repair
2018-09-09 16:30:44 : <INFO> [Button clicked] Generic button clicked [ 1 ]
2018-09-09 16:30:44 : <INFO> [Cleaning] Started
2018-09-09 16:30:44 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2018-09-09 16:30:44 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2018-09-09 16:30:58 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 16:30:59 : <INFO> [MBInstaller] Checking Iris
2018-09-09 16:30:59 : <INFO> [IRIS] Making request
2018-09-09 16:31:00 : <INFO> [Telemetry] Sending hello
2018-09-09 16:31:01 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:31:01 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:31:01 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:31:01 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:31:01 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:31:01 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:31:01 : <INFO> [SslCert] ALPN: None
2018-09-09 16:31:01 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:31:01 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:31:01 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:31:01 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:31:01 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:31:01 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:31:01 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:31:01 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:31:01 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:31:01 : <INFO> [SslCert] ALPN: None
2018-09-09 16:31:01 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:31:01 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:31:01 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:31:01 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 16:31:01 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 16:31:01 : <INFO> [IRIS] Failed
2018-09-09 16:31:02 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:31:02 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
2018-09-09 16:36:14 : <INFO> [Application] Closing AdwCleaner
2018-09-09 19:40:34 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 19:40:36 : <INFO> [MBInstaller] Checking Iris
2018-09-09 19:40:36 : <INFO> [IRIS] Making request
2018-09-09 19:40:37 : <INFO> [Telemetry] Sending hello
2018-09-09 19:40:38 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 19:40:38 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 19:40:38 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 19:40:38 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 19:40:38 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 19:40:38 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 19:40:38 : <INFO> [SslCert] ALPN: None
2018-09-09 19:40:38 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 19:40:38 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 19:40:38 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 19:40:38 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 19:40:38 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 19:40:38 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 19:40:38 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 19:40:38 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 19:40:38 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 19:40:38 : <INFO> [SslCert] ALPN: None
2018-09-09 19:40:38 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 19:40:38 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 19:40:38 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 19:40:38 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 19:40:38 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 19:40:38 : <INFO> [IRIS] Failed
2018-09-09 19:40:39 : <INFO> [Button clicked] Log files menu item
2018-09-09 19:40:39 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by Dan (administrator) on DAN-PC (09-09-2018 15:28:34)
Running from G:\PROGRAMY
Loaded Profiles: Dan (Available Profiles: Dan)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(Dell Inc.) C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
(Dell Inc.) C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr64.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\pcdrwi.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe [424448 2007-05-06] (SigmaTel, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178504 2018-07-25] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\MountPoints2: {4be4e01f-8134-11e8-a708-001aa0ad2fdb} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2018-07-06]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 100.100.100.1 0.0.0.0
Tcpip\..\Interfaces\{DA9DCABD-9F01-4DA9-BC91-C1DB42FA9DE8}: [DhcpNameServer] 100.100.100.1 0.0.0.0
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-23] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: fifkgai9.default
FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default [2018-09-09]
FF Homepage: Mozilla\Firefox\Profiles\fifkgai9.default -> hxxps://mail.google.com/mail/u/0/#inbox
FF Session Restore: Mozilla\Firefox\Profiles\fifkgai9.default -> is enabled.
FF Extension: (To Google Translate) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-07]
FF Extension: (Screengrab!) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2018-07-06]
FF Extension: (HTML Validator) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}.xpi [2018-07-06]
FF Extension: (Web Developer) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2018-07-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-09-01] ()
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-09-01] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-06] (NVIDIA Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 dcevt64; C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe [222168 2011-01-21] (Dell Inc.)
R2 dcstor64; C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr64.exe [293336 2011-01-21] (Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe [935744 2018-07-16] (PC-Doctor, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [4175928 2017-02-15] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\system32\STacSV64.exe [112128 2007-05-06] (SigmaTel, Inc.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45016 2018-07-08] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2010-11-25] (Dell Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-25] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109920 2018-07-25] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-07-25] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50144 2018-07-25] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-07-25] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61552 2018-07-25] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [110376 2018-07-25] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-07-12] (Malwarebytes)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193256 2018-09-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [117472 2018-09-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [52328 2018-09-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [98616 2018-09-09] (Malwarebytes)
R3 STHDA; C:\Windows\System32\drivers\stwrt64.sys [388096 2007-05-06] (SigmaTel, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-09 15:28 - 2018-09-09 15:28 - 000000000 ____D C:\FRST
2018-09-09 12:40 - 2018-09-09 14:12 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-09-09 12:40 - 2018-09-09 14:11 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-09-09 12:40 - 2018-09-09 12:40 - 000001409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-09-09 12:40 - 2018-09-09 12:40 - 000001397 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-09-09 12:40 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2018-09-09 12:28 - 2018-09-09 12:28 - 000000000 ____D C:\Users\Dan\AppData\Local\mbam
2018-09-09 12:27 - 2018-09-09 15:24 - 000098616 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-09-09 12:27 - 2018-09-09 14:10 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-09 12:27 - 2018-09-09 14:10 - 000117472 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-09-09 12:27 - 2018-09-09 14:10 - 000052328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-09-09 12:27 - 2018-09-09 12:27 - 000193256 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-09-09 12:27 - 2018-09-09 12:27 - 000001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-09 12:27 - 2018-09-09 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-09 12:27 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-09 12:26 - 2018-09-09 12:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-09 12:26 - 2018-09-09 12:26 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-09 09:14 - 2018-09-09 09:16 - 000960592 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-06 16:59 - 2018-09-06 17:44 - 000029338 _____ C:\Users\Dan\Documents\rodina_Málkova.cdr
2018-09-06 16:59 - 2018-09-06 16:59 - 000063227 _____ C:\Users\Dan\Documents\Backup_of_rodina_Málkova.cdr
2018-09-06 15:24 - 2018-09-06 15:24 - 000235669 _____ C:\Users\Dan\Documents\Zadost_o_vraceni_RO.pdf
2018-09-01 23:07 - 2018-09-01 23:07 - 000000000 ____D C:\Users\Dan\AppData\Local\CrashDumps
2018-09-01 11:24 - 2018-09-09 09:39 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-01 11:24 - 2018-09-01 11:24 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-01 11:24 - 2018-09-01 11:24 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-01 11:24 - 2018-09-01 11:24 - 000004520 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-01 11:24 - 2018-09-01 11:24 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-09-01 11:24 - 2018-09-01 11:24 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-01 11:24 - 2018-09-01 11:24 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Macromedia
2018-09-01 10:06 - 2018-09-03 01:22 - 000000000 ____D C:\Users\Dan\AppData\Roaming\AIMP
2018-09-01 10:06 - 2018-09-01 10:06 - 000000895 _____ C:\Users\Public\Desktop\AIMP.lnk
2018-09-01 10:06 - 2018-09-01 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2018-09-01 10:05 - 2018-09-01 10:06 - 000000000 ____D C:\Program Files (x86)\AIMP
2018-08-28 13:26 - 2018-08-28 13:26 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt
2018-08-14 19:21 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-14 19:21 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-14 19:21 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-14 19:21 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-14 19:21 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-14 19:21 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-14 19:21 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-14 19:21 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-14 19:21 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-14 19:21 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-14 19:21 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-14 19:21 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-14 19:21 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 19:21 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-14 19:21 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-14 19:21 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-14 19:21 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-14 19:21 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-14 19:21 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-14 19:21 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-14 19:21 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-14 19:21 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-14 19:21 - 2018-07-20 01:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-14 19:21 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-14 19:21 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-14 19:21 - 2018-07-19 06:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-14 19:21 - 2018-07-19 06:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-14 19:21 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-14 19:21 - 2018-07-19 06:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-14 19:21 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-14 19:21 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-14 19:21 - 2018-07-19 06:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-14 19:21 - 2018-07-19 06:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-14 19:21 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-14 19:21 - 2018-07-19 06:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-14 19:21 - 2018-07-19 06:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-14 19:21 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-14 19:21 - 2018-07-19 06:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-14 19:21 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-14 19:21 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-14 19:21 - 2018-07-19 06:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-14 19:21 - 2018-07-19 06:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-14 19:21 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-14 19:21 - 2018-07-19 06:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-14 19:21 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-14 19:21 - 2018-07-19 06:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-14 19:21 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-14 19:21 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-14 19:21 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-14 19:21 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-14 19:21 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-14 19:21 - 2018-07-19 06:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-14 19:21 - 2018-07-19 06:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-14 19:21 - 2018-07-19 05:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-14 19:21 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-14 19:21 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-14 19:21 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-14 19:21 - 2018-07-19 05:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-14 19:21 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-14 19:21 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-14 19:21 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-14 19:21 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-14 19:21 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-14 19:21 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-14 19:21 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-14 19:21 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-14 19:21 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-14 19:21 - 2018-07-19 05:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-14 19:21 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-14 19:21 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-14 19:21 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-14 19:21 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-14 19:21 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-14 19:21 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-14 19:21 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-14 19:21 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-14 19:21 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-14 19:21 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-14 19:21 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-14 19:21 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-14 19:21 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-14 19:21 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-14 19:21 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-14 19:21 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-14 19:21 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-14 19:21 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-14 19:21 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-14 19:21 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-14 19:21 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-14 19:21 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-14 19:21 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-14 19:21 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-14 19:21 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-14 19:21 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-14 19:21 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-14 19:21 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-14 19:21 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-14 19:21 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-14 19:21 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-14 19:21 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-14 19:21 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-14 19:21 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-14 19:21 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-14 19:21 - 2018-06-29 17:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-14 19:21 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-14 19:21 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-14 19:21 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-14 19:21 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-14 19:21 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-14 19:21 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-14 19:21 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-14 19:21 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-14 19:21 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-09 14:18 - 2009-07-14 06:45 - 000018272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-09 14:18 - 2009-07-14 06:45 - 000018272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-09 14:15 - 2009-07-14 17:18 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-09-09 14:15 - 2009-07-14 17:18 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-09-09 14:15 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-09 14:15 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-09 14:14 - 2018-07-06 15:12 - 000000000 ____D C:\Users\Dan\AppData\LocalLow\Mozilla
2018-09-09 14:10 - 2018-07-06 15:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-09 14:10 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-09 12:26 - 2018-07-06 14:48 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-09 11:55 - 2018-07-06 18:06 - 000000000 ____D C:\Users\Dan\AppData\Local\ElevatedDiagnostics
2018-09-09 01:07 - 2018-07-06 18:26 - 000000000 ____D C:\Users\Dan\AppData\Roaming\vlc
2018-09-08 20:53 - 2018-07-06 23:25 - 000000000 ____D C:\Users\Dan\AppData\Roaming\uTorrent
2018-09-08 18:45 - 2018-07-23 18:21 - 000000148 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-09-08 09:10 - 2018-07-06 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-07 10:36 - 2018-07-06 15:11 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-07 10:36 - 2018-07-06 15:11 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-07 10:36 - 2018-07-06 15:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-05 22:59 - 2018-07-06 20:14 - 000004208 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-09-05 14:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-09-04 06:47 - 2018-07-13 17:12 - 000000000 ____D C:\Users\Dan\AppData\Roaming\XnViewMP
2018-09-03 13:55 - 2018-07-06 18:26 - 000000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-01 11:24 - 2018-07-06 15:56 - 000000000 ____D C:\Users\Dan\AppData\Local\Adobe
2018-08-16 12:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-08-14 21:03 - 2018-07-06 14:49 - 000000000 ____D C:\Windows\system32\MRT
2018-08-14 20:59 - 2018-07-06 16:59 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Files in the root of some directories =======
2018-07-07 13:32 - 2018-07-07 13:32 - 000000033 _____ () C:\Users\Dan\AppData\Roaming\AdobeWLCMCache.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-05 09:17
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Dan (09-09-2018 15:29:06)
Running from G:\PROGRAMY
Windows 7 Professional Service Pack 1 (X64) (2018-07-06 12:28:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2513878808-783942235-2138259458-500 - Administrator - Disabled)
Dan (S-1-5-21-2513878808-783942235-2138259458-1000 - Administrator - Enabled) => C:\Users\Dan
Guest (S-1-5-21-2513878808-783942235-2138259458-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2513878808-783942235-2138259458-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2080, 07.07.2018 - AIMP DevTeam)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.9.2 - CrystalIDEA Software)
Dell Client Configuration Toolkit (HKLM-x32\...\{C8EA30FC-B20B-465E-9D8A-CDDC09EA72D4}) (Version: 2.0.1 - Dell)
Dell OpenManage Client Instrumentation (HKLM\...\{47F8D37E-D1F2-44E2-8920-40FAB519A624}) (Version: 8.0.1.150 - Dell)
Dell SupportAssist (HKLM\...\{4CB4741A-20C1-454E-8276-993D06A76D67}) (Version: 2.2.3.2 - Dell Inc.)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.23) (Version: 9.23 - Artifex Software Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
LibreOffice 6.0.5.2 (HKLM\...\{9645CDEF-085C-45F7-A3CD-B4B7046EF78C}) (Version: 6.0.5.2 - The Document Foundation)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 62.0 (x64 cs) (HKLM\...\Mozilla Firefox 62.0 (x64 cs)) (Version: 62.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.9 - F.J. Wechselberger)
NetSpot (HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\a6e43da6e76c5494) (Version: 2.8.1.600 - Etwok LLC)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA nView 148.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.47 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.84 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.84 - NVIDIA Corporation)
NVIDIA WMI 2.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.29.0 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.84 - NVIDIA Corporation) Hidden
SigmaTel Audio (HKLM-x32\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5102.0 - SigmaTel)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XnViewMP 0.90 (HKLM\...\XnViewMP_is1) (Version: 0.90 - Gougelet Pierre-e)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-09-01] (AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-06-30] ()
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-09-01] (AIMP DevTeam)
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2017-02-15] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-02-06] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BC9690E-2459-401B-AC2D-CC28F8CDFBB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-01] (Adobe Systems Incorporated)
Task: {11EB401D-F111-467F-9B33-AB71981B3616} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {2A368F58-5F46-4015-9A98-447F2ED0C0AC} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-07-08] (Dell Inc.)
Task: {8CD04490-DC81-4DB4-BE11-E6E8A54D2A0F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {AA7BE2D1-3D92-491B-B2A2-750003E5A90A} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2017-02-15] ()
Task: {AD7321E3-841E-447C-B510-8A31436CBD39} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {FDE8D1C8-745C-417D-8CC6-360BDFFF6CD4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-09-01] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-07-06 21:44 - 2017-02-06 23:32 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-06-30 14:51 - 2018-06-30 14:51 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-04-20 08:28 - 2018-04-20 08:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-09-09 12:27 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-09 12:27 - 2018-08-06 14:20 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-07-16 23:15 - 2018-07-16 23:15 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\libprotobuf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 100.100.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{093A559A-2E05-4A30-B171-CA9AC652C76F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3CBF6085-1152-4660-85E1-E16A9AED6841}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{532159F4-118F-4A92-B9F0-C6C1FCF73A1E}] => (Allow) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D269E5CA-7ADA-4385-B46D-9C7A46215B4D}] => (Allow) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
21-08-2018 19:10:09 Windows Update
26-08-2018 09:41:41 Windows Update
01-09-2018 09:22:41 Windows Update
04-09-2018 15:20:29 Windows Update
08-09-2018 09:25:54 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/04/2018 03:24:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dsm_sa_eventmgr64.exe, verze: 5.9.5.3801, časové razítko: 0x4d39fb5a
Název chybujícího modulu: dcsupt64.dll, verze: 5.9.5.696, časové razítko: 0x4d39fa4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004750
ID chybujícího procesu: 0x6fc
Čas spuštění chybující aplikace: 0x01d444518d853586
Cesta k chybující aplikaci: C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
Cesta k chybujícímu modulu: C:\Program Files\Dell\SysMgt\shared\bin\dcsupt64.dll
ID zprávy: c8df51cc-b045-11e8-823d-001aa0ad2fdb
Error: (09/04/2018 06:36:24 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[Vzdálený název nelze rozpoznat: 'downloads.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ v System.Net.HttpWebRequest.GetResponse()
v eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="6CWN13J" SMBIOSMajVer="2" SMBIOSMinVer="3" SMBIOSBIOSVer="A08" SMBIOSPresent="True" Rel_Date="20080425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Precision WorkStation 490" Ident_Num="DAN-PC" TimeZone="(UTC+01:00) Praha, Bratislava, Budapešť, Bělehrad, Lublaň" OSName="Microsoft Windows 7 Professional"/><HostIP>169.254.211.187</HostIP></Exception>
Error: (09/01/2018 11:07:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000004120fae
ID chybujícího procesu: 0x630
Čas spuštění chybující aplikace: 0x01d441c42c2c40fa
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 06460c12-ae2b-11e8-8a27-001aa0ad2fdb
Error: (09/01/2018 11:07:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000004120fae
ID chybujícího procesu: 0x630
Čas spuštění chybující aplikace: 0x01d441c42c2c40fa
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 026cbb15-ae2b-11e8-8a27-001aa0ad2fdb
Error: (09/01/2018 09:26:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dsm_sa_eventmgr64.exe, verze: 5.9.5.3801, časové razítko: 0x4d39fb5a
Název chybujícího modulu: dcsupt64.dll, verze: 5.9.5.696, časové razítko: 0x4d39fa4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004750
ID chybujícího procesu: 0x704
Čas spuštění chybující aplikace: 0x01d441c42c6300a1
Cesta k chybující aplikaci: C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
Cesta k chybujícímu modulu: C:\Program Files\Dell\SysMgt\shared\bin\dcsupt64.dll
ID zprávy: 6698d043-adb8-11e8-8a27-001aa0ad2fdb
Error: (08/27/2018 06:32:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dsm_sa_eventmgr64.exe, verze: 5.9.5.3801, časové razítko: 0x4d39fb5a
Název chybujícího modulu: dcsupt64.dll, verze: 5.9.5.696, časové razítko: 0x4d39fa4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004750
ID chybujícího procesu: 0x6fc
Čas spuštění chybující aplikace: 0x01d43dbde975fdba
Cesta k chybující aplikaci: C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
Cesta k chybujícímu modulu: C:\Program Files\Dell\SysMgt\shared\bin\dcsupt64.dll
ID zprávy: 28389dad-a9b2-11e8-a705-001aa0ad2fdb
Error: (08/07/2018 12:24:09 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[Vzdálený název nelze rozpoznat: 'downloads.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ v System.Net.HttpWebRequest.GetResponse()
v eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="6CWN13J" SMBIOSMajVer="2" SMBIOSMinVer="3" SMBIOSBIOSVer="A08" SMBIOSPresent="True" Rel_Date="20080425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Precision WorkStation 490" Ident_Num="DAN-PC" TimeZone="(UTC+01:00) Praha, Bratislava, Budapešť, Bělehrad, Lublaň" OSName="Microsoft Windows 7 Professional"/><HostIP>127.0.0.1</HostIP></Exception>
Error: (07/28/2018 11:03:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dsm_sa_eventmgr64.exe, verze: 5.9.5.3801, časové razítko: 0x4d39fb5a
Název chybujícího modulu: dcsupt64.dll, verze: 5.9.5.696, časové razítko: 0x4d39fa4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004750
ID chybujícího procesu: 0x614
Čas spuštění chybující aplikace: 0x01d42650d4f26f5d
Cesta k chybující aplikaci: C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
Cesta k chybujícímu modulu: C:\Program Files\Dell\SysMgt\shared\bin\dcsupt64.dll
ID zprávy: 0d7f0f6e-9245-11e8-ba83-001aa0ad2fdb
System errors:
=============
Error: (09/09/2018 02:10:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spy Emergency Health Check neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (09/09/2018 02:10:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adobe Genuine Software Integrity Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (09/09/2018 02:10:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adobe Genuine Monitor Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (09/09/2018 02:10:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:47:39, 9.9.2018) bylo neočekávané.
Error: (09/09/2018 02:07:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby DiagTrack bylo dosaženo časového limitu (30000 ms).
Error: (09/09/2018 02:06:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby dcstor64 bylo dosaženo časového limitu (30000 ms).
Error: (09/09/2018 11:58:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adobe Genuine Software Integrity Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (09/09/2018 11:58:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adobe Genuine Monitor Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
===================================
Date: 2018-07-06 14:46:08.457
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Date: 2018-07-06 14:46:08.457
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU 5160 @ 3.00GHz
Percentage of memory in use: 75%
Total physical RAM: 4093.65 MB
Available physical RAM: 1019.35 MB
Total Virtual: 10230.8 MB
Available Virtual: 5569.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:68.46 GB) NTFS
Drive e: (OLD) (Fixed) (Total:149.03 GB) (Free:60.63 GB) NTFS
Drive f: () (Fixed) (Total:69.82 GB) (Free:1.77 GB) NTFS
Drive g: (Starý disk) (Fixed) (Total:395.94 GB) (Free:86.34 GB) NTFS
Drive h: () (Fixed) (Total:232.88 GB) (Free:6.93 GB) NTFS
\\?\Volume{1f9603c2-8117-11e8-ab21-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 579A6D50)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 33B08E54)
Partition 1: (Active) - (Size=395.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=69.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 149.1 GB) (Disk ID: E8AE847D)
Partition 1: (Not Active) - (Size=149 GB) - (Type=0F Extended)
========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 3E778052)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
a log AdwCleaner Debug:
2018-09-09 16:19:28 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:19:31 : <INFO> [Button clicked] Scan
2018-09-09 16:19:31 : <INFO> [Scan] Started
2018-09-09 16:19:31 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:19:31 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:19:31 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:19:31 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:19:31 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:19:31 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:19:31 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:19:31 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:19:31 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:19:31 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:19:31 : <INFO> [Database] Downloading database
2018-09-09 16:19:31 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:19:31 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:19:31 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:19:31 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:19:31 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:19:31 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:19:31 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:19:31 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:19:31 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:19:31 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:19:32 : <INFO> [Database] Checking integrity
2018-09-09 16:19:32 : <INFO> [Database] Found 0 families
2018-09-09 16:19:32 : <INFO> [Database] Database v "2018-09-06.1"
2018-09-09 16:19:33 : <INFO> [Loading paths] Local paths loaded
2018-09-09 16:19:33 : <INFO> [Loading paths] Chrome paths loaded
2018-09-09 16:19:33 : <INFO> [Loading paths] User Keys loaded
2018-09-09 16:19:33 : <INFO> [Module added] Folder
2018-09-09 16:19:33 : <INFO> [Module added] File
2018-09-09 16:19:33 : <INFO> [Module added] URL
2018-09-09 16:19:33 : <INFO> [Module added] Service
2018-09-09 16:19:33 : <INFO> [Module added] TaskName
2018-09-09 16:19:33 : <INFO> [Module added] TaskContent
2018-09-09 16:19:33 : <INFO> [Module added] App Init
2018-09-09 16:19:33 : <INFO> [Module added] Classes
2018-09-09 16:19:33 : <INFO> [Module added] DNS
2018-09-09 16:19:33 : <INFO> [Module added] Firewall
2018-09-09 16:19:33 : <INFO> [Module added] GUID
2018-09-09 16:19:33 : <INFO> [Module added] IEPolicy
2018-09-09 16:19:33 : <INFO> [Module added] RegOther
2018-09-09 16:19:33 : <INFO> [Module added] ProductID
2018-09-09 16:19:33 : <INFO> [Module added] Software
2018-09-09 16:19:33 : <INFO> [Module added] Startup
2018-09-09 16:19:33 : <INFO> [Module added] Winlogon
2018-09-09 16:19:33 : <INFO> [Module added] WMI
2018-09-09 16:19:33 : <INFO> [Module added] Chromium
2018-09-09 16:19:33 : <INFO> [Module added] FF
2018-09-09 16:19:33 : <INFO> [Module added] RegGeneric
2018-09-09 16:19:33 : <INFO> [Module added] FileSystem
2018-09-09 16:19:33 : <INFO> [Module initialize] File/Folder
2018-09-09 16:19:33 : <INFO> [Module initialize] File/Folder
2018-09-09 16:19:33 : <INFO> [Module initialize] URL
2018-09-09 16:19:33 : <INFO> [Module initialize] Service
2018-09-09 16:19:33 : <INFO> [Module initialize] TaskName
2018-09-09 16:19:35 : <INFO> [Module initialize] TaskContent
2018-09-09 16:19:35 : <INFO> [Module initialize] App Init
2018-09-09 16:19:35 : <INFO> [Module initialize] Classes
2018-09-09 16:19:35 : <INFO> [Module initialize] DNS
2018-09-09 16:19:35 : <INFO> [Module initialize] Firewall
2018-09-09 16:19:35 : <INFO> [Module initialize] GUID
2018-09-09 16:19:35 : <INFO> [Module initialize] IEPolicy
2018-09-09 16:19:35 : <INFO> [Module initialize] RegOther
2018-09-09 16:19:35 : <INFO> [Module initialize] ProductID
2018-09-09 16:19:35 : <INFO> [Module initialize] Software
2018-09-09 16:19:35 : <INFO> [Module initialize] Startup
2018-09-09 16:19:35 : <INFO> [Module Initialized] Winlogon
2018-09-09 16:19:35 : <INFO> [Module initialized] WMI
2018-09-09 16:19:35 : <INFO> [Module initialize] Chromium
2018-09-09 16:19:35 : <INFO> [Module initialize] FF
2018-09-09 16:19:35 : <INFO> [Module initialize] RegGeneric
2018-09-09 16:19:35 : <INFO> [Module initialize] FileSystem
2018-09-09 16:19:35 : <INFO> [Module initialize] Scan Browser
2018-09-09 16:19:36 : <INFO> [Module initialize] Scan Browser FF
2018-09-09 16:19:36 : <INFO> [Module initialize] FF start pages loaded
2018-09-09 16:19:36 : <INFO> [Module initialize] FF search providers loaded
2018-09-09 16:19:36 : <INFO> [Module initialize] FF plugin list loaded
2018-09-09 16:19:36 : <INFO> [Scan] Exclusions loaded
2018-09-09 16:19:44 : <INFO> [Telemetry] Sending to Influx
2018-09-09 16:19:45 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2018-09-09 16:19:45 : <INFO> [SslCert] Issued to ("telemetry-01.adwc.fr33tux.org")
2018-09-09 16:19:45 : <INFO> [SslCert] Locality Name ()
2018-09-09 16:19:45 : <INFO> [SslCert] Organization ()
2018-09-09 16:19:45 : <INFO> [SslCert] Certificate EffectiveDate: "pá 8 3 09:04:38 2018 GMT"
2018-09-09 16:19:45 : <INFO> [SslCert] Certificate ExpirationDate: "et 11 1 09:04:38 2018 GMT"
2018-09-09 16:19:45 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:19:45 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:19:45 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:19:45 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:19:45 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2018-09-09 16:19:45 : <INFO> [Telemetry] Sending to DSE
2018-09-09 16:19:46 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:19:46 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:19:46 : <INFO> [SslCert] Locality Name ("San Jose")
2018-09-09 16:19:46 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2018-09-09 16:19:46 : <INFO> [SslCert] Certificate EffectiveDate: "et 2 22 00:00:00 2018 GMT"
2018-09-09 16:19:46 : <INFO> [SslCert] Certificate ExpirationDate: "st 4 22 12:00:00 2020 GMT"
2018-09-09 16:19:46 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:19:46 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:19:46 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:19:46 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:19:46 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2018-09-09 16:19:46 : <INFO> [Scan] Finished
2018-09-09 16:19:48 : <INFO> [Button clicked] View log
2018-09-09 16:20:39 : <INFO> [Button clicked] Basic repair
2018-09-09 16:20:58 : <INFO> [Button clicked] Generic button clicked [ 4 ]
2018-09-09 16:20:58 : <INFO> [Cleaning] Started
2018-09-09 16:20:58 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2018-09-09 16:20:58 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2018-09-09 16:21:12 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 16:21:13 : <INFO> [MBInstaller] Checking Iris
2018-09-09 16:21:13 : <INFO> [IRIS] Making request
2018-09-09 16:21:14 : <INFO> [Telemetry] Sending hello
2018-09-09 16:21:15 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:21:15 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:21:15 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:21:15 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:21:15 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:21:15 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:21:15 : <INFO> [SslCert] ALPN: None
2018-09-09 16:21:15 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:21:15 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:21:15 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:21:15 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:21:15 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:21:15 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:21:15 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:21:15 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:21:15 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:21:15 : <INFO> [SslCert] ALPN: None
2018-09-09 16:21:15 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:21:15 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:21:15 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:21:15 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 16:21:15 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 16:21:15 : <INFO> [IRIS] Failed
2018-09-09 16:21:17 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:21:17 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
2018-09-09 16:21:31 : <INFO> [Button clicked] Quarantine menu item
2018-09-09 16:21:32 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:21:35 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:21:38 : <INFO> [Application] Closing AdwCleaner
2018-09-09 16:24:58 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 16:25:01 : <INFO> [MBInstaller] Checking Iris
2018-09-09 16:25:01 : <INFO> [IRIS] Making request
2018-09-09 16:25:02 : <INFO> [Telemetry] Sending hello
2018-09-09 16:25:02 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:25:02 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:25:02 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:25:02 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:25:02 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:25:02 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:25:02 : <INFO> [SslCert] ALPN: None
2018-09-09 16:25:02 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:25:02 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:25:02 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:25:02 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:25:02 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:25:02 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:25:02 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:25:02 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:25:02 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:25:02 : <INFO> [SslCert] ALPN: None
2018-09-09 16:25:02 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:25:02 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:25:02 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:25:02 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 16:25:03 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 16:25:03 : <INFO> [IRIS] Failed
2018-09-09 16:25:05 : <INFO> [Button clicked] Settings menu item
2018-09-09 16:25:52 : <INFO> [Button clicked] Help menu item
2018-09-09 16:25:59 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:25:59 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
2018-09-09 16:26:01 : <INFO> [Button clicked] Quarantine menu item
2018-09-09 16:26:03 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:26:55 : <INFO> [Application] Closing AdwCleaner
2018-09-09 16:27:11 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 16:27:13 : <INFO> [MBInstaller] Checking Iris
2018-09-09 16:27:13 : <INFO> [IRIS] Making request
2018-09-09 16:27:13 : <INFO> [Telemetry] Sending hello
2018-09-09 16:27:14 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:27:14 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:27:14 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:27:14 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:27:14 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:27:14 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:27:14 : <INFO> [SslCert] ALPN: None
2018-09-09 16:27:14 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:14 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:14 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:14 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:27:14 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:27:14 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:27:14 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:27:14 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:27:14 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:27:14 : <INFO> [SslCert] ALPN: None
2018-09-09 16:27:14 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:14 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:14 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:14 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 16:27:15 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 16:27:15 : <INFO> [IRIS] Failed
2018-09-09 16:27:21 : <INFO> [Button clicked] Scan
2018-09-09 16:27:21 : <INFO> [Scan] Started
2018-09-09 16:27:22 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:27:22 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:27:22 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:27:22 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:27:22 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:27:22 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:27:22 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:27:22 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:22 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:22 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:22 : <INFO> [Database] Downloading database
2018-09-09 16:27:22 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:27:22 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:27:22 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:27:22 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:27:22 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:27:22 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:27:22 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:27:22 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:22 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:22 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:23 : <INFO> [Database] Checking integrity
2018-09-09 16:27:23 : <INFO> [Database] Found 0 families
2018-09-09 16:27:23 : <INFO> [Database] Database v "2018-09-06.1"
2018-09-09 16:27:24 : <INFO> [Loading paths] Local paths loaded
2018-09-09 16:27:24 : <INFO> [Loading paths] Chrome paths loaded
2018-09-09 16:27:24 : <INFO> [Loading paths] User Keys loaded
2018-09-09 16:27:24 : <INFO> [Module added] Folder
2018-09-09 16:27:24 : <INFO> [Module added] File
2018-09-09 16:27:24 : <INFO> [Module added] URL
2018-09-09 16:27:24 : <INFO> [Module added] Service
2018-09-09 16:27:24 : <INFO> [Module added] TaskName
2018-09-09 16:27:24 : <INFO> [Module added] TaskContent
2018-09-09 16:27:24 : <INFO> [Module added] App Init
2018-09-09 16:27:24 : <INFO> [Module added] Classes
2018-09-09 16:27:24 : <INFO> [Module added] DNS
2018-09-09 16:27:24 : <INFO> [Module added] Firewall
2018-09-09 16:27:24 : <INFO> [Module added] GUID
2018-09-09 16:27:24 : <INFO> [Module added] IEPolicy
2018-09-09 16:27:24 : <INFO> [Module added] RegOther
2018-09-09 16:27:24 : <INFO> [Module added] ProductID
2018-09-09 16:27:24 : <INFO> [Module added] Software
2018-09-09 16:27:24 : <INFO> [Module added] Startup
2018-09-09 16:27:24 : <INFO> [Module added] Winlogon
2018-09-09 16:27:24 : <INFO> [Module added] WMI
2018-09-09 16:27:24 : <INFO> [Module added] Chromium
2018-09-09 16:27:24 : <INFO> [Module added] FF
2018-09-09 16:27:24 : <INFO> [Module added] RegGeneric
2018-09-09 16:27:24 : <INFO> [Module added] FileSystem
2018-09-09 16:27:24 : <INFO> [Module initialize] File/Folder
2018-09-09 16:27:24 : <INFO> [Module initialize] File/Folder
2018-09-09 16:27:24 : <INFO> [Module initialize] URL
2018-09-09 16:27:25 : <INFO> [Module initialize] Service
2018-09-09 16:27:25 : <INFO> [Module initialize] TaskName
2018-09-09 16:27:26 : <INFO> [Module initialize] TaskContent
2018-09-09 16:27:26 : <INFO> [Module initialize] App Init
2018-09-09 16:27:26 : <INFO> [Module initialize] Classes
2018-09-09 16:27:26 : <INFO> [Module initialize] DNS
2018-09-09 16:27:26 : <INFO> [Module initialize] Firewall
2018-09-09 16:27:26 : <INFO> [Module initialize] GUID
2018-09-09 16:27:26 : <INFO> [Module initialize] IEPolicy
2018-09-09 16:27:26 : <INFO> [Module initialize] RegOther
2018-09-09 16:27:26 : <INFO> [Module initialize] ProductID
2018-09-09 16:27:26 : <INFO> [Module initialize] Software
2018-09-09 16:27:26 : <INFO> [Module initialize] Startup
2018-09-09 16:27:26 : <INFO> [Module Initialized] Winlogon
2018-09-09 16:27:26 : <INFO> [Module initialized] WMI
2018-09-09 16:27:26 : <INFO> [Module initialize] Chromium
2018-09-09 16:27:26 : <INFO> [Module initialize] FF
2018-09-09 16:27:26 : <INFO> [Module initialize] RegGeneric
2018-09-09 16:27:26 : <INFO> [Module initialize] FileSystem
2018-09-09 16:27:26 : <INFO> [Module initialize] Scan Browser
2018-09-09 16:27:27 : <INFO> [Module initialize] Scan Browser FF
2018-09-09 16:27:27 : <INFO> [Module initialize] FF start pages loaded
2018-09-09 16:27:27 : <INFO> [Module initialize] FF search providers loaded
2018-09-09 16:27:27 : <INFO> [Module initialize] FF plugin list loaded
2018-09-09 16:27:27 : <INFO> [Scan] Exclusions loaded
2018-09-09 16:27:35 : <INFO> [Telemetry] Sending to Influx
2018-09-09 16:27:36 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2018-09-09 16:27:36 : <INFO> [SslCert] Issued to ("telemetry-01.adwc.fr33tux.org")
2018-09-09 16:27:36 : <INFO> [SslCert] Locality Name ()
2018-09-09 16:27:36 : <INFO> [SslCert] Organization ()
2018-09-09 16:27:36 : <INFO> [SslCert] Certificate EffectiveDate: "pá 8 3 09:04:38 2018 GMT"
2018-09-09 16:27:36 : <INFO> [SslCert] Certificate ExpirationDate: "et 11 1 09:04:38 2018 GMT"
2018-09-09 16:27:36 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:27:36 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:36 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:36 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:36 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2018-09-09 16:27:36 : <INFO> [Telemetry] Sending to DSE
2018-09-09 16:27:38 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:27:38 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:27:38 : <INFO> [SslCert] Locality Name ("San Jose")
2018-09-09 16:27:38 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2018-09-09 16:27:38 : <INFO> [SslCert] Certificate EffectiveDate: "et 2 22 00:00:00 2018 GMT"
2018-09-09 16:27:38 : <INFO> [SslCert] Certificate ExpirationDate: "st 4 22 12:00:00 2020 GMT"
2018-09-09 16:27:38 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:27:38 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:27:38 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:27:38 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:27:38 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2018-09-09 16:27:38 : <INFO> [Scan] Finished
2018-09-09 16:27:45 : <INFO> [Button clicked] Basic repair
2018-09-09 16:27:49 : <INFO> [Button clicked] Generic button clicked [ 4 ]
2018-09-09 16:27:49 : <INFO> [Cleaning] Started
2018-09-09 16:27:49 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2018-09-09 16:27:49 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2018-09-09 16:27:59 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 16:28:00 : <INFO> [MBInstaller] Checking Iris
2018-09-09 16:28:00 : <INFO> [IRIS] Making request
2018-09-09 16:28:01 : <INFO> [Telemetry] Sending hello
2018-09-09 16:28:02 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:28:02 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:28:02 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:28:02 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:28:02 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:28:02 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:28:02 : <INFO> [SslCert] ALPN: None
2018-09-09 16:28:02 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:28:02 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:28:02 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:28:02 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:28:02 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:28:02 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:28:02 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:28:02 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:28:02 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:28:02 : <INFO> [SslCert] ALPN: None
2018-09-09 16:28:02 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:28:02 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:28:02 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:28:02 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 16:28:02 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 16:28:02 : <INFO> [IRIS] Failed
2018-09-09 16:28:03 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:28:03 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
2018-09-09 16:29:44 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:29:46 : <INFO> [Button clicked] Quarantine menu item
2018-09-09 16:29:47 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:29:51 : <INFO> [Button clicked] Scan
2018-09-09 16:29:51 : <INFO> [Scan] Started
2018-09-09 16:29:52 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:29:52 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:29:52 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:29:52 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:29:52 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:29:52 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:29:52 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:29:52 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:29:52 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:29:52 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:29:52 : <INFO> [Database] Downloading database
2018-09-09 16:29:52 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:29:52 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:29:52 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:29:52 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:29:52 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:29:52 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:29:52 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:29:52 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:29:52 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:29:52 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:29:53 : <INFO> [Database] Checking integrity
2018-09-09 16:29:53 : <INFO> [Database] Found 0 families
2018-09-09 16:29:53 : <INFO> [Database] Database v "2018-09-06.1"
2018-09-09 16:29:54 : <INFO> [Loading paths] Local paths loaded
2018-09-09 16:29:54 : <INFO> [Loading paths] Chrome paths loaded
2018-09-09 16:29:54 : <INFO> [Loading paths] User Keys loaded
2018-09-09 16:29:54 : <INFO> [Module added] Folder
2018-09-09 16:29:54 : <INFO> [Module added] File
2018-09-09 16:29:54 : <INFO> [Module added] URL
2018-09-09 16:29:54 : <INFO> [Module added] Service
2018-09-09 16:29:54 : <INFO> [Module added] TaskName
2018-09-09 16:29:54 : <INFO> [Module added] TaskContent
2018-09-09 16:29:54 : <INFO> [Module added] App Init
2018-09-09 16:29:54 : <INFO> [Module added] Classes
2018-09-09 16:29:54 : <INFO> [Module added] DNS
2018-09-09 16:29:54 : <INFO> [Module added] Firewall
2018-09-09 16:29:54 : <INFO> [Module added] GUID
2018-09-09 16:29:54 : <INFO> [Module added] IEPolicy
2018-09-09 16:29:54 : <INFO> [Module added] RegOther
2018-09-09 16:29:54 : <INFO> [Module added] ProductID
2018-09-09 16:29:54 : <INFO> [Module added] Software
2018-09-09 16:29:54 : <INFO> [Module added] Startup
2018-09-09 16:29:54 : <INFO> [Module added] Winlogon
2018-09-09 16:29:54 : <INFO> [Module added] WMI
2018-09-09 16:29:54 : <INFO> [Module added] Chromium
2018-09-09 16:29:54 : <INFO> [Module added] FF
2018-09-09 16:29:54 : <INFO> [Module added] RegGeneric
2018-09-09 16:29:54 : <INFO> [Module added] FileSystem
2018-09-09 16:29:54 : <INFO> [Module initialize] File/Folder
2018-09-09 16:29:54 : <INFO> [Module initialize] File/Folder
2018-09-09 16:29:54 : <INFO> [Module initialize] URL
2018-09-09 16:29:54 : <INFO> [Module initialize] Service
2018-09-09 16:29:54 : <INFO> [Module initialize] TaskName
2018-09-09 16:29:55 : <INFO> [Module initialize] TaskContent
2018-09-09 16:29:55 : <INFO> [Module initialize] App Init
2018-09-09 16:29:55 : <INFO> [Module initialize] Classes
2018-09-09 16:29:55 : <INFO> [Module initialize] DNS
2018-09-09 16:29:55 : <INFO> [Module initialize] Firewall
2018-09-09 16:29:55 : <INFO> [Module initialize] GUID
2018-09-09 16:29:55 : <INFO> [Module initialize] IEPolicy
2018-09-09 16:29:55 : <INFO> [Module initialize] RegOther
2018-09-09 16:29:55 : <INFO> [Module initialize] ProductID
2018-09-09 16:29:55 : <INFO> [Module initialize] Software
2018-09-09 16:29:55 : <INFO> [Module initialize] Startup
2018-09-09 16:29:55 : <INFO> [Module Initialized] Winlogon
2018-09-09 16:29:55 : <INFO> [Module initialized] WMI
2018-09-09 16:29:55 : <INFO> [Module initialize] Chromium
2018-09-09 16:29:55 : <INFO> [Module initialize] FF
2018-09-09 16:29:55 : <INFO> [Module initialize] RegGeneric
2018-09-09 16:29:55 : <INFO> [Module initialize] FileSystem
2018-09-09 16:29:55 : <INFO> [Module initialize] Scan Browser
2018-09-09 16:29:57 : <INFO> [Module initialize] Scan Browser FF
2018-09-09 16:29:57 : <INFO> [Module initialize] FF start pages loaded
2018-09-09 16:29:57 : <INFO> [Module initialize] FF search providers loaded
2018-09-09 16:29:57 : <INFO> [Module initialize] FF plugin list loaded
2018-09-09 16:29:57 : <INFO> [Scan] Exclusions loaded
2018-09-09 16:30:05 : <INFO> [Telemetry] Sending to Influx
2018-09-09 16:30:05 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2018-09-09 16:30:05 : <INFO> [SslCert] Issued to ("telemetry-01.adwc.fr33tux.org")
2018-09-09 16:30:05 : <INFO> [SslCert] Locality Name ()
2018-09-09 16:30:05 : <INFO> [SslCert] Organization ()
2018-09-09 16:30:05 : <INFO> [SslCert] Certificate EffectiveDate: "pá 8 3 09:04:38 2018 GMT"
2018-09-09 16:30:05 : <INFO> [SslCert] Certificate ExpirationDate: "et 11 1 09:04:38 2018 GMT"
2018-09-09 16:30:05 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:05 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:05 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:05 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:05 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2018-09-09 16:30:05 : <INFO> [Telemetry] Sending to DSE
2018-09-09 16:30:07 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:30:07 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:30:07 : <INFO> [SslCert] Locality Name ("San Jose")
2018-09-09 16:30:07 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2018-09-09 16:30:07 : <INFO> [SslCert] Certificate EffectiveDate: "et 2 22 00:00:00 2018 GMT"
2018-09-09 16:30:07 : <INFO> [SslCert] Certificate ExpirationDate: "st 4 22 12:00:00 2020 GMT"
2018-09-09 16:30:07 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:07 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:07 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:07 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:07 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2018-09-09 16:30:07 : <INFO> [Scan] Finished
2018-09-09 16:30:09 : <INFO> [Button clicked] Basic repair
2018-09-09 16:30:13 : <INFO> [Button clicked] Cancel
2018-09-09 16:30:16 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:30:16 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
2018-09-09 16:30:21 : <INFO> [Button clicked] Quarantine menu item
2018-09-09 16:30:22 : <INFO> [Button clicked] Dashboard menu item
2018-09-09 16:30:23 : <INFO> [Button clicked] Scan
2018-09-09 16:30:23 : <INFO> [Scan] Started
2018-09-09 16:30:24 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:30:24 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:30:24 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:30:24 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:30:24 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:30:24 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:30:24 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:24 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:24 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:24 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:24 : <INFO> [Database] Downloading database
2018-09-09 16:30:25 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:30:25 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:30:25 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:30:25 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:30:25 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:30:25 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:30:25 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:25 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:25 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:25 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:27 : <INFO> [Database] Checking integrity
2018-09-09 16:30:27 : <INFO> [Database] Found 0 families
2018-09-09 16:30:27 : <INFO> [Database] Database v "2018-09-06.1"
2018-09-09 16:30:27 : <INFO> [Loading paths] Local paths loaded
2018-09-09 16:30:27 : <INFO> [Loading paths] Chrome paths loaded
2018-09-09 16:30:27 : <INFO> [Loading paths] User Keys loaded
2018-09-09 16:30:27 : <INFO> [Module added] Folder
2018-09-09 16:30:27 : <INFO> [Module added] File
2018-09-09 16:30:27 : <INFO> [Module added] URL
2018-09-09 16:30:27 : <INFO> [Module added] Service
2018-09-09 16:30:27 : <INFO> [Module added] TaskName
2018-09-09 16:30:27 : <INFO> [Module added] TaskContent
2018-09-09 16:30:27 : <INFO> [Module added] App Init
2018-09-09 16:30:27 : <INFO> [Module added] Classes
2018-09-09 16:30:27 : <INFO> [Module added] DNS
2018-09-09 16:30:27 : <INFO> [Module added] Firewall
2018-09-09 16:30:27 : <INFO> [Module added] GUID
2018-09-09 16:30:27 : <INFO> [Module added] IEPolicy
2018-09-09 16:30:27 : <INFO> [Module added] RegOther
2018-09-09 16:30:27 : <INFO> [Module added] ProductID
2018-09-09 16:30:27 : <INFO> [Module added] Software
2018-09-09 16:30:27 : <INFO> [Module added] Startup
2018-09-09 16:30:27 : <INFO> [Module added] Winlogon
2018-09-09 16:30:27 : <INFO> [Module added] WMI
2018-09-09 16:30:27 : <INFO> [Module added] Chromium
2018-09-09 16:30:27 : <INFO> [Module added] FF
2018-09-09 16:30:27 : <INFO> [Module added] RegGeneric
2018-09-09 16:30:27 : <INFO> [Module added] FileSystem
2018-09-09 16:30:27 : <INFO> [Module initialize] File/Folder
2018-09-09 16:30:27 : <INFO> [Module initialize] File/Folder
2018-09-09 16:30:28 : <INFO> [Module initialize] URL
2018-09-09 16:30:28 : <INFO> [Module initialize] Service
2018-09-09 16:30:28 : <INFO> [Module initialize] TaskName
2018-09-09 16:30:29 : <INFO> [Module initialize] TaskContent
2018-09-09 16:30:29 : <INFO> [Module initialize] App Init
2018-09-09 16:30:29 : <INFO> [Module initialize] Classes
2018-09-09 16:30:29 : <INFO> [Module initialize] DNS
2018-09-09 16:30:29 : <INFO> [Module initialize] Firewall
2018-09-09 16:30:29 : <INFO> [Module initialize] GUID
2018-09-09 16:30:29 : <INFO> [Module initialize] IEPolicy
2018-09-09 16:30:29 : <INFO> [Module initialize] RegOther
2018-09-09 16:30:29 : <INFO> [Module initialize] ProductID
2018-09-09 16:30:29 : <INFO> [Module initialize] Software
2018-09-09 16:30:29 : <INFO> [Module initialize] Startup
2018-09-09 16:30:29 : <INFO> [Module Initialized] Winlogon
2018-09-09 16:30:29 : <INFO> [Module initialized] WMI
2018-09-09 16:30:29 : <INFO> [Module initialize] Chromium
2018-09-09 16:30:29 : <INFO> [Module initialize] FF
2018-09-09 16:30:29 : <INFO> [Module initialize] RegGeneric
2018-09-09 16:30:29 : <INFO> [Module initialize] FileSystem
2018-09-09 16:30:29 : <INFO> [Module initialize] Scan Browser
2018-09-09 16:30:30 : <INFO> [Module initialize] Scan Browser FF
2018-09-09 16:30:30 : <INFO> [Module initialize] FF start pages loaded
2018-09-09 16:30:30 : <INFO> [Module initialize] FF search providers loaded
2018-09-09 16:30:30 : <INFO> [Module initialize] FF plugin list loaded
2018-09-09 16:30:30 : <INFO> [Scan] Exclusions loaded
2018-09-09 16:30:39 : <INFO> [Telemetry] Sending to Influx
2018-09-09 16:30:39 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2018-09-09 16:30:39 : <INFO> [SslCert] Issued to ("telemetry-01.adwc.fr33tux.org")
2018-09-09 16:30:39 : <INFO> [SslCert] Locality Name ()
2018-09-09 16:30:39 : <INFO> [SslCert] Organization ()
2018-09-09 16:30:39 : <INFO> [SslCert] Certificate EffectiveDate: "pá 8 3 09:04:38 2018 GMT"
2018-09-09 16:30:39 : <INFO> [SslCert] Certificate ExpirationDate: "et 11 1 09:04:38 2018 GMT"
2018-09-09 16:30:39 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:39 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:39 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:39 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:39 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2018-09-09 16:30:39 : <INFO> [Telemetry] Sending to DSE
2018-09-09 16:30:40 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:30:40 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:30:40 : <INFO> [SslCert] Locality Name ("San Jose")
2018-09-09 16:30:40 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2018-09-09 16:30:40 : <INFO> [SslCert] Certificate EffectiveDate: "et 2 22 00:00:00 2018 GMT"
2018-09-09 16:30:40 : <INFO> [SslCert] Certificate ExpirationDate: "st 4 22 12:00:00 2020 GMT"
2018-09-09 16:30:40 : <INFO> [SslCert] ALPN: Yes
2018-09-09 16:30:40 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:30:40 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:30:40 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:30:40 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2018-09-09 16:30:40 : <INFO> [Scan] Finished
2018-09-09 16:30:42 : <INFO> [Button clicked] Basic repair
2018-09-09 16:30:44 : <INFO> [Button clicked] Generic button clicked [ 1 ]
2018-09-09 16:30:44 : <INFO> [Cleaning] Started
2018-09-09 16:30:44 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2018-09-09 16:30:44 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2018-09-09 16:30:58 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 16:30:59 : <INFO> [MBInstaller] Checking Iris
2018-09-09 16:30:59 : <INFO> [IRIS] Making request
2018-09-09 16:31:00 : <INFO> [Telemetry] Sending hello
2018-09-09 16:31:01 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:31:01 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:31:01 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:31:01 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:31:01 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:31:01 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:31:01 : <INFO> [SslCert] ALPN: None
2018-09-09 16:31:01 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:31:01 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:31:01 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:31:01 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 16:31:01 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 16:31:01 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 16:31:01 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 16:31:01 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 16:31:01 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 16:31:01 : <INFO> [SslCert] ALPN: None
2018-09-09 16:31:01 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 16:31:01 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 16:31:01 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 16:31:01 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 16:31:01 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 16:31:01 : <INFO> [IRIS] Failed
2018-09-09 16:31:02 : <INFO> [Button clicked] Log files menu item
2018-09-09 16:31:02 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
2018-09-09 16:36:14 : <INFO> [Application] Closing AdwCleaner
2018-09-09 19:40:34 : <INFO> [Application] AdwCleaner 7 . 2 . 3 launched
2018-09-09 19:40:36 : <INFO> [MBInstaller] Checking Iris
2018-09-09 19:40:36 : <INFO> [IRIS] Making request
2018-09-09 19:40:37 : <INFO> [Telemetry] Sending hello
2018-09-09 19:40:38 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 19:40:38 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 19:40:38 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 19:40:38 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 19:40:38 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 19:40:38 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 19:40:38 : <INFO> [SslCert] ALPN: None
2018-09-09 19:40:38 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 19:40:38 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 19:40:38 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 19:40:38 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2018-09-09 19:40:38 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2018-09-09 19:40:38 : <INFO> [SslCert] Locality Name ("Santa Clara")
2018-09-09 19:40:38 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2018-09-09 19:40:38 : <INFO> [SslCert] Certificate EffectiveDate: "po 10 2 00:00:00 2017 GMT"
2018-09-09 19:40:38 : <INFO> [SslCert] Certificate ExpirationDate: "út 10 6 12:00:00 2020 GMT"
2018-09-09 19:40:38 : <INFO> [SslCert] ALPN: None
2018-09-09 19:40:38 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2018-09-09 19:40:38 : <INFO> [SslCert] KXE: "ECDH"
2018-09-09 19:40:38 : <INFO> [SslCert] Protocol: "TLSv1.2"
2018-09-09 19:40:38 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2018-09-09 19:40:38 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2018-09-09 19:40:38 : <INFO> [IRIS] Failed
2018-09-09 19:40:39 : <INFO> [Button clicked] Log files menu item
2018-09-09 19:40:39 : <WARNING> QSortFilterProxyModel: invalid inserted rows reported by source model
Re: Problém při startu Windows
Zde jsou nové logy FRST(v předchozí zprávě jsou starší logy z dnešního opoledne):
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.09.2018
Ran by Dan (administrator) on DAN-PC (09-09-2018 21:51:42)
Running from G:\PROGRAMY
Loaded Profiles: Dan (Available Profiles: Dan)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\pcdrwi.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_181\launch4j-tmp\frd.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe [424448 2007-05-06] (SigmaTel, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178504 2018-07-25] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\MountPoints2: {4be4e01f-8134-11e8-a708-001aa0ad2fdb} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2018-07-06]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 100.100.100.1 0.0.0.0
Tcpip\..\Interfaces\{DA9DCABD-9F01-4DA9-BC91-C1DB42FA9DE8}: [DhcpNameServer] 100.100.100.1 0.0.0.0
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-23] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: fifkgai9.default
FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default [2018-09-09]
FF Homepage: Mozilla\Firefox\Profiles\fifkgai9.default -> hxxps://mail.google.com/mail/u/0/#inbox
FF Session Restore: Mozilla\Firefox\Profiles\fifkgai9.default -> is enabled.
FF Extension: (To Google Translate) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-07]
FF Extension: (Screengrab!) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2018-07-06]
FF Extension: (HTML Validator) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}.xpi [2018-07-06]
FF Extension: (Web Developer) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2018-07-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-09-01] ()
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-09-01] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-06] (NVIDIA Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 dcevt64; C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe [222168 2011-01-21] (Dell Inc.)
S2 dcstor64; C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr64.exe [293336 2011-01-21] (Dell Inc.)
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
S2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe [935744 2018-07-16] (PC-Doctor, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S2 NVWMI; C:\Windows\system32\nvwmi64.exe [4175928 2017-02-15] (NVIDIA Corporation)
S2 STacSV; C:\Windows\system32\STacSV64.exe [112128 2007-05-06] (SigmaTel, Inc.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45016 2018-07-08] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2010-11-25] (Dell Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-25] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109920 2018-07-25] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-07-25] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50144 2018-07-25] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-07-25] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61552 2018-07-25] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [110376 2018-07-25] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-07-12] (Malwarebytes)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193256 2018-09-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [117472 2018-09-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [52328 2018-09-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [98616 2018-09-09] (Malwarebytes)
R3 STHDA; C:\Windows\System32\drivers\stwrt64.sys [388096 2007-05-06] (SigmaTel, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-09 18:27 - 2018-09-09 17:47 - 007571152 _____ (Malwarebytes) C:\Users\Dan\Desktop\hdtunepro_560_trial.exe
2018-09-09 17:48 - 2018-09-09 18:16 - 000000000 ____D C:\AdwCleaner
2018-09-09 17:47 - 2018-09-09 17:47 - 000000085 _____ C:\Windows\wininit.ini
2018-09-09 15:28 - 2018-09-09 21:51 - 000000000 ____D C:\FRST
2018-09-09 12:40 - 2018-09-09 18:22 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-09-09 12:40 - 2018-09-09 17:47 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2018-09-09 12:28 - 2018-09-09 12:28 - 000000000 ____D C:\Users\Dan\AppData\Local\mbam
2018-09-09 12:27 - 2018-09-09 21:29 - 000098616 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-09-09 12:27 - 2018-09-09 18:23 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-09 12:27 - 2018-09-09 18:23 - 000117472 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-09-09 12:27 - 2018-09-09 18:23 - 000052328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-09-09 12:27 - 2018-09-09 12:27 - 000193256 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-09-09 12:27 - 2018-09-09 12:27 - 000001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-09 12:27 - 2018-09-09 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-09 12:27 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-09 12:26 - 2018-09-09 12:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-09 12:26 - 2018-09-09 12:26 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-09 09:14 - 2018-09-09 09:16 - 000960592 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-06 16:59 - 2018-09-06 17:44 - 000029338 _____ C:\Users\Dan\Documents\rodina_Málkova.cdr
2018-09-06 16:59 - 2018-09-06 16:59 - 000063227 _____ C:\Users\Dan\Documents\Backup_of_rodina_Málkova.cdr
2018-09-06 15:24 - 2018-09-06 15:24 - 000235669 _____ C:\Users\Dan\Documents\Zadost_o_vraceni_RO.pdf
2018-09-01 23:07 - 2018-09-09 18:30 - 000000000 ____D C:\Users\Dan\AppData\Local\CrashDumps
2018-09-01 11:24 - 2018-09-09 09:39 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-01 11:24 - 2018-09-01 11:24 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-01 11:24 - 2018-09-01 11:24 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-01 11:24 - 2018-09-01 11:24 - 000004520 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-01 11:24 - 2018-09-01 11:24 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-09-01 11:24 - 2018-09-01 11:24 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-01 11:24 - 2018-09-01 11:24 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Macromedia
2018-09-01 10:06 - 2018-09-03 01:22 - 000000000 ____D C:\Users\Dan\AppData\Roaming\AIMP
2018-09-01 10:06 - 2018-09-01 10:06 - 000000895 _____ C:\Users\Public\Desktop\AIMP.lnk
2018-09-01 10:06 - 2018-09-01 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2018-09-01 10:05 - 2018-09-01 10:06 - 000000000 ____D C:\Program Files (x86)\AIMP
2018-08-28 13:26 - 2018-08-28 13:26 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt
2018-08-14 19:21 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-14 19:21 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-14 19:21 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-14 19:21 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-14 19:21 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-14 19:21 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-14 19:21 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-14 19:21 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-14 19:21 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-14 19:21 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-14 19:21 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-14 19:21 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-14 19:21 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 19:21 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-14 19:21 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-14 19:21 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-14 19:21 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-14 19:21 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-14 19:21 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-14 19:21 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-14 19:21 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-14 19:21 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-14 19:21 - 2018-07-20 01:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-14 19:21 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-14 19:21 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-14 19:21 - 2018-07-19 06:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-14 19:21 - 2018-07-19 06:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-14 19:21 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-14 19:21 - 2018-07-19 06:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-14 19:21 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-14 19:21 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-14 19:21 - 2018-07-19 06:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-14 19:21 - 2018-07-19 06:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-14 19:21 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-14 19:21 - 2018-07-19 06:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-14 19:21 - 2018-07-19 06:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-14 19:21 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-14 19:21 - 2018-07-19 06:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-14 19:21 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-14 19:21 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-14 19:21 - 2018-07-19 06:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-14 19:21 - 2018-07-19 06:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-14 19:21 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-14 19:21 - 2018-07-19 06:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-14 19:21 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-14 19:21 - 2018-07-19 06:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-14 19:21 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-14 19:21 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-14 19:21 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-14 19:21 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-14 19:21 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-14 19:21 - 2018-07-19 06:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-14 19:21 - 2018-07-19 06:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-14 19:21 - 2018-07-19 05:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-14 19:21 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-14 19:21 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-14 19:21 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-14 19:21 - 2018-07-19 05:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-14 19:21 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-14 19:21 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-14 19:21 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-14 19:21 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-14 19:21 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-14 19:21 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-14 19:21 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-14 19:21 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-14 19:21 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-14 19:21 - 2018-07-19 05:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-14 19:21 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-14 19:21 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-14 19:21 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-14 19:21 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-14 19:21 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-14 19:21 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-14 19:21 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-14 19:21 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-14 19:21 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-14 19:21 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-14 19:21 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-14 19:21 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-14 19:21 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-14 19:21 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-14 19:21 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-14 19:21 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-14 19:21 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-14 19:21 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-14 19:21 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-14 19:21 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-14 19:21 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-14 19:21 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-14 19:21 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-14 19:21 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-14 19:21 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-14 19:21 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-14 19:21 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-14 19:21 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-14 19:21 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-14 19:21 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-14 19:21 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-14 19:21 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-14 19:21 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-14 19:21 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-14 19:21 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-14 19:21 - 2018-06-29 17:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-14 19:21 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-14 19:21 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-14 19:21 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-14 19:21 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-14 19:21 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-14 19:21 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-14 19:21 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-14 19:21 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-14 19:21 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-09 21:51 - 2018-07-06 18:26 - 000000000 ____D C:\Users\Dan\AppData\Roaming\vlc
2018-09-09 18:40 - 2009-07-14 06:45 - 000018272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-09 18:40 - 2009-07-14 06:45 - 000018272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-09 18:31 - 2018-07-06 15:12 - 000000000 ____D C:\Users\Dan\AppData\LocalLow\Mozilla
2018-09-09 18:30 - 2018-07-06 15:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-09 18:28 - 2009-07-14 17:18 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-09-09 18:28 - 2009-07-14 17:18 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-09-09 18:28 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-09 18:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-09 18:23 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-09 12:26 - 2018-07-06 14:48 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-09 11:55 - 2018-07-06 18:06 - 000000000 ____D C:\Users\Dan\AppData\Local\ElevatedDiagnostics
2018-09-08 20:53 - 2018-07-06 23:25 - 000000000 ____D C:\Users\Dan\AppData\Roaming\uTorrent
2018-09-08 18:45 - 2018-07-23 18:21 - 000000148 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-09-08 09:10 - 2018-07-06 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-07 10:36 - 2018-07-06 15:11 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-07 10:36 - 2018-07-06 15:11 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-07 10:36 - 2018-07-06 15:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-05 22:59 - 2018-07-06 20:14 - 000004208 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-09-05 14:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-09-04 06:47 - 2018-07-13 17:12 - 000000000 ____D C:\Users\Dan\AppData\Roaming\XnViewMP
2018-09-03 13:55 - 2018-07-06 18:26 - 000000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-01 11:24 - 2018-07-06 15:56 - 000000000 ____D C:\Users\Dan\AppData\Local\Adobe
2018-08-16 12:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-08-14 21:03 - 2018-07-06 14:49 - 000000000 ____D C:\Windows\system32\MRT
2018-08-14 20:59 - 2018-07-06 16:59 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Files in the root of some directories =======
2018-07-07 13:32 - 2018-07-07 13:32 - 000000033 _____ () C:\Users\Dan\AppData\Roaming\AdobeWLCMCache.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-05 09:17
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by Dan (09-09-2018 21:52:20)
Running from G:\PROGRAMY
Windows 7 Professional Service Pack 1 (X64) (2018-07-06 12:28:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2513878808-783942235-2138259458-500 - Administrator - Disabled)
Dan (S-1-5-21-2513878808-783942235-2138259458-1000 - Administrator - Enabled) => C:\Users\Dan
Guest (S-1-5-21-2513878808-783942235-2138259458-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2513878808-783942235-2138259458-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2080, 07.07.2018 - AIMP DevTeam)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.9.2 - CrystalIDEA Software)
Dell Client Configuration Toolkit (HKLM-x32\...\{C8EA30FC-B20B-465E-9D8A-CDDC09EA72D4}) (Version: 2.0.1 - Dell)
Dell OpenManage Client Instrumentation (HKLM\...\{47F8D37E-D1F2-44E2-8920-40FAB519A624}) (Version: 8.0.1.150 - Dell)
Dell SupportAssist (HKLM\...\{4CB4741A-20C1-454E-8276-993D06A76D67}) (Version: 2.2.3.2 - Dell Inc.)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.23) (Version: 9.23 - Artifex Software Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
LibreOffice 6.0.5.2 (HKLM\...\{9645CDEF-085C-45F7-A3CD-B4B7046EF78C}) (Version: 6.0.5.2 - The Document Foundation)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 62.0 (x64 cs) (HKLM\...\Mozilla Firefox 62.0 (x64 cs)) (Version: 62.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.9 - F.J. Wechselberger)
NetSpot (HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\a6e43da6e76c5494) (Version: 2.8.1.600 - Etwok LLC)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA nView 148.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.47 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.84 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.84 - NVIDIA Corporation)
NVIDIA WMI 2.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.29.0 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.84 - NVIDIA Corporation) Hidden
SigmaTel Audio (HKLM-x32\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5102.0 - SigmaTel)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XnViewMP 0.90 (HKLM\...\XnViewMP_is1) (Version: 0.90 - Gougelet Pierre-e)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-09-01] (AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-06-30] ()
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1-x32: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-09-01] (AIMP DevTeam)
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2017-02-15] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-02-06] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BC9690E-2459-401B-AC2D-CC28F8CDFBB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-01] (Adobe Systems Incorporated)
Task: {2A368F58-5F46-4015-9A98-447F2ED0C0AC} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-07-08] (Dell Inc.)
Task: {AA7BE2D1-3D92-491B-B2A2-750003E5A90A} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2017-02-15] ()
Task: {FDE8D1C8-745C-417D-8CC6-360BDFFF6CD4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-09-01] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-06-30 14:51 - 2018-06-30 14:51 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-07-06 14:31 - 2017-02-15 03:40 - 000794680 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2018-09-09 12:27 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-09 12:27 - 2018-08-06 14:20 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-07-06 21:44 - 2017-02-06 23:32 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-07-16 23:15 - 2018-07-16 23:15 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\libprotobuf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 100.100.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{093A559A-2E05-4A30-B171-CA9AC652C76F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3CBF6085-1152-4660-85E1-E16A9AED6841}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{532159F4-118F-4A92-B9F0-C6C1FCF73A1E}] => (Allow) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D269E5CA-7ADA-4385-B46D-9C7A46215B4D}] => (Allow) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
==================== Restore Points =========================
21-08-2018 19:10:09 Windows Update
26-08-2018 09:41:41 Windows Update
01-09-2018 09:22:41 Windows Update
04-09-2018 15:20:29 Windows Update
08-09-2018 09:25:54 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/09/2018 06:30:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Název chybujícího modulu: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Kód výjimky: 0xc0000005
Posun chyby: 0x00098c0e
ID chybujícího procesu: 0xe44
Čas spuštění chybující aplikace: 0x01d4485a122836cc
Cesta k chybující aplikaci: C:\Users\Dan\Desktop\hdtunepro_560_trial.exe
Cesta k chybujícímu modulu: C:\Users\Dan\Desktop\hdtunepro_560_trial.exe
ID zprávy: b38450bc-b44d-11e8-8ca9-001aa0ad2fdb
Error: (09/09/2018 06:27:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Název chybujícího modulu: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Kód výjimky: 0xc0000005
Posun chyby: 0x00098c0e
ID chybujícího procesu: 0x15c0
Čas spuštění chybující aplikace: 0x01d44859f4454e87
Cesta k chybující aplikaci: C:\Users\Dan\Desktop\hdtunepro_560_trial.exe
Cesta k chybujícímu modulu: C:\Users\Dan\Desktop\hdtunepro_560_trial.exe
ID zprávy: 4aa22073-b44d-11e8-8ca9-001aa0ad2fdb
Error: (09/09/2018 06:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Název chybujícího modulu: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Kód výjimky: 0xc0000005
Posun chyby: 0x00098c0e
ID chybujícího procesu: 0x7f4
Čas spuštění chybující aplikace: 0x01d44858bdd5d6a5
Cesta k chybující aplikaci: G:\PROGRAMY\hdtunepro_560_trial.exe
Cesta k chybujícímu modulu: G:\PROGRAMY\hdtunepro_560_trial.exe
ID zprávy: 55a13adc-b44c-11e8-a96b-001aa0ad2fdb
Error: (09/09/2018 06:17:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Název chybujícího modulu: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Kód výjimky: 0xc0000005
Posun chyby: 0x00098c0e
ID chybujícího procesu: 0x1b80
Čas spuštění chybující aplikace: 0x01d448549279cee8
Cesta k chybující aplikaci: G:\PROGRAMY\hdtunepro_560_trial.exe
Cesta k chybujícímu modulu: G:\PROGRAMY\hdtunepro_560_trial.exe
ID zprávy: de739595-b44b-11e8-a96b-001aa0ad2fdb
Error: (09/04/2018 03:24:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dsm_sa_eventmgr64.exe, verze: 5.9.5.3801, časové razítko: 0x4d39fb5a
Název chybujícího modulu: dcsupt64.dll, verze: 5.9.5.696, časové razítko: 0x4d39fa4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004750
ID chybujícího procesu: 0x6fc
Čas spuštění chybující aplikace: 0x01d444518d853586
Cesta k chybující aplikaci: C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
Cesta k chybujícímu modulu: C:\Program Files\Dell\SysMgt\shared\bin\dcsupt64.dll
ID zprávy: c8df51cc-b045-11e8-823d-001aa0ad2fdb
Error: (09/04/2018 06:36:24 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[Vzdálený název nelze rozpoznat: 'downloads.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ v System.Net.HttpWebRequest.GetResponse()
v eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="6CWN13J" SMBIOSMajVer="2" SMBIOSMinVer="3" SMBIOSBIOSVer="A08" SMBIOSPresent="True" Rel_Date="20080425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Precision WorkStation 490" Ident_Num="DAN-PC" TimeZone="(UTC+01:00) Praha, Bratislava, Budapešť, Bělehrad, Lublaň" OSName="Microsoft Windows 7 Professional"/><HostIP>169.254.211.187</HostIP></Exception>
Error: (09/01/2018 11:07:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000004120fae
ID chybujícího procesu: 0x630
Čas spuštění chybující aplikace: 0x01d441c42c2c40fa
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 06460c12-ae2b-11e8-8a27-001aa0ad2fdb
Error: (09/01/2018 11:07:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000004120fae
ID chybujícího procesu: 0x630
Čas spuštění chybující aplikace: 0x01d441c42c2c40fa
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 026cbb15-ae2b-11e8-8a27-001aa0ad2fdb
System errors:
=============
Error: (09/09/2018 06:35:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Instalační služba modulů systému Windows, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (09/09/2018 06:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.
Error: (09/09/2018 06:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.
Error: (09/09/2018 06:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Hardware Support byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (09/09/2018 06:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (09/09/2018 06:30:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WMI Performance Adapter byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.
Error: (09/09/2018 06:30:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (09/09/2018 06:29:49 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby WMI Performance Adapter, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Windows Defender:
===================================
Date: 2018-07-06 14:46:08.457
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Date: 2018-07-06 14:46:08.457
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU 5160 @ 3.00GHz
Percentage of memory in use: 83%
Total physical RAM: 4093.65 MB
Available physical RAM: 658.39 MB
Total Virtual: 10230.8 MB
Available Virtual: 4682.66 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:68.85 GB) NTFS
Drive e: (OLD) (Fixed) (Total:149.03 GB) (Free:60.63 GB) NTFS
Drive f: () (Fixed) (Total:69.82 GB) (Free:1.77 GB) NTFS
Drive g: (Starý disk) (Fixed) (Total:395.94 GB) (Free:86.33 GB) NTFS
Drive h: () (Fixed) (Total:232.88 GB) (Free:5.9 GB) NTFS
\\?\Volume{1f9603c2-8117-11e8-ab21-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 579A6D50)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 33B08E54)
Partition 1: (Active) - (Size=395.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=69.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 149.1 GB) (Disk ID: E8AE847D)
Partition 1: (Not Active) - (Size=149 GB) - (Type=0F Extended)
========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 3E778052)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.09.2018
Ran by Dan (administrator) on DAN-PC (09-09-2018 21:51:42)
Running from G:\PROGRAMY
Loaded Profiles: Dan (Available Profiles: Dan)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\pcdrwi.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_181\launch4j-tmp\frd.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe [424448 2007-05-06] (SigmaTel, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178504 2018-07-25] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\MountPoints2: {4be4e01f-8134-11e8-a708-001aa0ad2fdb} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2018-07-06]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 100.100.100.1 0.0.0.0
Tcpip\..\Interfaces\{DA9DCABD-9F01-4DA9-BC91-C1DB42FA9DE8}: [DhcpNameServer] 100.100.100.1 0.0.0.0
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-23] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: fifkgai9.default
FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default [2018-09-09]
FF Homepage: Mozilla\Firefox\Profiles\fifkgai9.default -> hxxps://mail.google.com/mail/u/0/#inbox
FF Session Restore: Mozilla\Firefox\Profiles\fifkgai9.default -> is enabled.
FF Extension: (To Google Translate) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-07]
FF Extension: (Screengrab!) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2018-07-06]
FF Extension: (HTML Validator) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}.xpi [2018-07-06]
FF Extension: (Web Developer) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\fifkgai9.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2018-07-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-09-01] ()
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-09-01] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-06] (NVIDIA Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 dcevt64; C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe [222168 2011-01-21] (Dell Inc.)
S2 dcstor64; C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr64.exe [293336 2011-01-21] (Dell Inc.)
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
S2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe [935744 2018-07-16] (PC-Doctor, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2330224 2018-07-25] (ESET)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S2 NVWMI; C:\Windows\system32\nvwmi64.exe [4175928 2017-02-15] (NVIDIA Corporation)
S2 STacSV; C:\Windows\system32\STacSV64.exe [112128 2007-05-06] (SigmaTel, Inc.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45016 2018-07-08] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2010-11-25] (Dell Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-25] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109920 2018-07-25] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-07-25] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50144 2018-07-25] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-07-25] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61552 2018-07-25] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [110376 2018-07-25] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-07-12] (Malwarebytes)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193256 2018-09-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [117472 2018-09-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [52328 2018-09-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-09-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [98616 2018-09-09] (Malwarebytes)
R3 STHDA; C:\Windows\System32\drivers\stwrt64.sys [388096 2007-05-06] (SigmaTel, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-09 18:27 - 2018-09-09 17:47 - 007571152 _____ (Malwarebytes) C:\Users\Dan\Desktop\hdtunepro_560_trial.exe
2018-09-09 17:48 - 2018-09-09 18:16 - 000000000 ____D C:\AdwCleaner
2018-09-09 17:47 - 2018-09-09 17:47 - 000000085 _____ C:\Windows\wininit.ini
2018-09-09 15:28 - 2018-09-09 21:51 - 000000000 ____D C:\FRST
2018-09-09 12:40 - 2018-09-09 18:22 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-09-09 12:40 - 2018-09-09 17:47 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2018-09-09 12:28 - 2018-09-09 12:28 - 000000000 ____D C:\Users\Dan\AppData\Local\mbam
2018-09-09 12:27 - 2018-09-09 21:29 - 000098616 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-09-09 12:27 - 2018-09-09 18:23 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-09 12:27 - 2018-09-09 18:23 - 000117472 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-09-09 12:27 - 2018-09-09 18:23 - 000052328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-09-09 12:27 - 2018-09-09 12:27 - 000193256 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-09-09 12:27 - 2018-09-09 12:27 - 000001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-09 12:27 - 2018-09-09 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-09 12:27 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-09 12:26 - 2018-09-09 12:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-09 12:26 - 2018-09-09 12:26 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-09 09:14 - 2018-09-09 09:16 - 000960592 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-06 16:59 - 2018-09-06 17:44 - 000029338 _____ C:\Users\Dan\Documents\rodina_Málkova.cdr
2018-09-06 16:59 - 2018-09-06 16:59 - 000063227 _____ C:\Users\Dan\Documents\Backup_of_rodina_Málkova.cdr
2018-09-06 15:24 - 2018-09-06 15:24 - 000235669 _____ C:\Users\Dan\Documents\Zadost_o_vraceni_RO.pdf
2018-09-01 23:07 - 2018-09-09 18:30 - 000000000 ____D C:\Users\Dan\AppData\Local\CrashDumps
2018-09-01 11:24 - 2018-09-09 09:39 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-01 11:24 - 2018-09-01 11:24 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-01 11:24 - 2018-09-01 11:24 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-01 11:24 - 2018-09-01 11:24 - 000004520 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-01 11:24 - 2018-09-01 11:24 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-09-01 11:24 - 2018-09-01 11:24 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-01 11:24 - 2018-09-01 11:24 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Macromedia
2018-09-01 10:06 - 2018-09-03 01:22 - 000000000 ____D C:\Users\Dan\AppData\Roaming\AIMP
2018-09-01 10:06 - 2018-09-01 10:06 - 000000895 _____ C:\Users\Public\Desktop\AIMP.lnk
2018-09-01 10:06 - 2018-09-01 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2018-09-01 10:05 - 2018-09-01 10:06 - 000000000 ____D C:\Program Files (x86)\AIMP
2018-08-28 13:26 - 2018-08-28 13:26 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt
2018-08-14 19:21 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-14 19:21 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-14 19:21 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-14 19:21 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-14 19:21 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-14 19:21 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-14 19:21 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-14 19:21 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-14 19:21 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-14 19:21 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-14 19:21 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-14 19:21 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-14 19:21 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-14 19:21 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-14 19:21 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-14 19:21 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-14 19:21 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 19:21 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-14 19:21 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-14 19:21 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-14 19:21 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-14 19:21 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-14 19:21 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-14 19:21 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-14 19:21 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-14 19:21 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-14 19:21 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-14 19:21 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-14 19:21 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 19:21 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-14 19:21 - 2018-07-20 01:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-14 19:21 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-14 19:21 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-14 19:21 - 2018-07-19 06:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-14 19:21 - 2018-07-19 06:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-14 19:21 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-14 19:21 - 2018-07-19 06:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-14 19:21 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-14 19:21 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-14 19:21 - 2018-07-19 06:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-14 19:21 - 2018-07-19 06:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-14 19:21 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-14 19:21 - 2018-07-19 06:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-14 19:21 - 2018-07-19 06:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-14 19:21 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-14 19:21 - 2018-07-19 06:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-14 19:21 - 2018-07-19 06:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-14 19:21 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-14 19:21 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-14 19:21 - 2018-07-19 06:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-14 19:21 - 2018-07-19 06:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-14 19:21 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-14 19:21 - 2018-07-19 06:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-14 19:21 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-14 19:21 - 2018-07-19 06:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-14 19:21 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-14 19:21 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-14 19:21 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-14 19:21 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-14 19:21 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-14 19:21 - 2018-07-19 06:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-14 19:21 - 2018-07-19 06:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-14 19:21 - 2018-07-19 05:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-14 19:21 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-14 19:21 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-14 19:21 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-14 19:21 - 2018-07-19 05:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-14 19:21 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-14 19:21 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-14 19:21 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-14 19:21 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-14 19:21 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-14 19:21 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-14 19:21 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-14 19:21 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-14 19:21 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-14 19:21 - 2018-07-19 05:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-14 19:21 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-14 19:21 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-14 19:21 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-14 19:21 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-14 19:21 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-14 19:21 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-14 19:21 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-14 19:21 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-14 19:21 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-14 19:21 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-14 19:21 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-14 19:21 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-14 19:21 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-14 19:21 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-14 19:21 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-14 19:21 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-14 19:21 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-14 19:21 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-14 19:21 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-14 19:21 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-14 19:21 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-14 19:21 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-14 19:21 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-14 19:21 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-14 19:21 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-14 19:21 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-14 19:21 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-14 19:21 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-14 19:21 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-14 19:21 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-14 19:21 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-14 19:21 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-14 19:21 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-14 19:21 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-14 19:21 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-14 19:21 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-14 19:21 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-14 19:21 - 2018-06-29 17:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-14 19:21 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-14 19:21 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-14 19:21 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-14 19:21 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-14 19:21 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-14 19:21 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-14 19:21 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-14 19:21 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-14 19:21 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-14 19:21 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-14 19:21 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-09 21:51 - 2018-07-06 18:26 - 000000000 ____D C:\Users\Dan\AppData\Roaming\vlc
2018-09-09 18:40 - 2009-07-14 06:45 - 000018272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-09 18:40 - 2009-07-14 06:45 - 000018272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-09 18:31 - 2018-07-06 15:12 - 000000000 ____D C:\Users\Dan\AppData\LocalLow\Mozilla
2018-09-09 18:30 - 2018-07-06 15:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-09 18:28 - 2009-07-14 17:18 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-09-09 18:28 - 2009-07-14 17:18 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-09-09 18:28 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-09 18:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-09 18:23 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-09 12:26 - 2018-07-06 14:48 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-09 11:55 - 2018-07-06 18:06 - 000000000 ____D C:\Users\Dan\AppData\Local\ElevatedDiagnostics
2018-09-08 20:53 - 2018-07-06 23:25 - 000000000 ____D C:\Users\Dan\AppData\Roaming\uTorrent
2018-09-08 18:45 - 2018-07-23 18:21 - 000000148 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-09-08 09:10 - 2018-07-06 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-07 10:36 - 2018-07-06 15:11 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-07 10:36 - 2018-07-06 15:11 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-07 10:36 - 2018-07-06 15:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-05 22:59 - 2018-07-06 20:14 - 000004208 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-09-05 14:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-09-04 06:47 - 2018-07-13 17:12 - 000000000 ____D C:\Users\Dan\AppData\Roaming\XnViewMP
2018-09-03 13:55 - 2018-07-06 18:26 - 000000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-01 11:24 - 2018-07-06 15:56 - 000000000 ____D C:\Users\Dan\AppData\Local\Adobe
2018-08-16 12:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-08-14 21:03 - 2018-07-06 14:49 - 000000000 ____D C:\Windows\system32\MRT
2018-08-14 20:59 - 2018-07-06 16:59 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Files in the root of some directories =======
2018-07-07 13:32 - 2018-07-07 13:32 - 000000033 _____ () C:\Users\Dan\AppData\Roaming\AdobeWLCMCache.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-05 09:17
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by Dan (09-09-2018 21:52:20)
Running from G:\PROGRAMY
Windows 7 Professional Service Pack 1 (X64) (2018-07-06 12:28:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2513878808-783942235-2138259458-500 - Administrator - Disabled)
Dan (S-1-5-21-2513878808-783942235-2138259458-1000 - Administrator - Enabled) => C:\Users\Dan
Guest (S-1-5-21-2513878808-783942235-2138259458-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2513878808-783942235-2138259458-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2080, 07.07.2018 - AIMP DevTeam)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.9.2 - CrystalIDEA Software)
Dell Client Configuration Toolkit (HKLM-x32\...\{C8EA30FC-B20B-465E-9D8A-CDDC09EA72D4}) (Version: 2.0.1 - Dell)
Dell OpenManage Client Instrumentation (HKLM\...\{47F8D37E-D1F2-44E2-8920-40FAB519A624}) (Version: 8.0.1.150 - Dell)
Dell SupportAssist (HKLM\...\{4CB4741A-20C1-454E-8276-993D06A76D67}) (Version: 2.2.3.2 - Dell Inc.)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.23) (Version: 9.23 - Artifex Software Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.09) (Version: 9.09 - Artifex Software Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
LibreOffice 6.0.5.2 (HKLM\...\{9645CDEF-085C-45F7-A3CD-B4B7046EF78C}) (Version: 6.0.5.2 - The Document Foundation)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 62.0 (x64 cs) (HKLM\...\Mozilla Firefox 62.0 (x64 cs)) (Version: 62.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.9 - F.J. Wechselberger)
NetSpot (HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\a6e43da6e76c5494) (Version: 2.8.1.600 - Etwok LLC)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA nView 148.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.47 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.84 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.84 - NVIDIA Corporation)
NVIDIA WMI 2.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.29.0 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.84 - NVIDIA Corporation) Hidden
SigmaTel Audio (HKLM-x32\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5102.0 - SigmaTel)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XnViewMP 0.90 (HKLM\...\XnViewMP_is1) (Version: 0.90 - Gougelet Pierre-e)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-09-01] (AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-06-30] ()
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1-x32: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-09-01] (AIMP DevTeam)
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2017-02-15] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-02-06] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BC9690E-2459-401B-AC2D-CC28F8CDFBB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-01] (Adobe Systems Incorporated)
Task: {2A368F58-5F46-4015-9A98-447F2ED0C0AC} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-07-08] (Dell Inc.)
Task: {AA7BE2D1-3D92-491B-B2A2-750003E5A90A} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2017-02-15] ()
Task: {FDE8D1C8-745C-417D-8CC6-360BDFFF6CD4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-09-01] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-06-30 14:51 - 2018-06-30 14:51 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-07-06 14:31 - 2017-02-15 03:40 - 000794680 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2018-09-09 12:27 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-09 12:27 - 2018-08-06 14:20 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-07-06 21:44 - 2017-02-06 23:32 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-07-16 23:15 - 2018-07-16 23:15 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\libprotobuf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 100.100.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{093A559A-2E05-4A30-B171-CA9AC652C76F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3CBF6085-1152-4660-85E1-E16A9AED6841}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{532159F4-118F-4A92-B9F0-C6C1FCF73A1E}] => (Allow) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D269E5CA-7ADA-4385-B46D-9C7A46215B4D}] => (Allow) C:\Users\Dan\AppData\Roaming\uTorrent\uTorrent.exe
==================== Restore Points =========================
21-08-2018 19:10:09 Windows Update
26-08-2018 09:41:41 Windows Update
01-09-2018 09:22:41 Windows Update
04-09-2018 15:20:29 Windows Update
08-09-2018 09:25:54 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/09/2018 06:30:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Název chybujícího modulu: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Kód výjimky: 0xc0000005
Posun chyby: 0x00098c0e
ID chybujícího procesu: 0xe44
Čas spuštění chybující aplikace: 0x01d4485a122836cc
Cesta k chybující aplikaci: C:\Users\Dan\Desktop\hdtunepro_560_trial.exe
Cesta k chybujícímu modulu: C:\Users\Dan\Desktop\hdtunepro_560_trial.exe
ID zprávy: b38450bc-b44d-11e8-8ca9-001aa0ad2fdb
Error: (09/09/2018 06:27:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Název chybujícího modulu: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Kód výjimky: 0xc0000005
Posun chyby: 0x00098c0e
ID chybujícího procesu: 0x15c0
Čas spuštění chybující aplikace: 0x01d44859f4454e87
Cesta k chybující aplikaci: C:\Users\Dan\Desktop\hdtunepro_560_trial.exe
Cesta k chybujícímu modulu: C:\Users\Dan\Desktop\hdtunepro_560_trial.exe
ID zprávy: 4aa22073-b44d-11e8-8ca9-001aa0ad2fdb
Error: (09/09/2018 06:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Název chybujícího modulu: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Kód výjimky: 0xc0000005
Posun chyby: 0x00098c0e
ID chybujícího procesu: 0x7f4
Čas spuštění chybující aplikace: 0x01d44858bdd5d6a5
Cesta k chybující aplikaci: G:\PROGRAMY\hdtunepro_560_trial.exe
Cesta k chybujícímu modulu: G:\PROGRAMY\hdtunepro_560_trial.exe
ID zprávy: 55a13adc-b44c-11e8-a96b-001aa0ad2fdb
Error: (09/09/2018 06:17:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Název chybujícího modulu: hdtunepro_560_trial.exe, verze: 7.2.3.0, časové razítko: 0x5b8d7938
Kód výjimky: 0xc0000005
Posun chyby: 0x00098c0e
ID chybujícího procesu: 0x1b80
Čas spuštění chybující aplikace: 0x01d448549279cee8
Cesta k chybující aplikaci: G:\PROGRAMY\hdtunepro_560_trial.exe
Cesta k chybujícímu modulu: G:\PROGRAMY\hdtunepro_560_trial.exe
ID zprávy: de739595-b44b-11e8-a96b-001aa0ad2fdb
Error: (09/04/2018 03:24:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dsm_sa_eventmgr64.exe, verze: 5.9.5.3801, časové razítko: 0x4d39fb5a
Název chybujícího modulu: dcsupt64.dll, verze: 5.9.5.696, časové razítko: 0x4d39fa4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004750
ID chybujícího procesu: 0x6fc
Čas spuštění chybující aplikace: 0x01d444518d853586
Cesta k chybující aplikaci: C:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr64.exe
Cesta k chybujícímu modulu: C:\Program Files\Dell\SysMgt\shared\bin\dcsupt64.dll
ID zprávy: c8df51cc-b045-11e8-823d-001aa0ad2fdb
Error: (09/04/2018 06:36:24 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[Vzdálený název nelze rozpoznat: 'downloads.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ v System.Net.HttpWebRequest.GetResponse()
v eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="6CWN13J" SMBIOSMajVer="2" SMBIOSMinVer="3" SMBIOSBIOSVer="A08" SMBIOSPresent="True" Rel_Date="20080425000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Precision WorkStation 490" Ident_Num="DAN-PC" TimeZone="(UTC+01:00) Praha, Bratislava, Budapešť, Bělehrad, Lublaň" OSName="Microsoft Windows 7 Professional"/><HostIP>169.254.211.187</HostIP></Exception>
Error: (09/01/2018 11:07:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000004120fae
ID chybujícího procesu: 0x630
Čas spuštění chybující aplikace: 0x01d441c42c2c40fa
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 06460c12-ae2b-11e8-8a27-001aa0ad2fdb
Error: (09/01/2018 11:07:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000004120fae
ID chybujícího procesu: 0x630
Čas spuštění chybující aplikace: 0x01d441c42c2c40fa
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: 026cbb15-ae2b-11e8-8a27-001aa0ad2fdb
System errors:
=============
Error: (09/09/2018 06:35:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Instalační služba modulů systému Windows, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (09/09/2018 06:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.
Error: (09/09/2018 06:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.
Error: (09/09/2018 06:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Hardware Support byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (09/09/2018 06:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (09/09/2018 06:30:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WMI Performance Adapter byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.
Error: (09/09/2018 06:30:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (09/09/2018 06:29:49 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby WMI Performance Adapter, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Windows Defender:
===================================
Date: 2018-07-06 14:46:08.457
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Date: 2018-07-06 14:46:08.457
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU 5160 @ 3.00GHz
Percentage of memory in use: 83%
Total physical RAM: 4093.65 MB
Available physical RAM: 658.39 MB
Total Virtual: 10230.8 MB
Available Virtual: 4682.66 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:68.85 GB) NTFS
Drive e: (OLD) (Fixed) (Total:149.03 GB) (Free:60.63 GB) NTFS
Drive f: () (Fixed) (Total:69.82 GB) (Free:1.77 GB) NTFS
Drive g: (Starý disk) (Fixed) (Total:395.94 GB) (Free:86.33 GB) NTFS
Drive h: () (Fixed) (Total:232.88 GB) (Free:5.9 GB) NTFS
\\?\Volume{1f9603c2-8117-11e8-ab21-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 579A6D50)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 33B08E54)
Partition 1: (Active) - (Size=395.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=69.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 149.1 GB) (Disk ID: E8AE847D)
Partition 1: (Not Active) - (Size=149 GB) - (Type=0F Extended)
========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 3E778052)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: Problém při startu Windows
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe CMD: dir /a "C:\Program Files\NETGATE" CMD: type "C:\Windows\SysWOW64\SmartFlow.txt" HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\MountPoints2: {4be4e01f-8134-11e8-a708-001aa0ad2fdb} - E:\HiSuiteDownLoader.exe BootExecute: autocheck autochk * sdnclean64.exe FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X] S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X] S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X] 2018-09-09 12:40 - 2018-09-09 18:22 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2018-09-09 12:40 - 2018-09-09 17:47 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2018-08-28 13:26 - 2018-08-28 13:26 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt 2018-07-07 13:32 - 2018-07-07 13:32 - 000000033 _____ () C:\Users\Dan\AppData\Roaming\AdobeWLCMCache.dat ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File ContextMenuHandlers1-x32: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File C:\Program Files\NETGATE Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Problém při startu Windows
Fixlog z FRST:
Fix result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by Dan (10-09-2018 08:14:34) Run:1
Running from C:\Users\Dan\Desktop
Loaded Profiles: Dan (Available Profiles: Dan)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
CMD: dir /a "C:\Program Files\NETGATE"
CMD: type "C:\Windows\SysWOW64\SmartFlow.txt"
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\MountPoints2: {4be4e01f-8134-11e8-a708-001aa0ad2fdb} - E:\HiSuiteDownLoader.exe
BootExecute: autocheck autochk * sdnclean64.exe
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
2018-09-09 12:40 - 2018-09-09 18:22 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-09-09 12:40 - 2018-09-09 17:47 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2018-08-28 13:26 - 2018-08-28 13:26 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt
2018-07-07 13:32 - 2018-07-07 13:32 - 000000033 _____ () C:\Users\Dan\AppData\Roaming\AdobeWLCMCache.dat
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers1-x32: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
C:\Program Files\NETGATE
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 19
Average :
Sum : 10007773
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe ========================
C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File not signed
MD5: 9CEE2BBB060DC4B7062BE4461774A7A0
Creation and modification date: 2018-04-20 08:28 - 2018-04-20 08:28
Size: 000190784
Attributes: ----A
Company Name:
Internal Name: DCSHOST
Original Name: HuaweiHiSuiteService.EXE
Product: HuaweiHiSuiteService
Description: HuaweiHiSuiteService
File Version: 2, 0, 0, 42
Product Version: 2, 0, 0, 42
Copyright: Copyright (C) 2008
VirusTotal: https://www.virustotal.com/file/bbe3aee ... 535460750/
====== End of File: ======
========= dir /a "C:\Program Files\NETGATE" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C4C5-1A14.
Věpis adres ýe C:\Program Files
Soubor nebyl nalezen.
========= End of CMD: =========
========= type "C:\Windows\SysWOW64\SmartFlow.txt" =========
07.23.2018 18:21:59: Cancel Called
08.13.2018 20:09:37: Cancel Called
08.28.2018 19:44:23: Cancel Called
09.08.2018 18:45:38: Cancel Called
========= End of CMD: =========
"HKU\S-1-5-21-2513878808-783942235-2138259458-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpyEmergency" => removed successfully
"HKU\S-1-5-21-2513878808-783942235-2138259458-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4be4e01f-8134-11e8-a708-001aa0ad2fdb}" => removed successfully
HKLM\Software\Classes\CLSID\{4be4e01f-8134-11e8-a708-001aa0ad2fdb} => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\System\CurrentControlSet\Services\AGMService" => removed successfully
AGMService => service removed successfully
"HKLM\System\CurrentControlSet\Services\AGSService" => removed successfully
AGSService => service removed successfully
"HKLM\System\CurrentControlSet\Services\SpyEmrgHealth" => removed successfully
SpyEmrgHealth => service removed successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
C:\Windows\System32\Tasks\Safer-Networking => moved successfully
C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt => moved successfully
C:\Users\Dan\AppData\Roaming\AdobeWLCMCache.dat => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu" => removed successfully
"HKLM\Software\Classes\CLSID\{A6595CD1-BF77-430A-A452-18696685F7C7}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SpyEmergency" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SpyEmergency" => removed successfully
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu" => removed successfully
HKLM\Software\Classes\CLSID\{A6595CD1-BF77-430A-A452-18696685F7C7} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SpyEmergency" => removed successfully
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"C:\Program Files\NETGATE" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 74385190 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 15328798 B
Edge => 0 B
Chrome => 0 B
Firefox => 1101699120 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 571030 B
LocalService => 66228 B
NetworkService => 149056 B
Dan => 36074299 B
RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 08:15:20 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018
Ran by Dan (10-09-2018 08:14:34) Run:1
Running from C:\Users\Dan\Desktop
Loaded Profiles: Dan (Available Profiles: Dan)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
CMD: dir /a "C:\Program Files\NETGATE"
CMD: type "C:\Windows\SysWOW64\SmartFlow.txt"
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2513878808-783942235-2138259458-1000\...\MountPoints2: {4be4e01f-8134-11e8-a708-001aa0ad2fdb} - E:\HiSuiteDownLoader.exe
BootExecute: autocheck autochk * sdnclean64.exe
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
2018-09-09 12:40 - 2018-09-09 18:22 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-09-09 12:40 - 2018-09-09 17:47 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-09-09 12:40 - 2018-09-09 12:40 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2018-08-28 13:26 - 2018-08-28 13:26 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt
2018-07-07 13:32 - 2018-07-07 13:32 - 000000033 _____ () C:\Users\Dan\AppData\Roaming\AdobeWLCMCache.dat
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers1-x32: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll -> No File
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
C:\Program Files\NETGATE
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 19
Average :
Sum : 10007773
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe ========================
C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File not signed
MD5: 9CEE2BBB060DC4B7062BE4461774A7A0
Creation and modification date: 2018-04-20 08:28 - 2018-04-20 08:28
Size: 000190784
Attributes: ----A
Company Name:
Internal Name: DCSHOST
Original Name: HuaweiHiSuiteService.EXE
Product: HuaweiHiSuiteService
Description: HuaweiHiSuiteService
File Version: 2, 0, 0, 42
Product Version: 2, 0, 0, 42
Copyright: Copyright (C) 2008
VirusTotal: https://www.virustotal.com/file/bbe3aee ... 535460750/
====== End of File: ======
========= dir /a "C:\Program Files\NETGATE" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C4C5-1A14.
Věpis adres ýe C:\Program Files
Soubor nebyl nalezen.
========= End of CMD: =========
========= type "C:\Windows\SysWOW64\SmartFlow.txt" =========
07.23.2018 18:21:59: Cancel Called
08.13.2018 20:09:37: Cancel Called
08.28.2018 19:44:23: Cancel Called
09.08.2018 18:45:38: Cancel Called
========= End of CMD: =========
"HKU\S-1-5-21-2513878808-783942235-2138259458-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpyEmergency" => removed successfully
"HKU\S-1-5-21-2513878808-783942235-2138259458-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4be4e01f-8134-11e8-a708-001aa0ad2fdb}" => removed successfully
HKLM\Software\Classes\CLSID\{4be4e01f-8134-11e8-a708-001aa0ad2fdb} => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\System\CurrentControlSet\Services\AGMService" => removed successfully
AGMService => service removed successfully
"HKLM\System\CurrentControlSet\Services\AGSService" => removed successfully
AGSService => service removed successfully
"HKLM\System\CurrentControlSet\Services\SpyEmrgHealth" => removed successfully
SpyEmrgHealth => service removed successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
C:\Windows\System32\Tasks\Safer-Networking => moved successfully
C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt => moved successfully
C:\Users\Dan\AppData\Roaming\AdobeWLCMCache.dat => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu" => removed successfully
"HKLM\Software\Classes\CLSID\{A6595CD1-BF77-430A-A452-18696685F7C7}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SpyEmergency" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SpyEmergency" => removed successfully
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu" => removed successfully
HKLM\Software\Classes\CLSID\{A6595CD1-BF77-430A-A452-18696685F7C7} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SpyEmergency" => removed successfully
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"C:\Program Files\NETGATE" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 74385190 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 15328798 B
Edge => 0 B
Chrome => 0 B
Firefox => 1101699120 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 571030 B
LocalService => 66228 B
NetworkService => 149056 B
Dan => 36074299 B
RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 08:15:20 ====
Re: Problém při startu Windows
Nastala nejaka zmena?Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Problém při startu Windows
Bohužel k žádné změně nedošlo, počítač naskočí až po několika restartech a mezitím problikává/svítí bílá obrazovka nebo přímo spadne do spánkového režimu.
Re: Problém při startu Windows
Urob v MBAM uplny sken
- Stiahni a nainstaluj Malwarebytes (MBAM): https://www.malwarebytes.com/mwb-download/thankyou/
- Ignoruj skusobnu trial verziu
- Otvor MBAM a vlavo klikni na "Skenovat"
- Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
- Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
- Klikni na Skenovat teraz a pockaj na dokoncenie
- Po dokonceni klikni na Exportovat zhrnutie -> Textovy subor, zadaj nejaky nazov suboru a uloz na plochu
- Obsah tohto suboru sem skopiruj
- Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Problém při startu Windows
Výsledek scanu MWB:
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 12.09.18
Čas skenování: 19:24
Logovací soubor: c52be0aa-b6b0-11e8-980c-001aa0ad2fdb.json
-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.441
Aktualizovat verzi balíku komponent: 1.0.6795
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Dan-PC\Dan
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 937350
Zjištěné hrozby: 4
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 5 hod, 26 min, 36 sek
-Možnosti skenování-
Paměť: Zakázáno
Start: Zakázáno
Systém souborů: Povoleno
Archivy: Zakázáno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 4
Generic.Malware/Suspicious, H:\SYSTEM VOLUME INFORMATION\_RESTORE{7B6342C7-B2C6-49BC-8540-0C4CB423C3E4}\RP170\A0040174.EXE, Žádná uživatelská akce, [0], [392686],1.0.6795
Generic.Malware/Suspicious, G:\PROGRAMY\POPCHAR\KEYMAKER-CORE\CR-POPC4.EXE, Žádná uživatelská akce, [0], [392686],1.0.6795
Generic.Malware/Suspicious, G:\PROGRAMY\XP-UPDATE-EXTENDER-1.0.0.0-SETUP.EXE, Žádná uživatelská akce, [0], [392686],1.0.6795
PUP.Optional.AdvancedSystemCare, G:\PROGRAMY\ADVANCED-SYSTEMCARE-SETUP.EXE, Žádná uživatelská akce, [3814], [396386],1.0.6795
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 12.09.18
Čas skenování: 19:24
Logovací soubor: c52be0aa-b6b0-11e8-980c-001aa0ad2fdb.json
-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.441
Aktualizovat verzi balíku komponent: 1.0.6795
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Dan-PC\Dan
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 937350
Zjištěné hrozby: 4
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 5 hod, 26 min, 36 sek
-Možnosti skenování-
Paměť: Zakázáno
Start: Zakázáno
Systém souborů: Povoleno
Archivy: Zakázáno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 4
Generic.Malware/Suspicious, H:\SYSTEM VOLUME INFORMATION\_RESTORE{7B6342C7-B2C6-49BC-8540-0C4CB423C3E4}\RP170\A0040174.EXE, Žádná uživatelská akce, [0], [392686],1.0.6795
Generic.Malware/Suspicious, G:\PROGRAMY\POPCHAR\KEYMAKER-CORE\CR-POPC4.EXE, Žádná uživatelská akce, [0], [392686],1.0.6795
Generic.Malware/Suspicious, G:\PROGRAMY\XP-UPDATE-EXTENDER-1.0.0.0-SETUP.EXE, Žádná uživatelská akce, [0], [392686],1.0.6795
PUP.Optional.AdvancedSystemCare, G:\PROGRAMY\ADVANCED-SYSTEMCARE-SETUP.EXE, Žádná uživatelská akce, [3814], [396386],1.0.6795
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: Problém při startu Windows
Spusti kontrolu integrity systemovych suborov:
- Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
- Skopiruj a spusti prikaz:
Kód: Vybrat vše
sfc /scannow - Po dokonceni skopiruj a spusti tento prikaz:
Kód: Vybrat vše
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" - Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
- Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Problém při startu Windows
Počítač se bohužel chová stále stejně. Normálně nastartuje až na 5 - 10-tý pokus.
- Přílohy
-
- sfcdetails.rar
- (1.8 KiB) Staženo 80 x
Re: Problém při startu Windows
Stiahni CrystalDiskInfo: https://crystalmark.info/redirect.php?p ... alDiskInfo
- Rozbal cely archiv na plochu a spusti cez DiskInfo64.exe
- Hore klikni na Upravy (Edit) -> Kopirovat (Copy)
- Skopiruje sa log, jeho obsah vloz (Ctrl+V) do dalsej odpovedi
Stlac klavesy Win+R, napis "eventvwr.exe" (bez uvodzoviek) a stlac enter
- Vlavo klikni na Protokoly systemu Windows (Windows Logs) a potom na System
- Vpravo klikni na Ulozit vsechny udalosti jako (Save All Events As)
- Napis nazov suboru "system", typ suboru nechaj ako .evtx a uloz na plochu
- Vlavo klikni na Aplikace (Application), vpravo opat klikni na Ulozit vsechny udalosti jako (Save All Events As)
- Napis nazov suboru "application", typ suboru nechaj ako .evtx a uloz na plochu
- Tieto 2 subory nahraj zabal do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?