Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Lenka (administrator) on FERDA (22-09-2018 13:58:41)
Running from E:\Users\Lenka\Downloads
Loaded Profiles: Lenka (Available Profiles: Lenka)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Iskysoft) C:\Program Files (x86)\iSkysoft\IAF\2.4.3.231\IsAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Western Digital Corporation or its affiliates) C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-08] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-09-18] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-18] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe [102400 2005-04-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ISHelperSetup.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7379744 2018-09-20] (Lavasoft)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [ISHelperSetup.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {356c1b46-29ef-11e8-bf76-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {e7f1ad4d-29f2-11e8-9758-806e6f6e6963} - D:\Setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-03-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 10.0.0.3 10.0.0.2
Tcpip\..\Interfaces\{80731573-1D2E-4AA1-B00B-708699E13D8D}: [DhcpNameServer] 192.168.10.1 10.0.0.3 10.0.0.2
Internet Explorer:
==================
HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com/
HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10444__180616__yaie&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
FireFox:
========
FF DefaultProfile: bcc26cqq.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default [2018-09-22]
FF Homepage: Mozilla\Firefox\Profiles\bcc26cqq.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10444__180616__yaff
FF NewTab: Mozilla\Firefox\Profiles\bcc26cqq.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10444__180616__yaff
FF Session Restore: Mozilla\Firefox\Profiles\bcc26cqq.default -> is enabled.
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-21]
FF Extension: (Avast SafePrice) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\sp@avast.com.xpi [2018-07-17]
FF Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\wrc@avast.com.xpi [2018-06-04]
FF Extension: (Download Streamable Video) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\{b4629e37-bbce-479a-8805-8235727e5abc}.xpi [2018-03-30]
FF Extension: (Video DownloadHelper) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-21]
FF Extension: (Firefox Monitor) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\features\{5b12ff78-691e-4feb-b5ae-d92fb20ee824}\fxmonitor@mozilla.org.xpi [2018-09-12]
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-09-20]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-09-13]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.mysearchresults.com/?c=3523&t=01
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2018-09-22]
CHR Extension: (Překladač Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-17]
CHR Extension: (Prezentace) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-17]
CHR Extension: (Twitter Secret Emoticons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgogdobdhhbmdamdjmfomfdoobllbpd [2018-03-17]
CHR Extension: (Dokumenty) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-17]
CHR Extension: (Disk Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-17]
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-17]
CHR Extension: (Chrome IG Story) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2018-09-10]
CHR Extension: (Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2018-03-19]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2018-03-19]
CHR Extension: (Video Downloader professional) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-04-08]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-21]
CHR Extension: (Bulk Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\facoldpeadablbngjnohbmgaehknhcaj [2018-03-17]
CHR Extension: (Tabulky) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-17]
CHR Extension: (FBDown Video Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2018-07-30]
CHR Extension: (PhotoLive - Download Facebook Photos!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjnpabklnaaifclgealaepelncljadk [2018-03-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Transcribe: transcribe audio/interviews fast!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm [2018-03-17]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-08] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [324592 2016-11-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 IsAppService; C:\Program Files (x86)\Iskysoft\IAF\2.4.3.231\IsAppService.exe [493320 2017-10-19] (Iskysoft)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2018-09-20] ()
R2 WD SSD Dashboard Service; C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe [1706496 2016-11-15] (Western Digital Corporation or its affiliates) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-09-08] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-09-08] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-09-08] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-09-08] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-09-08] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-09-08] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-09-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-08] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-09-08] (AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-07-26] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32224 2016-09-20] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2016-09-22] (Intel Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2018-03-17] (Symantec Corporation)
U1 aswbdisk; no ImagePath
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20180316.019\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20180316.019\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-22 13:58 - 2018-09-22 13:58 - 000000000 ____D C:\FRST
2018-09-14 15:02 - 2018-09-14 15:02 - 000052296 _____ () C:\Windows\system32\Drivers\staport.sys
2018-09-12 15:42 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-09-12 15:42 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-09-12 15:42 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-09-12 15:42 - 2018-08-30 03:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-09-12 15:42 - 2018-08-28 07:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-09-12 15:42 - 2018-08-24 21:47 - 000398424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-09-12 15:42 - 2018-08-24 20:47 - 000350296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-09-12 15:42 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-09-12 15:42 - 2018-08-24 00:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-09-12 15:42 - 2018-08-24 00:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-09-12 15:42 - 2018-08-24 00:45 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-09-12 15:42 - 2018-08-24 00:44 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-09-12 15:42 - 2018-08-24 00:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-09-12 15:42 - 2018-08-24 00:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-09-12 15:42 - 2018-08-24 00:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-09-12 15:42 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-09-12 15:42 - 2018-08-24 00:34 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-09-12 15:42 - 2018-08-24 00:33 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-09-12 15:42 - 2018-08-24 00:27 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-09-12 15:42 - 2018-08-24 00:24 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-09-12 15:42 - 2018-08-24 00:19 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-09-12 15:42 - 2018-08-24 00:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-09-12 15:42 - 2018-08-24 00:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-09-12 15:42 - 2018-08-24 00:15 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-09-12 15:42 - 2018-08-24 00:15 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-09-12 15:42 - 2018-08-24 00:13 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-09-12 15:42 - 2018-08-24 00:12 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-09-12 15:42 - 2018-08-24 00:03 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-09-12 15:42 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-09-12 15:42 - 2018-08-24 00:01 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-09-12 15:42 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-09-12 15:42 - 2018-08-23 23:59 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-09-12 15:42 - 2018-08-23 23:59 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-09-12 15:42 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-09-12 15:42 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-09-12 15:42 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-09-12 15:42 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-09-12 15:42 - 2018-08-23 23:25 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-09-12 15:42 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-09-12 15:42 - 2018-08-23 23:14 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-09-12 15:42 - 2018-08-23 23:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-09-12 15:42 - 2018-08-23 23:14 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-09-12 15:42 - 2018-08-23 23:13 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-09-12 15:42 - 2018-08-23 23:12 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-09-12 15:42 - 2018-08-23 23:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-09-12 15:42 - 2018-08-23 23:09 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-09-12 15:42 - 2018-08-23 23:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-09-12 15:42 - 2018-08-23 23:00 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-09-12 15:42 - 2018-08-23 22:56 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-09-12 15:42 - 2018-08-23 22:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-09-12 15:42 - 2018-08-23 22:55 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-09-12 15:42 - 2018-08-23 22:54 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-09-12 15:42 - 2018-08-23 22:53 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-09-12 15:42 - 2018-08-23 22:52 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-09-12 15:42 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-09-12 15:42 - 2018-08-23 22:51 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-09-12 15:42 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-09-12 15:42 - 2018-08-23 22:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-09-12 15:42 - 2018-08-23 22:44 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-09-12 15:42 - 2018-08-23 22:44 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-09-12 15:42 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-09-12 15:42 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-09-12 15:42 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-09-12 15:42 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-09-12 15:42 - 2018-08-13 17:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-09-12 15:42 - 2018-08-13 17:53 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-09-12 15:42 - 2018-08-13 17:41 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-09-12 15:42 - 2018-08-12 22:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-09-12 15:42 - 2018-08-12 22:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-09-12 15:42 - 2018-08-12 22:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-09-12 15:42 - 2018-08-12 22:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-09-12 15:42 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-09-12 15:42 - 2018-08-10 17:59 - 005552816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-09-12 15:42 - 2018-08-10 17:59 - 000154800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-09-12 15:42 - 2018-08-10 17:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-09-12 15:42 - 2018-08-10 17:58 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-09-12 15:42 - 2018-08-10 17:58 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-09-12 15:42 - 2018-08-10 17:57 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-09-12 15:42 - 2018-08-10 17:57 - 000631624 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-09-12 15:42 - 2018-08-10 17:56 - 001664296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-09-12 15:42 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-09-12 15:42 - 2018-08-10 17:44 - 003961440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-09-12 15:42 - 2018-08-10 17:42 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-09-12 15:42 - 2018-08-10 17:39 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-09-12 15:42 - 2018-08-10 17:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-09-12 15:42 - 2018-08-10 17:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-09-12 15:42 - 2018-08-10 17:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-09-12 15:42 - 2018-08-10 17:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-09-12 15:42 - 2018-08-10 17:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-09-12 15:42 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-09-12 15:42 - 2018-08-10 17:17 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-09-12 15:42 - 2018-08-10 17:17 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-09-12 15:42 - 2018-08-10 17:17 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-09-12 15:42 - 2018-08-10 17:15 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-09-12 15:42 - 2018-08-10 17:13 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-09-12 15:42 - 2018-08-10 17:12 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-09-12 15:42 - 2018-08-10 17:12 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-09-12 15:42 - 2018-08-10 17:10 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-09-12 15:42 - 2018-08-10 17:09 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-09-12 15:42 - 2018-07-29 17:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-09-12 15:42 - 2018-07-18 17:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-09-12 15:42 - 2018-06-27 15:20 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2018-09-12 15:42 - 2018-06-27 15:19 - 000419648 _____ C:\Windows\system32\locale.nls
2018-09-08 18:36 - 2018-09-08 18:35 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-22 13:55 - 2009-07-14 06:45 - 000026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-22 13:55 - 2009-07-14 06:45 - 000026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-22 13:48 - 2018-03-18 01:25 - 000669580 _____ C:\Windows\system32\perfh005.dat
2018-09-22 13:48 - 2018-03-18 01:25 - 000141738 _____ C:\Windows\system32\perfc005.dat
2018-09-22 13:48 - 2009-07-14 07:13 - 001586648 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-22 13:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-22 13:42 - 2018-07-17 17:17 - 000000000 ____D C:\Users\Lenka\AppData\Local\AVAST Software
2018-09-22 13:42 - 2018-03-17 16:42 - 000000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2018-09-22 13:41 - 2018-06-12 15:03 - 000000000 ___RD C:\Users\Lenka\iCloudDrive
2018-09-22 13:41 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-21 21:15 - 2018-07-04 21:40 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-21 21:14 - 2018-07-04 21:40 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-21 18:21 - 2018-07-12 19:54 - 000003556 _____ C:\Windows\System32\Tasks\HPCustParticipation HP LaserJet M101-M106
2018-09-21 18:21 - 2018-06-25 19:38 - 000002960 _____ C:\Windows\System32\Tasks\{BBFAAC85-A69F-46BF-8201-9D923ABB6D32}
2018-09-21 18:21 - 2018-06-25 19:38 - 000002960 _____ C:\Windows\System32\Tasks\{6AB229E8-D87B-4EF0-A83F-2E2733C1D3CD}
2018-09-21 18:21 - 2018-05-20 21:38 - 000003546 _____ C:\Windows\System32\Tasks\{5E4039B8-A717-46C6-A534-88D2C6CC572E}
2018-09-21 18:21 - 2018-04-26 21:12 - 000003118 _____ C:\Windows\System32\Tasks\{55A6DB17-9875-4922-A54F-AD9F2B6432DC}
2018-09-21 18:21 - 2018-03-20 11:50 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-09-21 18:21 - 2018-03-18 10:51 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-09-21 18:21 - 2018-03-18 10:51 - 000002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-09-21 18:21 - 2018-03-17 16:35 - 000003646 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2018-09-21 18:21 - 2018-03-17 16:32 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-09-21 18:21 - 2018-03-17 16:32 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-20 19:42 - 2018-03-17 16:28 - 000000000 ____D C:\Users\Lenka
2018-09-20 16:51 - 2018-03-17 16:33 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-20 16:51 - 2018-03-17 16:33 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-13 17:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-09-13 15:54 - 2009-07-14 06:45 - 000414776 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-13 15:52 - 2018-03-18 11:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-13 15:52 - 2018-03-18 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-12 21:40 - 2018-03-17 16:33 - 001561362 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-09-12 18:36 - 2018-03-17 18:21 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-12 15:42 - 2018-03-18 11:45 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-09-12 15:36 - 2018-03-17 16:43 - 000111152 _____ C:\Users\Lenka\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-11 17:07 - 2018-03-17 18:21 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-09-11 16:59 - 2018-03-18 10:51 - 000000000 ____D C:\Program Files\CCleaner
2018-09-08 18:36 - 2018-03-17 18:21 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-08 18:36 - 2018-03-17 18:21 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-09-08 18:36 - 2018-03-17 18:21 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-09-08 18:35 - 2018-03-17 18:21 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
Some files in TEMP:
====================
2018-04-29 14:49 - 2018-04-29 14:49 - 000079736 _____ (AppWork GmbH) C:\Users\Lenka\AppData\Local\Temp\131694797838420000.exe
2018-04-26 18:58 - 2018-08-14 17:33 - 000361112 _____ (Apowersoft) C:\Users\Lenka\AppData\Local\Temp\ApowersoftAutoUpdater.exe
2018-04-01 22:26 - 2018-04-01 19:57 - 000017920 _____ () C:\Users\Lenka\AppData\Local\Temp\cmunst_.exe
2018-07-16 22:08 - 2018-07-19 15:27 - 118089984 _____ () C:\Users\Lenka\AppData\Local\Temp\HPInstaller.exe
2018-06-19 20:35 - 2018-07-05 07:55 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\pdt_syncios.exe
2018-04-29 15:04 - 2018-04-29 15:04 - 000040448 ____N () C:\Users\Lenka\AppData\Local\Temp\proxy_vole2767735746879660411.dll
2018-06-15 20:00 - 2018-07-05 10:15 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\Syncios.exe
2018-06-15 20:00 - 2018-07-03 15:25 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\SynciosDeviceService.exe
2018-07-03 15:03 - 2018-07-03 16:03 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\SynciosTransfer.exe
2018-05-20 20:49 - 2018-05-20 20:49 - 000100840 _____ () C:\Users\Lenka\AppData\Local\Temp\vsdel.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-15 18:55
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu - děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - děkuji
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - děkuji
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-22-2018
# Duration: 00:00:05
# OS: Windows 7 Professional
# Cleaned: 15
# Failed: 0
***** [ Services ] *****
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted slunecnice.cz
Deleted http://www.mysearchresults.com/?c=3523&t=01
Deleted Search Here
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2364 octets] - [22/09/2018 17:54:55]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-22-2018
# Duration: 00:00:05
# OS: Windows 7 Professional
# Cleaned: 15
# Failed: 0
***** [ Services ] *****
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted slunecnice.cz
Deleted http://www.mysearchresults.com/?c=3523&t=01
Deleted Search Here
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2364 octets] - [22/09/2018 17:54:55]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Prosím o kontrolu logu - děkuji
Jen pro info. Někdo se mi naboural do e-mailové schránky a poslal mi e-mail z mé e-mailové adresy, že "Do vašeho přístroje jsme nainstalovali jeden software RAT".
Ihned jsem změnila heslo do e-mailové schránky.
Ihned jsem změnila heslo do e-mailové schránky.
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - děkuji
Je doře, že jste heslo změnila. Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Lenka (administrator) on FERDA (22-09-2018 19:07:42)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Iskysoft) C:\Program Files (x86)\iSkysoft\IAF\2.4.3.231\IsAppService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Western Digital Corporation or its affiliates) C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-08] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-09-18] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-18] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe [102400 2005-04-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ISHelperSetup.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [ISHelperSetup.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {356c1b46-29ef-11e8-bf76-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {e7f1ad4d-29f2-11e8-9758-806e6f6e6963} - D:\Setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-03-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 10.0.0.3 10.0.0.2
Tcpip\..\Interfaces\{80731573-1D2E-4AA1-B00B-708699E13D8D}: [DhcpNameServer] 192.168.10.1 10.0.0.3 10.0.0.2
Internet Explorer:
==================
HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com/
HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
FireFox:
========
FF DefaultProfile: bcc26cqq.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default [2018-09-22]
FF Homepage: Mozilla\Firefox\Profiles\bcc26cqq.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10444__180616__yaff
FF NewTab: Mozilla\Firefox\Profiles\bcc26cqq.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10444__180616__yaff
FF Session Restore: Mozilla\Firefox\Profiles\bcc26cqq.default -> is enabled.
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-21]
FF Extension: (Avast SafePrice) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\sp@avast.com.xpi [2018-07-17]
FF Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\wrc@avast.com.xpi [2018-06-04]
FF Extension: (Download Streamable Video) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\{b4629e37-bbce-479a-8805-8235727e5abc}.xpi [2018-03-30]
FF Extension: (Video DownloadHelper) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-21]
FF Extension: (Firefox Monitor) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\features\{5b12ff78-691e-4feb-b5ae-d92fb20ee824}\fxmonitor@mozilla.org.xpi [2018-09-12]
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-09-20]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-09-13]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2018-09-22]
CHR Extension: (Překladač Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-17]
CHR Extension: (Prezentace) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-17]
CHR Extension: (Twitter Secret Emoticons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgogdobdhhbmdamdjmfomfdoobllbpd [2018-03-17]
CHR Extension: (Dokumenty) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-17]
CHR Extension: (Disk Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-17]
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-17]
CHR Extension: (Chrome IG Story) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2018-09-10]
CHR Extension: (Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2018-03-19]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2018-03-19]
CHR Extension: (Video Downloader professional) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-04-08]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-21]
CHR Extension: (Bulk Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\facoldpeadablbngjnohbmgaehknhcaj [2018-03-17]
CHR Extension: (Tabulky) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-17]
CHR Extension: (FBDown Video Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2018-07-30]
CHR Extension: (PhotoLive - Download Facebook Photos!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjnpabklnaaifclgealaepelncljadk [2018-03-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Transcribe: transcribe audio/interviews fast!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm [2018-03-17]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-08] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [324592 2016-11-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 IsAppService; C:\Program Files (x86)\Iskysoft\IAF\2.4.3.231\IsAppService.exe [493320 2017-10-19] (Iskysoft)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
R2 WD SSD Dashboard Service; C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe [1706496 2016-11-15] (Western Digital Corporation or its affiliates) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-09-08] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-09-08] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-09-08] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-09-08] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-09-08] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-09-08] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-09-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-08] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-09-08] (AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-07-26] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32224 2016-09-20] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2016-09-22] (Intel Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2018-03-17] (Symantec Corporation)
U1 aswbdisk; no ImagePath
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20180316.019\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20180316.019\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-22 19:07 - 2018-09-22 19:07 - 000020752 _____ C:\Users\Lenka\Desktop\FRST.txt
2018-09-22 19:07 - 2018-09-22 13:57 - 002413568 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.exe
2018-09-22 17:54 - 2018-09-22 17:55 - 000000000 ____D C:\AdwCleaner
2018-09-22 17:52 - 2018-09-22 17:52 - 007571152 _____ (Malwarebytes) C:\Users\Lenka\Desktop\adwcleaner_7.2.3.1.exe
2018-09-22 13:58 - 2018-09-22 19:07 - 000000000 ____D C:\FRST
2018-09-14 15:02 - 2018-09-14 15:02 - 000052296 _____ () C:\Windows\system32\Drivers\staport.sys
2018-09-12 15:42 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-09-12 15:42 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-09-12 15:42 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-09-12 15:42 - 2018-08-30 03:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-09-12 15:42 - 2018-08-28 07:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-09-12 15:42 - 2018-08-24 21:47 - 000398424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-09-12 15:42 - 2018-08-24 20:47 - 000350296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-09-12 15:42 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-09-12 15:42 - 2018-08-24 00:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-09-12 15:42 - 2018-08-24 00:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-09-12 15:42 - 2018-08-24 00:45 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-09-12 15:42 - 2018-08-24 00:44 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-09-12 15:42 - 2018-08-24 00:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-09-12 15:42 - 2018-08-24 00:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-09-12 15:42 - 2018-08-24 00:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-09-12 15:42 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-09-12 15:42 - 2018-08-24 00:34 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-09-12 15:42 - 2018-08-24 00:33 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-09-12 15:42 - 2018-08-24 00:27 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-09-12 15:42 - 2018-08-24 00:24 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-09-12 15:42 - 2018-08-24 00:19 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-09-12 15:42 - 2018-08-24 00:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-09-12 15:42 - 2018-08-24 00:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-09-12 15:42 - 2018-08-24 00:15 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-09-12 15:42 - 2018-08-24 00:15 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-09-12 15:42 - 2018-08-24 00:13 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-09-12 15:42 - 2018-08-24 00:12 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-09-12 15:42 - 2018-08-24 00:03 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-09-12 15:42 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-09-12 15:42 - 2018-08-24 00:01 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-09-12 15:42 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-09-12 15:42 - 2018-08-23 23:59 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-09-12 15:42 - 2018-08-23 23:59 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-09-12 15:42 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-09-12 15:42 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-09-12 15:42 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-09-12 15:42 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-09-12 15:42 - 2018-08-23 23:25 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-09-12 15:42 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-09-12 15:42 - 2018-08-23 23:14 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-09-12 15:42 - 2018-08-23 23:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-09-12 15:42 - 2018-08-23 23:14 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-09-12 15:42 - 2018-08-23 23:13 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-09-12 15:42 - 2018-08-23 23:12 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-09-12 15:42 - 2018-08-23 23:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-09-12 15:42 - 2018-08-23 23:09 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-09-12 15:42 - 2018-08-23 23:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-09-12 15:42 - 2018-08-23 23:00 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-09-12 15:42 - 2018-08-23 22:56 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-09-12 15:42 - 2018-08-23 22:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-09-12 15:42 - 2018-08-23 22:55 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-09-12 15:42 - 2018-08-23 22:54 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-09-12 15:42 - 2018-08-23 22:53 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-09-12 15:42 - 2018-08-23 22:52 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-09-12 15:42 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-09-12 15:42 - 2018-08-23 22:51 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-09-12 15:42 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-09-12 15:42 - 2018-08-23 22:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-09-12 15:42 - 2018-08-23 22:44 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-09-12 15:42 - 2018-08-23 22:44 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-09-12 15:42 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-09-12 15:42 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-09-12 15:42 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-09-12 15:42 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-09-12 15:42 - 2018-08-13 17:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-09-12 15:42 - 2018-08-13 17:53 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-09-12 15:42 - 2018-08-13 17:41 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-09-12 15:42 - 2018-08-12 22:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-09-12 15:42 - 2018-08-12 22:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-09-12 15:42 - 2018-08-12 22:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-09-12 15:42 - 2018-08-12 22:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-09-12 15:42 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-09-12 15:42 - 2018-08-10 17:59 - 005552816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-09-12 15:42 - 2018-08-10 17:59 - 000154800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-09-12 15:42 - 2018-08-10 17:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-09-12 15:42 - 2018-08-10 17:58 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-09-12 15:42 - 2018-08-10 17:58 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-09-12 15:42 - 2018-08-10 17:57 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-09-12 15:42 - 2018-08-10 17:57 - 000631624 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-09-12 15:42 - 2018-08-10 17:56 - 001664296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-09-12 15:42 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-09-12 15:42 - 2018-08-10 17:44 - 003961440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-09-12 15:42 - 2018-08-10 17:42 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-09-12 15:42 - 2018-08-10 17:39 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-09-12 15:42 - 2018-08-10 17:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-09-12 15:42 - 2018-08-10 17:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-09-12 15:42 - 2018-08-10 17:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-09-12 15:42 - 2018-08-10 17:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-09-12 15:42 - 2018-08-10 17:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-09-12 15:42 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-09-12 15:42 - 2018-08-10 17:17 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-09-12 15:42 - 2018-08-10 17:17 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-09-12 15:42 - 2018-08-10 17:17 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-09-12 15:42 - 2018-08-10 17:15 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-09-12 15:42 - 2018-08-10 17:13 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-09-12 15:42 - 2018-08-10 17:12 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-09-12 15:42 - 2018-08-10 17:12 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-09-12 15:42 - 2018-08-10 17:10 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-09-12 15:42 - 2018-08-10 17:09 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-09-12 15:42 - 2018-07-29 17:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-09-12 15:42 - 2018-07-18 17:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-09-12 15:42 - 2018-06-27 15:20 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2018-09-12 15:42 - 2018-06-27 15:19 - 000419648 _____ C:\Windows\system32\locale.nls
2018-09-08 18:36 - 2018-09-08 18:35 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-22 18:04 - 2009-07-14 06:45 - 000026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-22 18:04 - 2009-07-14 06:45 - 000026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-22 18:01 - 2018-03-18 01:25 - 000669580 _____ C:\Windows\system32\perfh005.dat
2018-09-22 18:01 - 2018-03-18 01:25 - 000141738 _____ C:\Windows\system32\perfc005.dat
2018-09-22 18:01 - 2009-07-14 07:13 - 001586648 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-22 18:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-22 17:57 - 2018-07-17 17:17 - 000000000 ____D C:\Users\Lenka\AppData\Local\AVAST Software
2018-09-22 17:56 - 2018-06-12 15:03 - 000000000 ___RD C:\Users\Lenka\iCloudDrive
2018-09-22 17:56 - 2018-03-17 16:42 - 000000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2018-09-22 17:56 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-22 17:55 - 2018-06-16 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-09-21 21:15 - 2018-07-04 21:40 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-21 21:14 - 2018-07-04 21:40 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-21 18:21 - 2018-07-12 19:54 - 000003556 _____ C:\Windows\System32\Tasks\HPCustParticipation HP LaserJet M101-M106
2018-09-21 18:21 - 2018-06-25 19:38 - 000002960 _____ C:\Windows\System32\Tasks\{BBFAAC85-A69F-46BF-8201-9D923ABB6D32}
2018-09-21 18:21 - 2018-06-25 19:38 - 000002960 _____ C:\Windows\System32\Tasks\{6AB229E8-D87B-4EF0-A83F-2E2733C1D3CD}
2018-09-21 18:21 - 2018-05-20 21:38 - 000003546 _____ C:\Windows\System32\Tasks\{5E4039B8-A717-46C6-A534-88D2C6CC572E}
2018-09-21 18:21 - 2018-04-26 21:12 - 000003118 _____ C:\Windows\System32\Tasks\{55A6DB17-9875-4922-A54F-AD9F2B6432DC}
2018-09-21 18:21 - 2018-03-20 11:50 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-09-21 18:21 - 2018-03-18 10:51 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-09-21 18:21 - 2018-03-18 10:51 - 000002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-09-21 18:21 - 2018-03-17 16:35 - 000003646 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2018-09-21 18:21 - 2018-03-17 16:32 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-09-21 18:21 - 2018-03-17 16:32 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-20 19:42 - 2018-03-17 16:28 - 000000000 ____D C:\Users\Lenka
2018-09-20 16:51 - 2018-03-17 16:33 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-20 16:51 - 2018-03-17 16:33 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-13 17:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-09-13 15:54 - 2009-07-14 06:45 - 000414776 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-13 15:52 - 2018-03-18 11:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-13 15:52 - 2018-03-18 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-12 21:40 - 2018-03-17 16:33 - 001561362 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-09-12 18:36 - 2018-03-17 18:21 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-12 15:42 - 2018-03-18 11:45 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-09-12 15:36 - 2018-03-17 16:43 - 000111152 _____ C:\Users\Lenka\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-11 17:07 - 2018-03-17 18:21 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-09-11 16:59 - 2018-03-18 10:51 - 000000000 ____D C:\Program Files\CCleaner
2018-09-08 18:36 - 2018-03-17 18:21 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-08 18:36 - 2018-03-17 18:21 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-09-08 18:36 - 2018-03-17 18:21 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-09-08 18:35 - 2018-03-17 18:21 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
Some files in TEMP:
====================
2018-04-29 14:49 - 2018-04-29 14:49 - 000079736 _____ (AppWork GmbH) C:\Users\Lenka\AppData\Local\Temp\131694797838420000.exe
2018-04-26 18:58 - 2018-08-14 17:33 - 000361112 _____ (Apowersoft) C:\Users\Lenka\AppData\Local\Temp\ApowersoftAutoUpdater.exe
2018-04-01 22:26 - 2018-04-01 19:57 - 000017920 _____ () C:\Users\Lenka\AppData\Local\Temp\cmunst_.exe
2018-07-16 22:08 - 2018-07-19 15:27 - 118089984 _____ () C:\Users\Lenka\AppData\Local\Temp\HPInstaller.exe
2018-06-19 20:35 - 2018-07-05 07:55 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\pdt_syncios.exe
2018-04-29 15:04 - 2018-04-29 15:04 - 000040448 ____N () C:\Users\Lenka\AppData\Local\Temp\proxy_vole2767735746879660411.dll
2018-06-15 20:00 - 2018-07-05 10:15 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\Syncios.exe
2018-06-15 20:00 - 2018-07-03 15:25 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\SynciosDeviceService.exe
2018-07-03 15:03 - 2018-07-03 16:03 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\SynciosTransfer.exe
2018-05-20 20:49 - 2018-05-20 20:49 - 000100840 _____ () C:\Users\Lenka\AppData\Local\Temp\vsdel.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-15 18:55
==================== End of FRST.txt ============================
Ran by Lenka (administrator) on FERDA (22-09-2018 19:07:42)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Iskysoft) C:\Program Files (x86)\iSkysoft\IAF\2.4.3.231\IsAppService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Western Digital Corporation or its affiliates) C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-08] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-09-18] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-18] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe [102400 2005-04-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ISHelperSetup.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [ISHelperSetup.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {356c1b46-29ef-11e8-bf76-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {e7f1ad4d-29f2-11e8-9758-806e6f6e6963} - D:\Setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-03-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 10.0.0.3 10.0.0.2
Tcpip\..\Interfaces\{80731573-1D2E-4AA1-B00B-708699E13D8D}: [DhcpNameServer] 192.168.10.1 10.0.0.3 10.0.0.2
Internet Explorer:
==================
HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com/
HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
FireFox:
========
FF DefaultProfile: bcc26cqq.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default [2018-09-22]
FF Homepage: Mozilla\Firefox\Profiles\bcc26cqq.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10444__180616__yaff
FF NewTab: Mozilla\Firefox\Profiles\bcc26cqq.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10444__180616__yaff
FF Session Restore: Mozilla\Firefox\Profiles\bcc26cqq.default -> is enabled.
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-21]
FF Extension: (Avast SafePrice) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\sp@avast.com.xpi [2018-07-17]
FF Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\wrc@avast.com.xpi [2018-06-04]
FF Extension: (Download Streamable Video) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\{b4629e37-bbce-479a-8805-8235727e5abc}.xpi [2018-03-30]
FF Extension: (Video DownloadHelper) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-21]
FF Extension: (Firefox Monitor) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\features\{5b12ff78-691e-4feb-b5ae-d92fb20ee824}\fxmonitor@mozilla.org.xpi [2018-09-12]
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-09-20]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-09-13]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2018-09-22]
CHR Extension: (Překladač Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-17]
CHR Extension: (Prezentace) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-17]
CHR Extension: (Twitter Secret Emoticons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgogdobdhhbmdamdjmfomfdoobllbpd [2018-03-17]
CHR Extension: (Dokumenty) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-17]
CHR Extension: (Disk Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-17]
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-17]
CHR Extension: (Chrome IG Story) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2018-09-10]
CHR Extension: (Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2018-03-19]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2018-03-19]
CHR Extension: (Video Downloader professional) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-04-08]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-21]
CHR Extension: (Bulk Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\facoldpeadablbngjnohbmgaehknhcaj [2018-03-17]
CHR Extension: (Tabulky) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-17]
CHR Extension: (FBDown Video Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2018-07-30]
CHR Extension: (PhotoLive - Download Facebook Photos!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjnpabklnaaifclgealaepelncljadk [2018-03-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Transcribe: transcribe audio/interviews fast!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm [2018-03-17]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-08] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [324592 2016-11-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 IsAppService; C:\Program Files (x86)\Iskysoft\IAF\2.4.3.231\IsAppService.exe [493320 2017-10-19] (Iskysoft)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
R2 WD SSD Dashboard Service; C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe [1706496 2016-11-15] (Western Digital Corporation or its affiliates) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-09-08] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-09-08] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-09-08] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-09-08] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-09-08] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-09-08] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-09-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-08] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-09-08] (AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-07-26] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32224 2016-09-20] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2016-09-22] (Intel Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2018-03-17] (Symantec Corporation)
U1 aswbdisk; no ImagePath
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20180316.019\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20180316.019\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-22 19:07 - 2018-09-22 19:07 - 000020752 _____ C:\Users\Lenka\Desktop\FRST.txt
2018-09-22 19:07 - 2018-09-22 13:57 - 002413568 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.exe
2018-09-22 17:54 - 2018-09-22 17:55 - 000000000 ____D C:\AdwCleaner
2018-09-22 17:52 - 2018-09-22 17:52 - 007571152 _____ (Malwarebytes) C:\Users\Lenka\Desktop\adwcleaner_7.2.3.1.exe
2018-09-22 13:58 - 2018-09-22 19:07 - 000000000 ____D C:\FRST
2018-09-14 15:02 - 2018-09-14 15:02 - 000052296 _____ () C:\Windows\system32\Drivers\staport.sys
2018-09-12 15:42 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-09-12 15:42 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-09-12 15:42 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-09-12 15:42 - 2018-08-30 03:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-09-12 15:42 - 2018-08-28 07:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-09-12 15:42 - 2018-08-24 21:47 - 000398424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-09-12 15:42 - 2018-08-24 20:47 - 000350296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-09-12 15:42 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-09-12 15:42 - 2018-08-24 00:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-09-12 15:42 - 2018-08-24 00:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-09-12 15:42 - 2018-08-24 00:45 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-09-12 15:42 - 2018-08-24 00:44 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-09-12 15:42 - 2018-08-24 00:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-09-12 15:42 - 2018-08-24 00:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-09-12 15:42 - 2018-08-24 00:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-09-12 15:42 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-09-12 15:42 - 2018-08-24 00:34 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-09-12 15:42 - 2018-08-24 00:33 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-09-12 15:42 - 2018-08-24 00:27 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-09-12 15:42 - 2018-08-24 00:24 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-09-12 15:42 - 2018-08-24 00:19 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-09-12 15:42 - 2018-08-24 00:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-09-12 15:42 - 2018-08-24 00:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-09-12 15:42 - 2018-08-24 00:15 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-09-12 15:42 - 2018-08-24 00:15 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-09-12 15:42 - 2018-08-24 00:13 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-09-12 15:42 - 2018-08-24 00:12 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-09-12 15:42 - 2018-08-24 00:03 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-09-12 15:42 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-09-12 15:42 - 2018-08-24 00:01 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-09-12 15:42 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-09-12 15:42 - 2018-08-23 23:59 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-09-12 15:42 - 2018-08-23 23:59 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-09-12 15:42 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-09-12 15:42 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-09-12 15:42 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-09-12 15:42 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-09-12 15:42 - 2018-08-23 23:25 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-09-12 15:42 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-09-12 15:42 - 2018-08-23 23:14 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-09-12 15:42 - 2018-08-23 23:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-09-12 15:42 - 2018-08-23 23:14 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-09-12 15:42 - 2018-08-23 23:13 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-09-12 15:42 - 2018-08-23 23:12 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-09-12 15:42 - 2018-08-23 23:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-09-12 15:42 - 2018-08-23 23:09 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-09-12 15:42 - 2018-08-23 23:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-09-12 15:42 - 2018-08-23 23:00 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-09-12 15:42 - 2018-08-23 22:56 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-09-12 15:42 - 2018-08-23 22:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-09-12 15:42 - 2018-08-23 22:55 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-09-12 15:42 - 2018-08-23 22:54 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-09-12 15:42 - 2018-08-23 22:53 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-09-12 15:42 - 2018-08-23 22:52 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-09-12 15:42 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-09-12 15:42 - 2018-08-23 22:51 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-09-12 15:42 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-09-12 15:42 - 2018-08-23 22:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-09-12 15:42 - 2018-08-23 22:44 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-09-12 15:42 - 2018-08-23 22:44 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-09-12 15:42 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-09-12 15:42 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-09-12 15:42 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-09-12 15:42 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-09-12 15:42 - 2018-08-13 17:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-09-12 15:42 - 2018-08-13 17:53 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-09-12 15:42 - 2018-08-13 17:41 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-09-12 15:42 - 2018-08-12 22:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-09-12 15:42 - 2018-08-12 22:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-09-12 15:42 - 2018-08-12 22:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-09-12 15:42 - 2018-08-12 22:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-09-12 15:42 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-09-12 15:42 - 2018-08-10 17:59 - 005552816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-09-12 15:42 - 2018-08-10 17:59 - 000154800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-09-12 15:42 - 2018-08-10 17:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-09-12 15:42 - 2018-08-10 17:58 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-09-12 15:42 - 2018-08-10 17:58 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-09-12 15:42 - 2018-08-10 17:57 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-09-12 15:42 - 2018-08-10 17:57 - 000631624 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-09-12 15:42 - 2018-08-10 17:56 - 001664296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-09-12 15:42 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-09-12 15:42 - 2018-08-10 17:44 - 003961440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-09-12 15:42 - 2018-08-10 17:42 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-09-12 15:42 - 2018-08-10 17:39 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-09-12 15:42 - 2018-08-10 17:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-09-12 15:42 - 2018-08-10 17:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-09-12 15:42 - 2018-08-10 17:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-09-12 15:42 - 2018-08-10 17:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-09-12 15:42 - 2018-08-10 17:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-09-12 15:42 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-09-12 15:42 - 2018-08-10 17:17 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-09-12 15:42 - 2018-08-10 17:17 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-09-12 15:42 - 2018-08-10 17:17 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-09-12 15:42 - 2018-08-10 17:15 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-09-12 15:42 - 2018-08-10 17:13 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-09-12 15:42 - 2018-08-10 17:12 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-09-12 15:42 - 2018-08-10 17:12 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-09-12 15:42 - 2018-08-10 17:10 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-09-12 15:42 - 2018-08-10 17:09 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-09-12 15:42 - 2018-07-29 17:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-09-12 15:42 - 2018-07-18 17:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-09-12 15:42 - 2018-06-27 15:20 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2018-09-12 15:42 - 2018-06-27 15:19 - 000419648 _____ C:\Windows\system32\locale.nls
2018-09-08 18:36 - 2018-09-08 18:35 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-22 18:04 - 2009-07-14 06:45 - 000026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-22 18:04 - 2009-07-14 06:45 - 000026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-22 18:01 - 2018-03-18 01:25 - 000669580 _____ C:\Windows\system32\perfh005.dat
2018-09-22 18:01 - 2018-03-18 01:25 - 000141738 _____ C:\Windows\system32\perfc005.dat
2018-09-22 18:01 - 2009-07-14 07:13 - 001586648 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-22 18:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-22 17:57 - 2018-07-17 17:17 - 000000000 ____D C:\Users\Lenka\AppData\Local\AVAST Software
2018-09-22 17:56 - 2018-06-12 15:03 - 000000000 ___RD C:\Users\Lenka\iCloudDrive
2018-09-22 17:56 - 2018-03-17 16:42 - 000000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2018-09-22 17:56 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-22 17:55 - 2018-06-16 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-09-21 21:15 - 2018-07-04 21:40 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-21 21:14 - 2018-07-04 21:40 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-21 18:21 - 2018-07-12 19:54 - 000003556 _____ C:\Windows\System32\Tasks\HPCustParticipation HP LaserJet M101-M106
2018-09-21 18:21 - 2018-06-25 19:38 - 000002960 _____ C:\Windows\System32\Tasks\{BBFAAC85-A69F-46BF-8201-9D923ABB6D32}
2018-09-21 18:21 - 2018-06-25 19:38 - 000002960 _____ C:\Windows\System32\Tasks\{6AB229E8-D87B-4EF0-A83F-2E2733C1D3CD}
2018-09-21 18:21 - 2018-05-20 21:38 - 000003546 _____ C:\Windows\System32\Tasks\{5E4039B8-A717-46C6-A534-88D2C6CC572E}
2018-09-21 18:21 - 2018-04-26 21:12 - 000003118 _____ C:\Windows\System32\Tasks\{55A6DB17-9875-4922-A54F-AD9F2B6432DC}
2018-09-21 18:21 - 2018-03-20 11:50 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-09-21 18:21 - 2018-03-18 10:51 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-09-21 18:21 - 2018-03-18 10:51 - 000002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-09-21 18:21 - 2018-03-17 16:35 - 000003646 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2018-09-21 18:21 - 2018-03-17 16:32 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-09-21 18:21 - 2018-03-17 16:32 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-09-20 19:42 - 2018-03-17 16:28 - 000000000 ____D C:\Users\Lenka
2018-09-20 16:51 - 2018-03-17 16:33 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-20 16:51 - 2018-03-17 16:33 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-13 17:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-09-13 15:54 - 2009-07-14 06:45 - 000414776 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-13 15:52 - 2018-03-18 11:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-13 15:52 - 2018-03-18 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-12 21:40 - 2018-03-17 16:33 - 001561362 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-09-12 18:36 - 2018-03-17 18:21 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-12 15:42 - 2018-03-18 11:45 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-09-12 15:36 - 2018-03-17 16:43 - 000111152 _____ C:\Users\Lenka\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-11 17:07 - 2018-03-17 18:21 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-09-11 16:59 - 2018-03-18 10:51 - 000000000 ____D C:\Program Files\CCleaner
2018-09-08 18:36 - 2018-03-17 18:21 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-08 18:36 - 2018-03-17 18:21 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-09-08 18:36 - 2018-03-17 18:21 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-09-08 18:35 - 2018-03-17 18:21 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
Some files in TEMP:
====================
2018-04-29 14:49 - 2018-04-29 14:49 - 000079736 _____ (AppWork GmbH) C:\Users\Lenka\AppData\Local\Temp\131694797838420000.exe
2018-04-26 18:58 - 2018-08-14 17:33 - 000361112 _____ (Apowersoft) C:\Users\Lenka\AppData\Local\Temp\ApowersoftAutoUpdater.exe
2018-04-01 22:26 - 2018-04-01 19:57 - 000017920 _____ () C:\Users\Lenka\AppData\Local\Temp\cmunst_.exe
2018-07-16 22:08 - 2018-07-19 15:27 - 118089984 _____ () C:\Users\Lenka\AppData\Local\Temp\HPInstaller.exe
2018-06-19 20:35 - 2018-07-05 07:55 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\pdt_syncios.exe
2018-04-29 15:04 - 2018-04-29 15:04 - 000040448 ____N () C:\Users\Lenka\AppData\Local\Temp\proxy_vole2767735746879660411.dll
2018-06-15 20:00 - 2018-07-05 10:15 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\Syncios.exe
2018-06-15 20:00 - 2018-07-03 15:25 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\SynciosDeviceService.exe
2018-07-03 15:03 - 2018-07-03 16:03 - 000000000 ____D () C:\Users\Lenka\AppData\Local\Temp\SynciosTransfer.exe
2018-05-20 20:49 - 2018-05-20 20:49 - 000100840 _____ () C:\Users\Lenka\AppData\Local\Temp\vsdel.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-15 18:55
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - děkuji
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {356c1b46-29ef-11e8-bf76-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {e7f1ad4d-29f2-11e8-9758-806e6f6e6963} - D:\Setup.exe
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U1 aswbdisk; no ImagePath
C:\Windows\System32\Tasks\{BBFAAC85-A69F-46BF-8201-9D923ABB6D32}
C:\Windows\System32\Tasks\{6AB229E8-D87B-4EF0-A83F-2E2733C1D3CD}
C:\Windows\System32\Tasks\{5E4039B8-A717-46C6-A534-88D2C6CC572E}
C:\Windows\System32\Tasks\{55A6DB17-9875-4922-A54F-AD9F2B6432DC}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Lenka\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - děkuji
Fix result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Lenka (22-09-2018 20:10:40) Run:1
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {356c1b46-29ef-11e8-bf76-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {e7f1ad4d-29f2-11e8-9758-806e6f6e6963} - D:\Setup.exe
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U1 aswbdisk; no ImagePath
C:\Windows\System32\Tasks\{BBFAAC85-A69F-46BF-8201-9D923ABB6D32}
C:\Windows\System32\Tasks\{6AB229E8-D87B-4EF0-A83F-2E2733C1D3CD}
C:\Windows\System32\Tasks\{5E4039B8-A717-46C6-A534-88D2C6CC572E}
C:\Windows\System32\Tasks\{55A6DB17-9875-4922-A54F-AD9F2B6432DC}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Lenka\AppData\Local\Temp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-416851214-1149586187-762815546-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{356c1b46-29ef-11e8-bf76-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{356c1b46-29ef-11e8-bf76-806e6f6e6963} => not found
"HKU\S-1-5-21-416851214-1149586187-762815546-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7f1ad4d-29f2-11e8-9758-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{e7f1ad4d-29f2-11e8-9758-806e6f6e6963} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
"HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
"HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
C:\Windows\System32\Tasks\{BBFAAC85-A69F-46BF-8201-9D923ABB6D32} => moved successfully
C:\Windows\System32\Tasks\{6AB229E8-D87B-4EF0-A83F-2E2733C1D3CD} => moved successfully
C:\Windows\System32\Tasks\{5E4039B8-A717-46C6-A534-88D2C6CC572E} => moved successfully
C:\Windows\System32\Tasks\{55A6DB17-9875-4922-A54F-AD9F2B6432DC} => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"C:\Users\Lenka\AppData\Local\Temp" folder move:
Could not move "C:\Users\Lenka\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 89799602 B
Java, Flash, Steam htmlcache => 590 B
Windows/system/drivers => 244254317 B
Edge => 0 B
Chrome => 783039660 B
Firefox => 387479789 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58558607 B
systemprofile32 => 69942 B
LocalService => 66228 B
NetworkService => 24090 B
Lenka => 10944167798 B
RecycleBin => 3964504 B
EmptyTemp: => 11.7 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-09-2018 20:15:21)
C:\Users\Lenka\AppData\Local\Temp => moved successfully
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
==== End of Fixlog 20:15:21 ====
Ran by Lenka (22-09-2018 20:10:40) Run:1
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {356c1b46-29ef-11e8-bf76-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\MountPoints2: {e7f1ad4d-29f2-11e8-9758-806e6f6e6963} - D:\Setup.exe
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-03-17] (Google Inc.)
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-416851214-1149586187-762815546-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-03-17] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U1 aswbdisk; no ImagePath
C:\Windows\System32\Tasks\{BBFAAC85-A69F-46BF-8201-9D923ABB6D32}
C:\Windows\System32\Tasks\{6AB229E8-D87B-4EF0-A83F-2E2733C1D3CD}
C:\Windows\System32\Tasks\{5E4039B8-A717-46C6-A534-88D2C6CC572E}
C:\Windows\System32\Tasks\{55A6DB17-9875-4922-A54F-AD9F2B6432DC}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Lenka\AppData\Local\Temp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-416851214-1149586187-762815546-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{356c1b46-29ef-11e8-bf76-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{356c1b46-29ef-11e8-bf76-806e6f6e6963} => not found
"HKU\S-1-5-21-416851214-1149586187-762815546-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7f1ad4d-29f2-11e8-9758-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{e7f1ad4d-29f2-11e8-9758-806e6f6e6963} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
"HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
"HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
C:\Windows\System32\Tasks\{BBFAAC85-A69F-46BF-8201-9D923ABB6D32} => moved successfully
C:\Windows\System32\Tasks\{6AB229E8-D87B-4EF0-A83F-2E2733C1D3CD} => moved successfully
C:\Windows\System32\Tasks\{5E4039B8-A717-46C6-A534-88D2C6CC572E} => moved successfully
C:\Windows\System32\Tasks\{55A6DB17-9875-4922-A54F-AD9F2B6432DC} => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"C:\Users\Lenka\AppData\Local\Temp" folder move:
Could not move "C:\Users\Lenka\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 89799602 B
Java, Flash, Steam htmlcache => 590 B
Windows/system/drivers => 244254317 B
Edge => 0 B
Chrome => 783039660 B
Firefox => 387479789 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58558607 B
systemprofile32 => 69942 B
LocalService => 66228 B
NetworkService => 24090 B
Lenka => 10944167798 B
RecycleBin => 3964504 B
EmptyTemp: => 11.7 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-09-2018 20:15:21)
C:\Users\Lenka\AppData\Local\Temp => moved successfully
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
==== End of Fixlog 20:15:21 ====
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - děkuji
Smazáno. Log již vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - děkuji
Díky moc.
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - děkuji
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - děkuji
Dobrý veden. Po vyčištění PC jsem zjistila, že se mi opět někdo naboural do e-mailu (i přesto, že jsem heslo změnila). Můžete prosím ještě jednou kouknout na log? Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Lenka (administrator) on FERDA (23-09-2018 14:49:46)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Iskysoft) C:\Program Files (x86)\iSkysoft\IAF\2.4.3.231\IsAppService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Western Digital Corporation or its affiliates) C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-08] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-09-18] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-18] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe [102400 2005-04-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ISHelperSetup.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [ISHelperSetup.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-03-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 10.0.0.3 10.0.0.2
Tcpip\..\Interfaces\{80731573-1D2E-4AA1-B00B-708699E13D8D}: [DhcpNameServer] 192.168.10.1 10.0.0.3 10.0.0.2
Internet Explorer:
==================
HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com/
HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: bcc26cqq.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default [2018-09-22]
FF Homepage: Mozilla\Firefox\Profiles\bcc26cqq.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10444__180616__yaff
FF NewTab: Mozilla\Firefox\Profiles\bcc26cqq.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10444__180616__yaff
FF Session Restore: Mozilla\Firefox\Profiles\bcc26cqq.default -> is enabled.
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-21]
FF Extension: (Avast SafePrice) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\sp@avast.com.xpi [2018-07-17]
FF Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\wrc@avast.com.xpi [2018-06-04]
FF Extension: (Download Streamable Video) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\{b4629e37-bbce-479a-8805-8235727e5abc}.xpi [2018-03-30]
FF Extension: (Video DownloadHelper) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-21]
FF Extension: (Firefox Monitor) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\features\{5b12ff78-691e-4feb-b5ae-d92fb20ee824}\fxmonitor@mozilla.org.xpi [2018-09-12]
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-09-20]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-09-13]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2018-09-23]
CHR Extension: (Překladač Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-17]
CHR Extension: (Prezentace) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-17]
CHR Extension: (Twitter Secret Emoticons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgogdobdhhbmdamdjmfomfdoobllbpd [2018-03-17]
CHR Extension: (Dokumenty) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-17]
CHR Extension: (Disk Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-17]
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-17]
CHR Extension: (Chrome IG Story) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2018-09-10]
CHR Extension: (Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2018-03-19]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2018-03-19]
CHR Extension: (Video Downloader professional) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-04-08]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-21]
CHR Extension: (Bulk Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\facoldpeadablbngjnohbmgaehknhcaj [2018-03-17]
CHR Extension: (Tabulky) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-17]
CHR Extension: (FBDown Video Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2018-07-30]
CHR Extension: (PhotoLive - Download Facebook Photos!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjnpabklnaaifclgealaepelncljadk [2018-03-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Transcribe: transcribe audio/interviews fast!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm [2018-03-17]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-08] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [324592 2016-11-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 IsAppService; C:\Program Files (x86)\Iskysoft\IAF\2.4.3.231\IsAppService.exe [493320 2017-10-19] (Iskysoft)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
R2 WD SSD Dashboard Service; C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe [1706496 2016-11-15] (Western Digital Corporation or its affiliates) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-09-08] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-09-08] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-09-08] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-09-08] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-09-08] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-09-08] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-09-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-08] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-09-08] (AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-07-26] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32224 2016-09-20] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2016-09-22] (Intel Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2018-03-17] (Symantec Corporation)
U1 aswbdisk; no ImagePath
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20180316.019\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20180316.019\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-22 20:10 - 2018-09-22 20:15 - 000006366 _____ C:\Users\Lenka\Desktop\Fixlog.txt
2018-09-22 19:07 - 2018-09-23 14:49 - 000022831 _____ C:\Users\Lenka\Desktop\FRST.txt
2018-09-22 19:07 - 2018-09-22 19:08 - 000038226 _____ C:\Users\Lenka\Desktop\Addition.txt
2018-09-22 19:07 - 2018-09-22 13:57 - 002413568 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.exe
2018-09-22 17:54 - 2018-09-22 17:55 - 000000000 ____D C:\AdwCleaner
2018-09-22 17:52 - 2018-09-22 17:52 - 007571152 _____ (Malwarebytes) C:\Users\Lenka\Desktop\adwcleaner_7.2.3.1.exe
2018-09-22 13:58 - 2018-09-23 14:49 - 000000000 ____D C:\FRST
2018-09-14 15:02 - 2018-09-14 15:02 - 000052296 _____ () C:\Windows\system32\Drivers\staport.sys
2018-09-12 15:42 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-09-12 15:42 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-09-12 15:42 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-09-12 15:42 - 2018-08-30 03:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-09-12 15:42 - 2018-08-28 07:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-09-12 15:42 - 2018-08-24 21:47 - 000398424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-09-12 15:42 - 2018-08-24 20:47 - 000350296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-09-12 15:42 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-09-12 15:42 - 2018-08-24 00:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-09-12 15:42 - 2018-08-24 00:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-09-12 15:42 - 2018-08-24 00:45 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-09-12 15:42 - 2018-08-24 00:44 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-09-12 15:42 - 2018-08-24 00:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-09-12 15:42 - 2018-08-24 00:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-09-12 15:42 - 2018-08-24 00:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-09-12 15:42 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-09-12 15:42 - 2018-08-24 00:34 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-09-12 15:42 - 2018-08-24 00:33 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-09-12 15:42 - 2018-08-24 00:27 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-09-12 15:42 - 2018-08-24 00:24 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-09-12 15:42 - 2018-08-24 00:19 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-09-12 15:42 - 2018-08-24 00:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-09-12 15:42 - 2018-08-24 00:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-09-12 15:42 - 2018-08-24 00:15 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-09-12 15:42 - 2018-08-24 00:15 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-09-12 15:42 - 2018-08-24 00:13 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-09-12 15:42 - 2018-08-24 00:12 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-09-12 15:42 - 2018-08-24 00:03 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-09-12 15:42 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-09-12 15:42 - 2018-08-24 00:01 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-09-12 15:42 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-09-12 15:42 - 2018-08-23 23:59 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-09-12 15:42 - 2018-08-23 23:59 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-09-12 15:42 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-09-12 15:42 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-09-12 15:42 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-09-12 15:42 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-09-12 15:42 - 2018-08-23 23:25 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-09-12 15:42 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-09-12 15:42 - 2018-08-23 23:14 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-09-12 15:42 - 2018-08-23 23:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-09-12 15:42 - 2018-08-23 23:14 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-09-12 15:42 - 2018-08-23 23:13 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-09-12 15:42 - 2018-08-23 23:12 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-09-12 15:42 - 2018-08-23 23:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-09-12 15:42 - 2018-08-23 23:09 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-09-12 15:42 - 2018-08-23 23:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-09-12 15:42 - 2018-08-23 23:00 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-09-12 15:42 - 2018-08-23 22:56 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-09-12 15:42 - 2018-08-23 22:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-09-12 15:42 - 2018-08-23 22:55 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-09-12 15:42 - 2018-08-23 22:54 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-09-12 15:42 - 2018-08-23 22:53 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-09-12 15:42 - 2018-08-23 22:52 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-09-12 15:42 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-09-12 15:42 - 2018-08-23 22:51 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-09-12 15:42 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-09-12 15:42 - 2018-08-23 22:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-09-12 15:42 - 2018-08-23 22:44 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-09-12 15:42 - 2018-08-23 22:44 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-09-12 15:42 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-09-12 15:42 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-09-12 15:42 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-09-12 15:42 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-09-12 15:42 - 2018-08-13 17:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-09-12 15:42 - 2018-08-13 17:53 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-09-12 15:42 - 2018-08-13 17:41 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-09-12 15:42 - 2018-08-12 22:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-09-12 15:42 - 2018-08-12 22:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-09-12 15:42 - 2018-08-12 22:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-09-12 15:42 - 2018-08-12 22:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-09-12 15:42 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-09-12 15:42 - 2018-08-10 17:59 - 005552816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-09-12 15:42 - 2018-08-10 17:59 - 000154800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-09-12 15:42 - 2018-08-10 17:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-09-12 15:42 - 2018-08-10 17:58 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-09-12 15:42 - 2018-08-10 17:58 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-09-12 15:42 - 2018-08-10 17:57 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-09-12 15:42 - 2018-08-10 17:57 - 000631624 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-09-12 15:42 - 2018-08-10 17:56 - 001664296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-09-12 15:42 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-09-12 15:42 - 2018-08-10 17:44 - 003961440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-09-12 15:42 - 2018-08-10 17:42 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-09-12 15:42 - 2018-08-10 17:39 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-09-12 15:42 - 2018-08-10 17:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-09-12 15:42 - 2018-08-10 17:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-09-12 15:42 - 2018-08-10 17:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-09-12 15:42 - 2018-08-10 17:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-09-12 15:42 - 2018-08-10 17:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-09-12 15:42 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-09-12 15:42 - 2018-08-10 17:17 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-09-12 15:42 - 2018-08-10 17:17 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-09-12 15:42 - 2018-08-10 17:17 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-09-12 15:42 - 2018-08-10 17:15 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-09-12 15:42 - 2018-08-10 17:13 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-09-12 15:42 - 2018-08-10 17:12 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-09-12 15:42 - 2018-08-10 17:12 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-09-12 15:42 - 2018-08-10 17:10 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-09-12 15:42 - 2018-08-10 17:09 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-09-12 15:42 - 2018-07-29 17:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-09-12 15:42 - 2018-07-18 17:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-09-12 15:42 - 2018-06-27 15:20 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2018-09-12 15:42 - 2018-06-27 15:19 - 000419648 _____ C:\Windows\system32\locale.nls
2018-09-08 18:36 - 2018-09-08 18:35 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-23 10:35 - 2009-07-14 06:45 - 000026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-23 10:35 - 2009-07-14 06:45 - 000026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-23 10:05 - 2018-03-18 01:25 - 000669580 _____ C:\Windows\system32\perfh005.dat
2018-09-23 10:05 - 2018-03-18 01:25 - 000141738 _____ C:\Windows\system32\perfc005.dat
2018-09-23 10:05 - 2009-07-14 07:13 - 001586648 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-23 10:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-23 10:00 - 2018-06-12 15:03 - 000000000 ___RD C:\Users\Lenka\iCloudDrive
2018-09-23 10:00 - 2018-03-17 16:42 - 000000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2018-09-23 10:00 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-22 20:10 - 2018-03-17 16:32 - 000000000 ____D C:\Program Files (x86)\Google
2018-09-22 17:57 - 2018-07-17 17:17 - 000000000 ____D C:\Users\Lenka\AppData\Local\AVAST Software
2018-09-22 17:55 - 2018-06-16 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-09-21 21:15 - 2018-07-04 21:40 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-21 21:14 - 2018-07-04 21:40 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-21 18:21 - 2018-07-12 19:54 - 000003556 _____ C:\Windows\System32\Tasks\HPCustParticipation HP LaserJet M101-M106
2018-09-21 18:21 - 2018-03-20 11:50 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-09-21 18:21 - 2018-03-18 10:51 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-09-21 18:21 - 2018-03-18 10:51 - 000002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-09-21 18:21 - 2018-03-17 16:35 - 000003646 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2018-09-20 19:42 - 2018-03-17 16:28 - 000000000 ____D C:\Users\Lenka
2018-09-20 16:51 - 2018-03-17 16:33 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-20 16:51 - 2018-03-17 16:33 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-13 17:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-09-13 15:54 - 2009-07-14 06:45 - 000414776 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-13 15:52 - 2018-03-18 11:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-13 15:52 - 2018-03-18 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-12 21:40 - 2018-03-17 16:33 - 001561362 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-09-12 18:36 - 2018-03-17 18:21 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-12 15:42 - 2018-03-18 11:45 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-09-12 15:36 - 2018-03-17 16:43 - 000111152 _____ C:\Users\Lenka\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-11 17:07 - 2018-03-17 18:21 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-09-11 16:59 - 2018-03-18 10:51 - 000000000 ____D C:\Program Files\CCleaner
2018-09-08 18:36 - 2018-03-17 18:21 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-08 18:36 - 2018-03-17 18:21 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-09-08 18:36 - 2018-03-17 18:21 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-09-08 18:35 - 2018-03-17 18:21 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-15 18:55
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Lenka (administrator) on FERDA (23-09-2018 14:49:46)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Iskysoft) C:\Program Files (x86)\iSkysoft\IAF\2.4.3.231\IsAppService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Western Digital Corporation or its affiliates) C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-08] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-09-18] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-18] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe [102400 2005-04-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ISHelperSetup.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [ISHelperSetup.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKU\S-1-5-21-416851214-1149586187-762815546-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-03-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1 10.0.0.3 10.0.0.2
Tcpip\..\Interfaces\{80731573-1D2E-4AA1-B00B-708699E13D8D}: [DhcpNameServer] 192.168.10.1 10.0.0.3 10.0.0.2
Internet Explorer:
==================
HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com/
HKU\S-1-5-21-416851214-1149586187-762815546-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: bcc26cqq.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default [2018-09-22]
FF Homepage: Mozilla\Firefox\Profiles\bcc26cqq.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10444__180616__yaff
FF NewTab: Mozilla\Firefox\Profiles\bcc26cqq.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10444__180616__yaff
FF Session Restore: Mozilla\Firefox\Profiles\bcc26cqq.default -> is enabled.
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-08-21]
FF Extension: (Avast SafePrice) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\sp@avast.com.xpi [2018-07-17]
FF Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\wrc@avast.com.xpi [2018-06-04]
FF Extension: (Download Streamable Video) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\{b4629e37-bbce-479a-8805-8235727e5abc}.xpi [2018-03-30]
FF Extension: (Video DownloadHelper) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-21]
FF Extension: (Firefox Monitor) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\features\{5b12ff78-691e-4feb-b5ae-d92fb20ee824}\fxmonitor@mozilla.org.xpi [2018-09-12]
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\bcc26cqq.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-09-20]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-09-13]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2018-09-23]
CHR Extension: (Překladač Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-03-17]
CHR Extension: (Prezentace) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-17]
CHR Extension: (Twitter Secret Emoticons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgogdobdhhbmdamdjmfomfdoobllbpd [2018-03-17]
CHR Extension: (Dokumenty) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-17]
CHR Extension: (Disk Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-17]
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-17]
CHR Extension: (Chrome IG Story) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2018-09-10]
CHR Extension: (Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2018-03-19]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2018-03-19]
CHR Extension: (Video Downloader professional) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-04-08]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-21]
CHR Extension: (Bulk Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\facoldpeadablbngjnohbmgaehknhcaj [2018-03-17]
CHR Extension: (Tabulky) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-17]
CHR Extension: (FBDown Video Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2018-07-30]
CHR Extension: (PhotoLive - Download Facebook Photos!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjnpabklnaaifclgealaepelncljadk [2018-03-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Transcribe: transcribe audio/interviews fast!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm [2018-03-17]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-08] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-08] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [324592 2016-11-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 IsAppService; C:\Program Files (x86)\Iskysoft\IAF\2.4.3.231\IsAppService.exe [493320 2017-10-19] (Iskysoft)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
R2 WD SSD Dashboard Service; C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe [1706496 2016-11-15] (Western Digital Corporation or its affiliates) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-09-08] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-09-08] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-09-08] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-09-08] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-09-08] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-09-08] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-09-08] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-08] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-09-08] (AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-07-26] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32224 2016-09-20] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2016-09-22] (Intel Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2018-03-17] (Symantec Corporation)
U1 aswbdisk; no ImagePath
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20180316.019\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20180316.019\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-22 20:10 - 2018-09-22 20:15 - 000006366 _____ C:\Users\Lenka\Desktop\Fixlog.txt
2018-09-22 19:07 - 2018-09-23 14:49 - 000022831 _____ C:\Users\Lenka\Desktop\FRST.txt
2018-09-22 19:07 - 2018-09-22 19:08 - 000038226 _____ C:\Users\Lenka\Desktop\Addition.txt
2018-09-22 19:07 - 2018-09-22 13:57 - 002413568 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.exe
2018-09-22 17:54 - 2018-09-22 17:55 - 000000000 ____D C:\AdwCleaner
2018-09-22 17:52 - 2018-09-22 17:52 - 007571152 _____ (Malwarebytes) C:\Users\Lenka\Desktop\adwcleaner_7.2.3.1.exe
2018-09-22 13:58 - 2018-09-23 14:49 - 000000000 ____D C:\FRST
2018-09-14 15:02 - 2018-09-14 15:02 - 000052296 _____ () C:\Windows\system32\Drivers\staport.sys
2018-09-12 15:42 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-09-12 15:42 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-09-12 15:42 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-09-12 15:42 - 2018-08-30 03:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-09-12 15:42 - 2018-08-28 07:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-09-12 15:42 - 2018-08-24 21:47 - 000398424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-09-12 15:42 - 2018-08-24 20:47 - 000350296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-09-12 15:42 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-09-12 15:42 - 2018-08-24 00:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-09-12 15:42 - 2018-08-24 00:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-09-12 15:42 - 2018-08-24 00:45 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-09-12 15:42 - 2018-08-24 00:44 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-09-12 15:42 - 2018-08-24 00:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-09-12 15:42 - 2018-08-24 00:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-09-12 15:42 - 2018-08-24 00:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-09-12 15:42 - 2018-08-24 00:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-09-12 15:42 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-09-12 15:42 - 2018-08-24 00:34 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-09-12 15:42 - 2018-08-24 00:33 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-09-12 15:42 - 2018-08-24 00:33 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-09-12 15:42 - 2018-08-24 00:27 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-09-12 15:42 - 2018-08-24 00:24 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-09-12 15:42 - 2018-08-24 00:19 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-09-12 15:42 - 2018-08-24 00:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-09-12 15:42 - 2018-08-24 00:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-09-12 15:42 - 2018-08-24 00:15 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-09-12 15:42 - 2018-08-24 00:15 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-09-12 15:42 - 2018-08-24 00:13 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-09-12 15:42 - 2018-08-24 00:12 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-09-12 15:42 - 2018-08-24 00:03 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-09-12 15:42 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-09-12 15:42 - 2018-08-24 00:01 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-09-12 15:42 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-09-12 15:42 - 2018-08-23 23:59 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-09-12 15:42 - 2018-08-23 23:59 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-09-12 15:42 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-09-12 15:42 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-09-12 15:42 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-09-12 15:42 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-09-12 15:42 - 2018-08-23 23:25 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-09-12 15:42 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-09-12 15:42 - 2018-08-23 23:14 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-09-12 15:42 - 2018-08-23 23:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-09-12 15:42 - 2018-08-23 23:14 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-09-12 15:42 - 2018-08-23 23:13 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-09-12 15:42 - 2018-08-23 23:12 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-09-12 15:42 - 2018-08-23 23:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-09-12 15:42 - 2018-08-23 23:09 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-09-12 15:42 - 2018-08-23 23:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-09-12 15:42 - 2018-08-23 23:06 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-09-12 15:42 - 2018-08-23 23:00 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-09-12 15:42 - 2018-08-23 22:56 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-09-12 15:42 - 2018-08-23 22:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-09-12 15:42 - 2018-08-23 22:55 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-09-12 15:42 - 2018-08-23 22:54 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-09-12 15:42 - 2018-08-23 22:53 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-09-12 15:42 - 2018-08-23 22:52 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-09-12 15:42 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-09-12 15:42 - 2018-08-23 22:51 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-09-12 15:42 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-09-12 15:42 - 2018-08-23 22:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-09-12 15:42 - 2018-08-23 22:44 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-09-12 15:42 - 2018-08-23 22:44 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-09-12 15:42 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-09-12 15:42 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-09-12 15:42 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-09-12 15:42 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-09-12 15:42 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-09-12 15:42 - 2018-08-13 17:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-09-12 15:42 - 2018-08-13 17:53 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-09-12 15:42 - 2018-08-13 17:41 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-09-12 15:42 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-09-12 15:42 - 2018-08-12 22:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-09-12 15:42 - 2018-08-12 22:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-09-12 15:42 - 2018-08-12 22:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-09-12 15:42 - 2018-08-12 22:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-09-12 15:42 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-09-12 15:42 - 2018-08-10 17:59 - 005552816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-09-12 15:42 - 2018-08-10 17:59 - 000154800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-09-12 15:42 - 2018-08-10 17:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-09-12 15:42 - 2018-08-10 17:58 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-09-12 15:42 - 2018-08-10 17:58 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-09-12 15:42 - 2018-08-10 17:57 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-09-12 15:42 - 2018-08-10 17:57 - 000631624 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-09-12 15:42 - 2018-08-10 17:56 - 001664296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-09-12 15:42 - 2018-08-10 17:55 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-09-12 15:42 - 2018-08-10 17:54 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-09-12 15:42 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-09-12 15:42 - 2018-08-10 17:44 - 003961440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-09-12 15:42 - 2018-08-10 17:42 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-09-12 15:42 - 2018-08-10 17:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-09-12 15:42 - 2018-08-10 17:39 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-09-12 15:42 - 2018-08-10 17:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-09-12 15:42 - 2018-08-10 17:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-09-12 15:42 - 2018-08-10 17:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-09-12 15:42 - 2018-08-10 17:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-09-12 15:42 - 2018-08-10 17:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-09-12 15:42 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-09-12 15:42 - 2018-08-10 17:17 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-09-12 15:42 - 2018-08-10 17:17 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-09-12 15:42 - 2018-08-10 17:17 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-09-12 15:42 - 2018-08-10 17:15 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-09-12 15:42 - 2018-08-10 17:13 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-09-12 15:42 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-09-12 15:42 - 2018-08-10 17:12 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-09-12 15:42 - 2018-08-10 17:12 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-09-12 15:42 - 2018-08-10 17:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-09-12 15:42 - 2018-08-10 17:10 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-09-12 15:42 - 2018-08-10 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-09-12 15:42 - 2018-08-10 17:09 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-09-12 15:42 - 2018-08-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-09-12 15:42 - 2018-07-29 17:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-09-12 15:42 - 2018-07-18 17:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-09-12 15:42 - 2018-06-27 15:20 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2018-09-12 15:42 - 2018-06-27 15:19 - 000419648 _____ C:\Windows\system32\locale.nls
2018-09-08 18:36 - 2018-09-08 18:35 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-23 10:35 - 2009-07-14 06:45 - 000026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-23 10:35 - 2009-07-14 06:45 - 000026080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-23 10:05 - 2018-03-18 01:25 - 000669580 _____ C:\Windows\system32\perfh005.dat
2018-09-23 10:05 - 2018-03-18 01:25 - 000141738 _____ C:\Windows\system32\perfc005.dat
2018-09-23 10:05 - 2009-07-14 07:13 - 001586648 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-23 10:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-23 10:00 - 2018-06-12 15:03 - 000000000 ___RD C:\Users\Lenka\iCloudDrive
2018-09-23 10:00 - 2018-03-17 16:42 - 000000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2018-09-23 10:00 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-22 20:10 - 2018-03-17 16:32 - 000000000 ____D C:\Program Files (x86)\Google
2018-09-22 17:57 - 2018-07-17 17:17 - 000000000 ____D C:\Users\Lenka\AppData\Local\AVAST Software
2018-09-22 17:55 - 2018-06-16 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-09-21 21:15 - 2018-07-04 21:40 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-21 21:14 - 2018-07-04 21:40 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-21 18:21 - 2018-07-12 19:54 - 000003556 _____ C:\Windows\System32\Tasks\HPCustParticipation HP LaserJet M101-M106
2018-09-21 18:21 - 2018-03-20 11:50 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-09-21 18:21 - 2018-03-18 10:51 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-09-21 18:21 - 2018-03-18 10:51 - 000002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-09-21 18:21 - 2018-03-17 16:35 - 000003646 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2018-09-20 19:42 - 2018-03-17 16:28 - 000000000 ____D C:\Users\Lenka
2018-09-20 16:51 - 2018-03-17 16:33 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-20 16:51 - 2018-03-17 16:33 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-13 17:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-09-13 15:54 - 2009-07-14 06:45 - 000414776 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-13 15:52 - 2018-03-18 11:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-13 15:52 - 2018-03-18 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-12 21:40 - 2018-03-17 16:33 - 001561362 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-09-12 18:36 - 2018-03-17 18:21 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-12 15:42 - 2018-03-18 11:45 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-09-12 15:36 - 2018-03-17 16:43 - 000111152 _____ C:\Users\Lenka\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-11 17:07 - 2018-03-17 18:21 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-09-11 16:59 - 2018-03-18 10:51 - 000000000 ____D C:\Program Files\CCleaner
2018-09-08 18:36 - 2018-03-17 18:21 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-08 18:36 - 2018-03-17 18:21 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-09-08 18:36 - 2018-03-17 18:21 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-09-08 18:35 - 2018-03-17 18:21 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-09-08 18:35 - 2018-03-17 18:21 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-15 18:55
==================== End of FRST.txt ============================
Re: Prosím o kontrolu logu - děkuji
Když rozkliknu vlastnosti e-mailu tak se zobrazí toto:
Delivered-To: mmmmm@volny.cz
Received: from unknown (unknown [10.255.254.22])
by gmmr1.centrum.cz (Postfix) with QMQP id DDF778004B97
for <mmmmm@volny.cz>; Sat, 22 Sep 2018 21:36:09 +0200 (CEST)
Received: from dq.spamfree.cz by dq.spamfree.cz
(VF-Scanner: SA:SPAM-TAGGED:RC:0(187.190.186.123):SC:0(37.9/5.0):;
processed in 0.8 s); 22 Sep 2018 19:36:09 +0000
X-VF-Scanner-Mail-From: mmmmm@volny.cz
X-VF-Scanner-Rcpt-To: mmmmm@volny.cz
X-VF-Scanner-ID: 20180922193608.914068.70941.dq.0
X-SpamDetected: 1
X-Spam-Status: Yes, hits=37.9, required=5.0
Subject: =?utf-8?B?VsOhxaEgw7rEjWV0IGJ5bCB0cmhsw70=?=
Received: from fixed-187-190-186-123.totalplay.net (187.190.186.123)
by dq.spamfree.cz with SMTP; 22 Sep 2018 21:36:08 +0200
Received-SPF: neutral (dq: 187.190.186.123 is neither permitted nor denied by domain of volny.cz) client-ip=187.190.186.123; envelope-from=mmmmm@volny.cz; helo=fixed-187-190-186-123.totalplay.net;
Message-ID: <B4030BB6A25BA771565E8D8079855374@B6QC37SB>
From: <mmmmm@volny.cz>
To: <mmmmm@volny.cz>
X-VF-Scanner-Moved-Subject: =?utf-8?B?VsOhxaEgw7rEjWV0IGJ5bCB0cmhsw70=?=
Date: 22 Sep 2018 08:29:07 -0600
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0039_01D45281.04A86D44"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail 15.4.3508.1109
X-MimeOLE: Produced By Microsoft MimeOLE V15.4.3508.1109
X-Antivirus: Avast (VPS 180923-0, 23.09.2018), Inbound message
X-Antivirus-Status: Clean
Lze z toho něco vyčíst?
Delivered-To: mmmmm@volny.cz
Received: from unknown (unknown [10.255.254.22])
by gmmr1.centrum.cz (Postfix) with QMQP id DDF778004B97
for <mmmmm@volny.cz>; Sat, 22 Sep 2018 21:36:09 +0200 (CEST)
Received: from dq.spamfree.cz by dq.spamfree.cz
(VF-Scanner: SA:SPAM-TAGGED:RC:0(187.190.186.123):SC:0(37.9/5.0):;
processed in 0.8 s); 22 Sep 2018 19:36:09 +0000
X-VF-Scanner-Mail-From: mmmmm@volny.cz
X-VF-Scanner-Rcpt-To: mmmmm@volny.cz
X-VF-Scanner-ID: 20180922193608.914068.70941.dq.0
X-SpamDetected: 1
X-Spam-Status: Yes, hits=37.9, required=5.0
Subject: =?utf-8?B?VsOhxaEgw7rEjWV0IGJ5bCB0cmhsw70=?=
Received: from fixed-187-190-186-123.totalplay.net (187.190.186.123)
by dq.spamfree.cz with SMTP; 22 Sep 2018 21:36:08 +0200
Received-SPF: neutral (dq: 187.190.186.123 is neither permitted nor denied by domain of volny.cz) client-ip=187.190.186.123; envelope-from=mmmmm@volny.cz; helo=fixed-187-190-186-123.totalplay.net;
Message-ID: <B4030BB6A25BA771565E8D8079855374@B6QC37SB>
From: <mmmmm@volny.cz>
To: <mmmmm@volny.cz>
X-VF-Scanner-Moved-Subject: =?utf-8?B?VsOhxaEgw7rEjWV0IGJ5bCB0cmhsw70=?=
Date: 22 Sep 2018 08:29:07 -0600
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0039_01D45281.04A86D44"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail 15.4.3508.1109
X-MimeOLE: Produced By Microsoft MimeOLE V15.4.3508.1109
X-Antivirus: Avast (VPS 180923-0, 23.09.2018), Inbound message
X-Antivirus-Status: Clean
Lze z toho něco vyčíst?
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - děkuji
V podstatě z tohlo lze vyčíst IP adresu odesilatele. Ve vašem případě je to z Mexika: https://www.whois.com/whois/187.190.186.123 . Jinak smazáno.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - děkuji
Mám se toho bát? Heslo jsem raději opět změnila.
Přispějete na provoz fóra?