Právě je 23 bře 2019 14:26

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 9 ] 
Autor Zpráva
 Předmět příspěvku: Kontrola logu - pomalý start notebooku
PříspěvekNapsal: 13 úno 2019 16:27 
Offline
Návštěvník
Návštěvník

Registrován: 26 kvě 2017 14:48
Příspěvky: 21
Dobrý den můžete mě zkontrolovat log,zda je notebook v pořádku?Zdá se mě,že pomalu startuje do systému.Notebook jsem kontroloval i pomocí AdwCleaner a nenašlo to nic.Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2019 01
Ran by Administrator (administrator) on ALEX-PC (13-02-2019 16:20:52)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

========================================================

C:\FRST\FRST64.exe => Win32/Suweezy? - moved successfully

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\KMS-R@1n.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Temp\ose00000.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10810912 2010-05-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3687020677-3972415508-549661944-500\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9001904 2019-01-28] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-3687020677-3972415508-549661944-500\...\MountPoints2: {a07eb8e8-2d4a-11e9-94fd-74f06dcdbeda} - G:\OInstall.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U shell32.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.96\Installer\chrmstp.exe [2019-02-07] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U shell32.dll
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppSvc.exe: [Debugger] KMS-R@1nHook.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3AB3E6F6-530B-407E-881D-C1C198D5B055}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3687020677-3972415508-549661944-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: czsom9dx.default
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\czsom9dx.default [2019-02-13]
FF Homepage: Mozilla\Firefox\Profiles\czsom9dx.default -> www.seznam.cz
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2019-02-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-01-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-07]
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-13]
CHR HKU\S-1-5-21-3687020677-3972415508-549661944-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\ADMINI~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-3687020677-3972415508-549661944-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [202752 2010-04-06] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2019-02-10] () [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6659072 2010-04-06] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [195584 2018-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6659072 2010-04-06] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-11-29] (Martin Malik - REALiX -> REALiX(tm))
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] (SONIX TECHNOLOGY CO. , LTD -> )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-13 16:20 - 2019-02-13 16:22 - 000010879 _____ C:\Users\Administrator\Desktop\FRST.txt
2019-02-13 16:20 - 2019-02-13 16:17 - 002433536 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2019-02-13 16:17 - 2019-02-13 16:20 - 000000000 ____D C:\FRST
2019-02-13 16:07 - 2019-02-13 16:07 - 000001313 _____ C:\Users\Public\Desktop\Skype.lnk
2019-02-13 16:04 - 2019-02-13 16:04 - 000003618 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task b38b03fa-9203-4555-b910-fb573f946291
2019-02-13 16:04 - 2019-02-13 16:04 - 000003544 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d747e473-8c7c-42f2-b3a7-251b9a2c2f39
2019-02-13 16:04 - 2019-02-13 16:04 - 000001815 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2019-02-13 16:04 - 2019-02-13 16:04 - 000000526 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d747e473-8c7c-42f2-b3a7-251b9a2c2f39.job
2019-02-13 16:04 - 2019-02-13 16:04 - 000000526 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b38b03fa-9203-4555-b910-fb573f946291.job
2019-02-13 16:04 - 2019-02-13 16:04 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
2019-02-13 16:04 - 2019-02-13 16:04 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-02-13 16:04 - 2019-02-13 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2019-02-13 16:04 - 2019-02-13 16:04 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-02-13 15:56 - 2019-02-10 18:24 - 021543568 _____ C:\Windows\MSYH.tt2
2019-02-13 15:56 - 2019-02-10 18:24 - 014381616 _____ C:\Windows\MSYHBD.tt2
2019-02-13 15:56 - 2019-02-10 18:23 - 014343024 _____ C:\Windows\MSJHBD.tt2
2019-02-13 15:56 - 2019-02-10 18:21 - 021302624 _____ C:\Windows\MSJH.tt2
2019-02-10 18:51 - 2019-02-10 18:51 - 000026112 _____ C:\Windows\KMS-R@1n.exe
2019-02-10 18:51 - 2019-02-10 18:51 - 000005120 _____ C:\Windows\KMS-R@1nHook.exe
2019-02-10 18:51 - 2019-02-10 18:51 - 000004096 _____ C:\Windows\KMS-R@1nHook.dll
2019-02-10 18:51 - 2019-02-10 18:51 - 000000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2019-02-10 18:51 - 2019-02-10 18:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\mpress
2019-02-10 17:28 - 2019-02-13 16:01 - 000000000 ____D C:\Program Files\Microsoft Office
2019-02-10 17:01 - 2019-02-10 17:24 - 000000000 ___RD C:\Users\Administrator\OneDrive
2019-02-10 16:55 - 2019-02-10 16:55 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2019-02-10 16:49 - 2019-02-10 16:49 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2019-02-10 16:49 - 2019-02-10 16:49 - 000000000 ____D C:\Users\Administrator\AppData\Local\Disc_Soft_Ltd
2019-02-10 16:48 - 2019-02-10 18:53 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
2019-02-10 16:48 - 2019-02-10 16:48 - 000059360 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2019-02-10 16:48 - 2019-02-10 16:48 - 000042256 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2019-02-10 16:48 - 2019-02-10 16:48 - 000000000 ____D C:\Users\Public\Documents\Catch!
2019-02-10 16:47 - 2019-02-10 16:48 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2019-02-09 17:59 - 2019-02-10 13:40 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2019-02-09 17:59 - 2019-02-09 17:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2019-02-07 13:41 - 2019-02-11 18:36 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2019-02-07 13:41 - 2019-02-07 13:41 - 000000878 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-02-07 13:41 - 2019-02-07 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-02-07 13:40 - 2019-02-07 13:40 - 000000000 ____D C:\Program Files\VideoLAN
2019-02-01 13:17 - 2019-02-01 13:19 - 000000000 ____D C:\ProgramData\Atheros
2019-02-01 13:16 - 2019-02-07 13:44 - 000000000 ____D C:\Windows\pss
2019-02-01 13:14 - 2010-05-13 19:23 - 002368160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2019-02-01 13:14 - 2010-05-13 16:58 - 002603040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2019-02-01 13:14 - 2010-05-13 16:58 - 001964576 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2019-02-01 13:14 - 2010-05-13 16:58 - 001215520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2019-02-01 13:14 - 2010-05-13 16:58 - 001146912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2019-02-01 13:14 - 2010-05-13 16:58 - 000476192 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2019-02-01 13:14 - 2010-05-13 16:58 - 000332320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2019-02-01 13:14 - 2010-05-13 16:58 - 000149536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2019-02-01 13:14 - 2010-05-13 16:58 - 000070176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2019-02-01 13:14 - 2010-05-06 16:34 - 000335192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2019-02-01 13:14 - 2010-05-06 16:34 - 000334680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2019-02-01 13:14 - 2010-05-06 15:43 - 002601816 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2019-02-01 13:14 - 2010-05-06 15:43 - 001736536 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2019-02-01 13:14 - 2010-04-14 16:56 - 000318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2019-02-01 13:14 - 2009-12-15 18:26 - 000372936 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2019-02-01 13:14 - 2009-12-15 18:26 - 000201928 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2019-02-01 13:14 - 2009-12-15 18:26 - 000099016 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2019-02-01 13:14 - 2009-12-15 18:26 - 000076488 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2019-02-01 13:14 - 2009-12-11 09:55 - 000307920 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2019-02-01 13:14 - 2009-12-11 09:55 - 000307920 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2019-02-01 13:14 - 2009-11-24 09:55 - 000518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2019-02-01 13:14 - 2009-11-24 09:55 - 000211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2019-02-01 13:14 - 2009-11-24 09:55 - 000198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2019-02-01 13:14 - 2009-11-24 09:55 - 000155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2019-02-01 13:14 - 2009-11-18 18:42 - 002197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2019-02-01 13:14 - 2009-04-02 15:43 - 000000520 _____ C:\Windows\system32\Drivers\SamSfPa.dat
2019-02-01 13:13 - 2019-02-01 13:15 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-02-01 13:13 - 2019-02-01 13:13 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-02-01 13:13 - 2010-04-28 17:45 - 001251872 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2019-02-01 13:13 - 2010-04-27 12:50 - 000330656 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2019-02-01 13:13 - 2010-01-26 11:38 - 000168288 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2019-02-01 13:13 - 2010-01-05 13:41 - 001325328 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2019-02-01 13:13 - 2010-01-05 13:41 - 000489744 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2019-02-01 13:13 - 2010-01-05 13:41 - 000474896 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2019-02-01 13:13 - 2010-01-05 13:40 - 001178384 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2019-02-01 13:13 - 2010-01-05 13:40 - 001110800 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2019-02-01 13:13 - 2010-01-05 13:40 - 000504592 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2019-02-01 13:13 - 2010-01-05 13:40 - 000315152 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2019-02-01 13:13 - 2010-01-05 13:40 - 000268560 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2019-02-01 13:13 - 2010-01-05 13:40 - 000265488 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2019-02-01 13:13 - 2010-01-05 13:40 - 000123664 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2019-02-01 13:13 - 2010-01-05 13:40 - 000123152 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2019-02-01 13:13 - 2010-01-05 13:40 - 000122128 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2019-02-01 13:13 - 2009-11-17 18:12 - 000108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2019-02-01 10:57 - 2010-01-25 17:48 - 000002908 _____ C:\Windows\Uninstvga.bat
2019-02-01 10:57 - 2009-06-05 17:15 - 001806400 _____ () C:\Windows\system32\Drivers\snp2uvc.sys
2019-02-01 10:57 - 2009-06-05 17:15 - 000042176 _____ C:\Windows\system32\Drivers\sncduvc.sys
2019-02-01 10:42 - 2019-02-01 10:42 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2019-02-01 10:36 - 2019-02-01 10:36 - 000000000 ____D C:\Program Files\ATI
2019-02-01 10:33 - 2019-02-01 10:33 - 000000000 ____D C:\Program Files\ATI Technologies
2019-02-01 10:25 - 2010-04-06 21:44 - 006659072 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2019-02-01 10:25 - 2010-04-06 21:40 - 018929664 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2019-02-01 10:25 - 2010-04-06 21:13 - 000455168 _____ (AMD) C:\Windows\system32\atieclxx.exe
2019-02-01 10:25 - 2010-04-06 21:13 - 000446464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2019-02-01 10:25 - 2010-04-06 21:12 - 014321664 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2019-02-01 10:25 - 2010-04-06 21:12 - 000202752 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2019-02-01 10:25 - 2010-04-06 21:10 - 000421376 _____ (ATI Technologies, Inc.) C:\Windows\system32\atipdl64.dll
2019-02-01 10:25 - 2010-04-06 21:10 - 000356352 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\atipdlxx.dll
2019-02-01 10:25 - 2010-04-06 21:10 - 000278528 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\Oemdspif.dll
2019-02-01 10:25 - 2010-04-06 21:10 - 000120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2019-02-01 10:25 - 2010-04-06 21:10 - 000059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2019-02-01 10:25 - 2010-04-06 21:10 - 000043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2019-02-01 10:25 - 2010-04-06 21:10 - 000012288 _____ (AMD) C:\Windows\system32\atimuixx.dll
2019-02-01 10:25 - 2010-04-06 21:06 - 003164160 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2019-02-01 10:25 - 2010-04-06 20:40 - 005186048 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2019-02-01 10:25 - 2010-04-06 20:40 - 003707904 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2019-02-01 10:25 - 2010-04-06 20:40 - 000053248 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2019-02-01 10:25 - 2010-04-06 20:40 - 000053248 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2019-02-01 10:25 - 2010-04-06 20:40 - 000043008 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2019-02-01 10:25 - 2010-04-06 20:40 - 000039936 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2019-02-01 10:25 - 2010-04-06 20:38 - 004018176 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2019-02-01 10:25 - 2010-04-06 20:25 - 000515424 _____ C:\Windows\system32\atiumd6a.cap
2019-02-01 10:25 - 2010-04-06 20:24 - 000334336 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2019-02-01 10:25 - 2010-04-06 20:23 - 000237568 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2019-02-01 10:25 - 2010-04-06 20:22 - 000053248 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2019-02-01 10:25 - 2010-04-06 20:21 - 002983936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2019-02-01 10:25 - 2010-04-06 20:20 - 000515424 _____ C:\Windows\SysWOW64\atiumdva.cap
2019-02-01 10:25 - 2010-04-06 20:09 - 000053248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2019-02-01 10:25 - 2010-04-06 20:09 - 000053248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2019-02-01 10:25 - 2010-04-06 20:08 - 000052224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2019-02-01 10:25 - 2010-04-06 20:08 - 000052224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2019-02-01 10:25 - 2010-04-01 04:34 - 000020862 _____ C:\Windows\atiogl.xml
2019-02-01 10:25 - 2010-03-17 11:06 - 000202234 _____ C:\Windows\system32\atiicdxx.dat
2019-01-29 19:18 - 2019-01-11 01:49 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-29 19:18 - 2019-01-11 01:49 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-29 19:18 - 2019-01-11 01:47 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-29 19:18 - 2019-01-11 01:47 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-29 19:18 - 2019-01-11 01:47 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-29 19:18 - 2019-01-11 01:46 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-29 19:18 - 2019-01-11 01:34 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-01-29 19:18 - 2019-01-11 01:34 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-01-29 19:18 - 2019-01-11 01:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-29 19:18 - 2018-12-28 21:03 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-01-29 19:18 - 2018-12-28 21:02 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-29 19:18 - 2018-12-28 21:02 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-29 19:18 - 2018-12-28 21:02 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-01-29 19:18 - 2018-12-28 21:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-29 19:18 - 2018-12-28 21:01 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:51 - 004055272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-01-29 19:18 - 2018-12-28 20:51 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-01-29 19:18 - 2018-12-28 20:50 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-29 19:18 - 2018-12-28 20:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-29 19:18 - 2018-12-28 20:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-29 19:18 - 2018-12-28 20:34 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-29 19:18 - 2018-12-28 20:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-01-29 19:18 - 2018-12-28 20:31 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-01-29 19:18 - 2018-12-28 20:31 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-29 19:18 - 2018-12-28 20:31 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-29 19:18 - 2018-12-28 20:30 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-01-29 19:18 - 2018-12-28 20:28 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-29 19:18 - 2018-12-28 20:28 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-29 19:18 - 2018-12-28 20:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-29 19:18 - 2018-12-28 20:27 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-29 19:18 - 2018-12-28 20:27 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-29 19:18 - 2018-12-28 20:27 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-29 19:18 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-29 19:18 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-29 19:18 - 2018-12-28 20:27 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-01-29 19:18 - 2018-12-28 20:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-01-29 19:18 - 2018-12-28 20:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-01-29 19:18 - 2018-12-28 20:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-01-29 19:18 - 2018-12-28 20:26 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-01-29 19:18 - 2018-12-28 20:26 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 20:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-01-29 19:18 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2019-01-29 19:18 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\system32\locale.nls
2019-01-29 19:18 - 2018-12-08 04:08 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-01-29 19:18 - 2018-12-08 04:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-01-29 19:18 - 2018-12-08 04:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-01-29 19:18 - 2018-12-08 04:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-01-29 19:18 - 2018-12-08 04:08 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-01-29 19:18 - 2018-12-08 04:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-01-29 19:18 - 2018-12-08 03:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-01-29 19:18 - 2018-12-08 03:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-01-29 19:18 - 2018-12-08 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-01-29 19:18 - 2018-12-08 03:47 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-29 19:18 - 2018-12-08 03:47 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-01-29 19:18 - 2018-12-08 03:47 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-01-29 19:18 - 2018-12-08 03:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-01-29 19:18 - 2018-12-08 03:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-01-29 19:18 - 2018-12-08 03:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-01-29 19:18 - 2018-12-07 16:33 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-01-29 19:18 - 2018-12-04 17:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2019-01-29 19:18 - 2018-12-04 17:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-01-29 19:18 - 2018-12-04 16:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2019-01-29 19:18 - 2018-12-04 16:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-01-29 19:18 - 2018-12-02 17:06 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000918408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000066000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000063936 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000021968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000017872 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000017856 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000017360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000016336 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000015824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000015808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000014312 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000014272 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000013768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000013264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000012736 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000012264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000012232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-01-29 19:18 - 2018-10-12 14:05 - 000011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-01-29 19:11 - 2019-01-29 19:11 - 000001754 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-29 19:11 - 2019-01-29 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-29 19:11 - 2019-01-29 19:11 - 000000000 ____D C:\Program Files\iPod
2019-01-29 19:10 - 2019-01-29 19:11 - 000000000 ____D C:\Program Files\iTunes
2019-01-24 20:01 - 2019-01-24 20:01 - 000675984 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2019-01-24 20:01 - 2019-01-24 20:01 - 000386712 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2019-01-24 20:01 - 2019-01-24 20:01 - 000343192 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2019-01-24 20:01 - 2019-01-24 20:01 - 000089248 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2019-01-21 12:30 - 2019-01-21 12:30 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2019-01-21 12:29 - 2019-02-05 13:13 - 000000000 ____D C:\Program Files\CCleaner
2019-01-21 12:29 - 2019-01-21 12:30 - 000002824 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-01-21 12:29 - 2019-01-21 12:29 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-21 12:29 - 2019-01-21 12:29 - 000000829 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-21 12:29 - 2019-01-21 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-21 12:22 - 2019-01-29 18:52 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-01-21 12:15 - 2019-01-21 12:15 - 000000744 _____ C:\Users\Administrator\Desktop\Anglický jazyk.lnk
2019-01-16 14:50 - 2019-01-16 14:50 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2019-01-16 14:50 - 2019-01-16 14:50 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2019-01-16 14:49 - 2019-01-16 14:50 - 000000000 ____D C:\Program Files\Common Files\Apple
2019-01-14 13:21 - 2019-01-14 13:21 - 000000000 ____D C:\Program Files\Google

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-13 16:16 - 2009-07-14 05:45 - 000021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-13 16:16 - 2009-07-14 05:45 - 000021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-13 16:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-13 16:07 - 2018-10-26 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-02-13 16:01 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-02-13 15:53 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-10 18:53 - 2009-07-14 05:45 - 000441168 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-10 18:38 - 2018-10-04 11:25 - 000115088 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2019-02-10 17:01 - 2018-10-04 11:19 - 000000000 ____D C:\Users\Administrator
2019-02-10 16:59 - 2018-10-26 15:31 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2019-02-07 13:33 - 2018-10-04 11:27 - 000002231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-07 13:33 - 2018-10-04 11:27 - 000002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-01 13:32 - 2011-04-12 09:34 - 000025222 _____ C:\Windows\system32\perfh005.dat
2019-02-01 13:32 - 2011-04-12 09:34 - 000008794 _____ C:\Windows\system32\perfc005.dat
2019-02-01 13:32 - 2009-07-14 06:13 - 000032174 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-01 13:18 - 2018-12-15 13:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-01 13:16 - 2018-11-29 13:32 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-01-29 19:27 - 2018-10-04 13:58 - 000000000 ____D C:\Windows\system32\MRT
2019-01-29 19:27 - 2018-10-04 11:27 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2019-01-29 19:24 - 2018-10-04 13:58 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-16 14:49 - 2018-10-04 11:44 - 000000000 ____D C:\ProgramData\Apple

==================== Files in the root of some directories =======

2018-10-06 07:11 - 2018-10-06 07:14 - 000007606 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-04 11:05

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2019 01
Ran by Administrator (13-02-2019 16:23:18)
Running from C:\Users\Administrator\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-10-04 10:14:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3687020677-3972415508-549661944-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-3687020677-3972415508-549661944-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{401D3422-5349-F819-D294-01CA297CB9E0}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.96 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
iTunes (HKLM\...\{8C125166-94A1-4721-84CC-C9739E6EA8A7}) (Version: 12.9.3.3 - Apple Inc.)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6110 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.38 (HKLM-x32\...\Skype_is1) (Version: 8.38 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1028 - SUPERAntiSpyware.com)
USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1CA0F195-DC0F-4081-8D20-36BD7646240C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {422CFE6E-CD90-4A3E-9F10-6896256AA201} - System32\Tasks\SUPERAntiSpyware Scheduled Task b38b03fa-9203-4555-b910-fb573f946291 => C:\Program Files\SUPERAntiSpyware\SASTask.exe (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {6F4CDE8F-3F54-4F51-8591-D348AA1B0F9D} - System32\Tasks\R@1n-KMS\Office16Word => wmic path OfficeSoftwareProtectionProduct where (ID="bb11badf-d8aa-470e-9311-20eaf80fe5cc") call Activate
Task: {9A10EE84-E084-4E78-9046-F4901BE9E6B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E99D92E1-1AA4-49FA-B899-DBD0535D5126} - System32\Tasks\SUPERAntiSpyware Scheduled Task d747e473-8c7c-42f2-b3a7-251b9a2c2f39 => C:\Program Files\SUPERAntiSpyware\SASTask.exe (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {EA969DDA-89C2-4158-B892-C0D356479B29} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F554ED65-2D22-4BD3-9C0F-F9A229E256AF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b38b03fa-9203-4555-b910-fb573f946291.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d747e473-8c7c-42f2-b3a7-251b9a2c2f39.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-02-10 18:51 - 2019-02-10 18:51 - 000026112 _____ () C:\Windows\KMS-R@1n.exe
2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-11-01 05:27 - 2018-11-01 05:27 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3687020677-3972415508-549661944-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1907810A-BE4E-46A6-8DD0-4C3461078448}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

CodeIntegrity:
===================================

Date: 2018-10-04 16:47:23.176
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-04 16:47:23.160
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-04 16:42:15.526
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-04 16:42:15.479
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-04 15:03:40.423
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-04 15:03:40.385
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD Athlon(tm) II P360 Dual-Core Processor
Percentage of memory in use: 56%
Total physical RAM: 4093.82 MB
Available physical RAM: 1774.57 MB
Total Virtual: 8185.79 MB
Available Virtual: 6010.68 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:97.08 GB) (Free:61.43 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Dokumenty) (Fixed) (Total:498.51 GB) (Free:464.58 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 1B64FBCC)
Partition 1: (Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 13 úno 2019 16:31 
Offline
Návštěvník
Návštěvník

Registrován: 26 kvě 2017 14:48
Příspěvky: 21
Zde je i log z AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-12.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-13-2019
# Duration: 00:00:09
# OS: Windows 7 Home Premium
# Scanned: 31898
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1257 octets] - [04/10/2018 18:28:14]
AdwCleaner[S01].txt - [1318 octets] - [31/10/2018 12:13:17]
AdwCleaner[S02].txt - [1379 octets] - [12/11/2018 11:16:40]
AdwCleaner[S03].txt - [1440 octets] - [12/11/2018 11:17:04]
AdwCleaner[S04].txt - [1570 octets] - [13/12/2018 11:39:00]
AdwCleaner[C04].txt - [1736 octets] - [13/12/2018 11:39:48]
AdwCleaner[S05].txt - [1623 octets] - [13/12/2018 11:41:29]
AdwCleaner[S06].txt - [1684 octets] - [13/12/2018 11:41:49]
AdwCleaner[S07].txt - [1745 octets] - [26/12/2018 11:07:29]
AdwCleaner[S08].txt - [1877 octets] - [16/01/2019 14:40:39]
AdwCleaner[C08].txt - [2043 octets] - [16/01/2019 14:41:00]
AdwCleaner[S09].txt - [1928 octets] - [16/01/2019 14:42:34]
AdwCleaner[S10].txt - [1989 octets] - [29/01/2019 18:50:28]
AdwCleaner[C10].txt - [2175 octets] - [29/01/2019 18:50:46]
AdwCleaner[S11].txt - [2111 octets] - [01/02/2019 11:21:33]
AdwCleaner[S12].txt - [2172 octets] - [01/02/2019 11:22:01]
AdwCleaner[S13].txt - [2233 octets] - [13/02/2019 16:03:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S14].txt ##########


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 13 úno 2019 17:16 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 107906
Bydliště: Plzeň
Zdravím!
Přidejte ještě log Addition (na ploše v souboru additin.txt) a pak ručně vyčistíme.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 13 úno 2019 17:21 
Offline
Návštěvník
Návštěvník

Registrován: 26 kvě 2017 14:48
Příspěvky: 21
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2019 01
Ran by Administrator (13-02-2019 16:23:18)
Running from C:\Users\Administrator\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-10-04 10:14:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3687020677-3972415508-549661944-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-3687020677-3972415508-549661944-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{401D3422-5349-F819-D294-01CA297CB9E0}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.96 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
iTunes (HKLM\...\{8C125166-94A1-4721-84CC-C9739E6EA8A7}) (Version: 12.9.3.3 - Apple Inc.)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6110 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.38 (HKLM-x32\...\Skype_is1) (Version: 8.38 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1028 - SUPERAntiSpyware.com)
USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1CA0F195-DC0F-4081-8D20-36BD7646240C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {422CFE6E-CD90-4A3E-9F10-6896256AA201} - System32\Tasks\SUPERAntiSpyware Scheduled Task b38b03fa-9203-4555-b910-fb573f946291 => C:\Program Files\SUPERAntiSpyware\SASTask.exe (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {6F4CDE8F-3F54-4F51-8591-D348AA1B0F9D} - System32\Tasks\R@1n-KMS\Office16Word => wmic path OfficeSoftwareProtectionProduct where (ID="bb11badf-d8aa-470e-9311-20eaf80fe5cc") call Activate
Task: {9A10EE84-E084-4E78-9046-F4901BE9E6B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E99D92E1-1AA4-49FA-B899-DBD0535D5126} - System32\Tasks\SUPERAntiSpyware Scheduled Task d747e473-8c7c-42f2-b3a7-251b9a2c2f39 => C:\Program Files\SUPERAntiSpyware\SASTask.exe (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {EA969DDA-89C2-4158-B892-C0D356479B29} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F554ED65-2D22-4BD3-9C0F-F9A229E256AF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b38b03fa-9203-4555-b910-fb573f946291.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d747e473-8c7c-42f2-b3a7-251b9a2c2f39.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-02-10 18:51 - 2019-02-10 18:51 - 000026112 _____ () C:\Windows\KMS-R@1n.exe
2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-11-01 05:27 - 2018-11-01 05:27 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3687020677-3972415508-549661944-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1907810A-BE4E-46A6-8DD0-4C3461078448}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

CodeIntegrity:
===================================

Date: 2018-10-04 16:47:23.176
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-04 16:47:23.160
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-04 16:42:15.526
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-04 16:42:15.479
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-04 15:03:40.423
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-04 15:03:40.385
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD Athlon(tm) II P360 Dual-Core Processor
Percentage of memory in use: 56%
Total physical RAM: 4093.82 MB
Available physical RAM: 1774.57 MB
Total Virtual: 8185.79 MB
Available Virtual: 6010.68 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:97.08 GB) (Free:61.43 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Dokumenty) (Fixed) (Total:498.51 GB) (Free:464.58 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 1B64FBCC)
Partition 1: (Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 13 úno 2019 17:31 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 107906
Bydliště: Plzeň
Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {9A10EE84-E084-4E78-9046-F4901BE9E6B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6F4CDE8F-3F54-4F51-8591-D348AA1B0F9D} - System32\Tasks\R@1n-KMS\Office16Word => wmic path OfficeSoftwareProtectionProduct where (ID="bb11badf-d8aa-470e-9311-20eaf80fe5cc") call Activate
Task: {1CA0F195-DC0F-4081-8D20-36BD7646240C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
C:\Program Files\Bonjour
HKU\S-1-5-21-3687020677-3972415508-549661944-500\...\MountPoints2: {a07eb8e8-2d4a-11e9-94fd-74f06dcdbeda} - G:\OInstall.exe
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppSvc.exe: [Debugger] KMS-R@1nHook.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\KMS-R@1n.exe
C:\Windows\KMS-R@1nHook.exe
C:\Windows\KMS-R@1nHook.dll
C:\Windows\System32\Tasks\R@1n-KMS

EmptyTemp:
End


Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 13 úno 2019 17:37 
Offline
Návštěvník
Návštěvník

Registrován: 26 kvě 2017 14:48
Příspěvky: 21
Fix result of Farbar Recovery Scan Tool (x64) Version: 12.02.2019 01
Ran by Administrator (13-02-2019 17:34:31) Run:1
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {9A10EE84-E084-4E78-9046-F4901BE9E6B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6F4CDE8F-3F54-4F51-8591-D348AA1B0F9D} - System32\Tasks\R@1n-KMS\Office16Word => wmic path OfficeSoftwareProtectionProduct where (ID="bb11badf-d8aa-470e-9311-20eaf80fe5cc") call Activate
Task: {1CA0F195-DC0F-4081-8D20-36BD7646240C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
C:\Program Files\Bonjour
HKU\S-1-5-21-3687020677-3972415508-549661944-500\...\MountPoints2: {a07eb8e8-2d4a-11e9-94fd-74f06dcdbeda} - G:\OInstall.exe
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppSvc.exe: [Debugger] KMS-R@1nHook.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\KMS-R@1n.exe
C:\Windows\KMS-R@1nHook.exe
C:\Windows\KMS-R@1nHook.dll
C:\Windows\System32\Tasks\R@1n-KMS

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => removed successfully
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => removed successfully
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A10EE84-E084-4E78-9046-F4901BE9E6B4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A10EE84-E084-4E78-9046-F4901BE9E6B4}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F4CDE8F-3F54-4F51-8591-D348AA1B0F9D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F4CDE8F-3F54-4F51-8591-D348AA1B0F9D}" => removed successfully
C:\Windows\System32\Tasks\R@1n-KMS\Office16Word => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS\Office16Word" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1CA0F195-DC0F-4081-8D20-36BD7646240C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CA0F195-DC0F-4081-8D20-36BD7646240C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Program Files\Bonjour => moved successfully
HKU\S-1-5-21-3687020677-3972415508-549661944-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a07eb8e8-2d4a-11e9-94fd-74f06dcdbeda} => removed successfully
HKLM\Software\Classes\CLSID\{a07eb8e8-2d4a-11e9-94fd-74f06dcdbeda} => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\OSppSvc.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppSvc.exe => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Windows\KMS-R@1n.exe => moved successfully
C:\Windows\KMS-R@1nHook.exe => moved successfully
C:\Windows\KMS-R@1nHook.dll => moved successfully
C:\Windows\System32\Tasks\R@1n-KMS => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7599966 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 257640 B
Edge => 0 B
Chrome => 474075777 B
Firefox => 229376 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 66228 B
LocalService => 66228 B
NetworkService => 0 B
Administrator => 217677729 B

RecycleBin => 0 B
EmptyTemp: => 675.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:34:55 ====


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 13 úno 2019 17:55 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 107906
Bydliště: Plzeň
Smazáno. Nastala nějaká změna?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 13 úno 2019 17:57 
Offline
Návštěvník
Návštěvník

Registrován: 26 kvě 2017 14:48
Příspěvky: 21
Dobře děkuji je to lepší.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 13 úno 2019 17:58 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 107906
Bydliště: Plzeň
Rádo se stalo! :)

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 9 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Google [Bot]


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
cron
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?
>