Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivku

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Prosím o preventivku

#1 Příspěvek od danatoma »

Dobrý den,
prosím o kontrolu, protože mně v posledních dnech zlobí přehrávání videí (seká se), a také některé stránky, např. Ahaonline.cz najednou "zmizí" a místo textu se mi ukáže zdroj.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Danica at 2019-03-25 16:07:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 513 GB (87%) free of 589 GB
Total RAM: 7580 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:07:52, on 25.3.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19301)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
C:\Program Files\trend micro\Danica.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Google Update] C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Chromium] "c:\users\danica\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: $McRebootA5E6DEAA56$.lnk = ?
O4 - Global Startup: Avast Cleanup Premium.lnk = C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF0F8BAB-DCB1-48C0-B574-983445226713}: NameServer = 100.120.128.1
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Avast Cleanup Premium (CleanupPSvc) - AVAST Software - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - AVAST Software - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7710 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe" /nogui
taskeng.exe {D5B320F5-3E76-44DB-9CA6-420F68708196}
"C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe" -boot
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="77662D07-9A1C-224A-C20F-6B667331933A" /binpath="C:\Program Files\AVAST Software\Avast"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Danica\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Avast Driver Updater Startup.job - C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe -boot

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-03-12 260488]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2017-04-19 79360]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2000-01-01 9197568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [2018-12-19 605992]
"Chromium"=c:\users\danica\appdata\local\chromium\application\chrome.exe [2017-02-15 829440]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [2000-01-01 299520]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-03-12 260488]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
$McRebootA5E6DEAA56$.lnk -
Avast Cleanup Premium.lnk - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveTrack"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-03-24 09:40:37 ----D---- C:\Program Files (x86)\LibreOffice 5
2019-03-20 09:21:03 ----A---- C:\Windows\system32\sipnotify.exe
2019-03-17 10:50:32 ----D---- C:\ProgramData\NortonInstaller
2019-03-17 10:49:54 ----D---- C:\Program Files\McAfee
2019-03-17 10:27:42 ----A---- C:\Windows\system32\aswBoot.exe
2019-03-16 11:56:23 ----D---- C:\Program Files\LibreOffice
2019-03-14 08:32:38 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2019-03-14 08:32:37 ----A---- C:\Windows\system32\poqexec.exe
2019-03-14 08:32:35 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2019-03-14 08:32:35 ----A---- C:\Windows\system32\drmv2clt.dll
2019-03-14 08:32:35 ----A---- C:\Windows\system32\blackbox.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\quartz.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\msscp.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\evr.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\wmdrmsdk.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\quartz.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\mssign32.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\msscp.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\msnetobj.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\evr.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\drmmgrtn.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\crypt32.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\audiosrv.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\AudioSes.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\AUDIOKSE.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\AudioEng.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\wmp.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\mssign32.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\mfps.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\mf.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\wmp.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\wintrust.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\qdvd.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\mfps.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\mfpmp.exe
2019-03-14 08:32:33 ----A---- C:\Windows\system32\mfplat.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\mf.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\EncDump.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\dxmasf.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2019-03-14 08:32:33 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2019-03-14 08:32:33 ----A---- C:\Windows\system32\cryptui.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\cryptsvc.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\cryptnet.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\audiodg.exe
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\mferror.dll
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\wmploc.DLL
2019-03-14 08:32:32 ----A---- C:\Windows\system32\spwmp.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\rrinstaller.exe
2019-03-14 08:32:32 ----A---- C:\Windows\system32\pcawrk.exe
2019-03-14 08:32:32 ----A---- C:\Windows\system32\pcasvc.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\pcalua.exe
2019-03-14 08:32:32 ----A---- C:\Windows\system32\pcadm.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\msmmsp.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\mferror.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\cryptsp.dll
2019-03-14 08:32:31 ----A---- C:\Windows\system32\pcaevts.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-03-14 08:32:20 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-14 08:32:20 ----A---- C:\Windows\system32\inseng.dll
2019-03-14 08:32:20 ----A---- C:\Windows\system32\ieUnatt.exe
2019-03-14 08:32:20 ----A---- C:\Windows\system32\iernonce.dll
2019-03-14 08:32:20 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-03-14 08:32:20 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-03-14 08:32:20 ----A---- C:\Windows\system32\ie4uinit.exe
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-03-14 08:32:19 ----A---- C:\Windows\system32\urlmon.dll
2019-03-14 08:32:19 ----A---- C:\Windows\system32\occache.dll
2019-03-14 08:32:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-03-14 08:32:19 ----A---- C:\Windows\system32\iedkcs32.dll
2019-03-14 08:32:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-03-14 08:32:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-03-14 08:32:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-03-14 08:32:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-03-14 08:32:18 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-14 08:32:18 ----A---- C:\Windows\system32\msfeeds.dll
2019-03-14 08:32:18 ----A---- C:\Windows\system32\iesetup.dll
2019-03-14 08:32:18 ----A---- C:\Windows\system32\ieapfltr.dll
2019-03-14 08:32:18 ----A---- C:\Windows\system32\dxtrans.dll
2019-03-14 08:32:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-03-14 08:32:17 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-03-14 08:32:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-03-14 08:32:17 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-03-14 08:32:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-03-14 08:32:17 ----A---- C:\Windows\system32\vbscript.dll
2019-03-14 08:32:17 ----A---- C:\Windows\system32\iertutil.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\webcheck.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\mshtmled.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\jscript9diag.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\jscript9.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\jscript.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\ieui.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\ieframe.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\dxtmsft.dll
2019-03-14 08:32:15 ----A---- C:\Windows\system32\wininet.dll
2019-03-14 08:32:15 ----A---- C:\Windows\system32\msrating.dll
2019-03-14 08:32:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-03-14 08:32:15 ----A---- C:\Windows\system32\jsproxy.dll
2019-03-14 08:32:14 ----A---- C:\Windows\system32\mshtml.dll
2019-03-14 08:32:13 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2019-03-14 08:32:13 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2019-03-14 08:32:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2019-03-14 08:32:13 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2019-03-14 08:32:13 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2019-03-14 08:32:13 ----A---- C:\Windows\system32\WerFaultSecure.exe
2019-03-14 08:32:13 ----A---- C:\Windows\system32\WerFault.exe
2019-03-14 08:32:13 ----A---- C:\Windows\system32\msxml6.dll
2019-03-14 08:32:13 ----A---- C:\Windows\system32\msxml3.dll
2019-03-14 08:32:13 ----A---- C:\Windows\system32\Faultrep.dll
2019-03-14 08:32:13 ----A---- C:\Windows\system32\drivers\udfs.sys
2019-03-14 08:32:13 ----A---- C:\Windows\system32\drivers\cdfs.sys
2019-03-14 08:32:13 ----A---- C:\Windows\system32\appraiser.dll
2019-03-14 08:32:13 ----A---- C:\Windows\system32\aeinv.dll
2019-03-14 08:32:12 ----A---- C:\Windows\system32\win32k.sys
2019-03-14 08:32:12 ----A---- C:\Windows\system32\generaltel.dll
2019-03-14 08:32:12 ----A---- C:\Windows\system32\drivers\ntfs.sys
2019-03-14 08:32:12 ----A---- C:\Windows\system32\devinv.dll
2019-03-14 08:32:11 ----A---- C:\Windows\SYSWOW64\wer.dll
2019-03-14 08:32:11 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2019-03-14 08:32:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\wer.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\rpcrt4.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\oleaut32.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\localspl.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\kerberos.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\invagent.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\drivers\npfs.sys
2019-03-14 08:32:11 ----A---- C:\Windows\system32\drivers\msfs.sys
2019-03-14 08:32:11 ----A---- C:\Windows\system32\drivers\bridge.sys
2019-03-14 08:32:11 ----A---- C:\Windows\system32\centel.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\acmigration.dll
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-03-14 08:32:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-03-14 08:32:10 ----A---- C:\Windows\system32\msv1_0.dll
2019-03-14 08:32:10 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-03-14 08:32:10 ----A---- C:\Windows\system32\drivers\srv.sys
2019-03-14 08:32:10 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-03-14 08:32:10 ----A---- C:\Windows\system32\drivers\fastfat.sys
2019-03-14 08:32:10 ----A---- C:\Windows\system32\CompatTelRunner.exe
2019-03-14 08:32:10 ----A---- C:\Windows\system32\aitstatic.exe
2019-03-14 08:32:10 ----A---- C:\Windows\system32\aepic.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\wermgr.exe
2019-03-14 08:32:09 ----A---- C:\Windows\system32\tzres.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\smss.exe
2019-03-14 08:32:09 ----A---- C:\Windows\system32\schannel.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\rpcss.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\ole32.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\ntdll.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\ncrypt.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\mf3216.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\lsasrv.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\kernel32.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\hal.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\hidparse.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\hidclass.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\exfat.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\certcli.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\cdosys.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\bridgeunattend.exe
2019-03-14 08:32:09 ----A---- C:\Windows\system32\bridgeres.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\brdgcfg.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\advapi32.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\user.exe
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\wow64win.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\wow64cpu.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\wow64.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\winsrv.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\werdiagcontroller.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\wdigest.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\TSpkg.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\sspisrv.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\sspicli.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\sscore.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\srvsvc.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\srcore.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\srclient.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\secur32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\rstrui.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\rpchttp.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\oleres.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\ntvdm64.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\msxml6r.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\msxml3r.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\msobjs.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\msimg32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\msaudite.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\lsass.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\KernelBase.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\processr.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\hidusb.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\appid.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\csrsrv.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\cryptbase.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\credssp.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\conhost.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\comcat.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\bcrypt.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\auditpol.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\appidsvc.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\appidapi.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\apisetschema.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\adtschema.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\vcruntime140.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\vccorlib140.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\msvcp140_2.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\msvcp140_1.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\msvcp140.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\concrt140.dll

======List of files/folders modified in the last 1 month======

2019-03-25 16:07:52 ----D---- C:\Windows\Prefetch
2019-03-25 16:07:52 ----D---- C:\Program Files\trend micro
2019-03-25 15:59:54 ----D---- C:\Windows\Temp
2019-03-25 15:24:03 ----D---- C:\Windows\system32\NDF
2019-03-25 11:51:10 ----D---- C:\Windows\system32\config
2019-03-25 08:38:47 ----D---- C:\ProgramData\McAfee
2019-03-25 08:38:20 ----D---- C:\Windows\inf
2019-03-25 08:35:29 ----D---- C:\Windows\System32
2019-03-25 08:35:29 ----D---- C:\Windows
2019-03-25 08:26:59 ----D---- C:\Windows\system32\drivers
2019-03-24 22:54:22 ----SHD---- C:\System Volume Information
2019-03-24 10:49:59 ----RSD---- C:\Windows\Fonts
2019-03-24 10:48:48 ----SHD---- C:\Windows\Installer
2019-03-24 10:48:33 ----RSD---- C:\Windows\assembly
2019-03-24 10:24:04 ----D---- C:\Windows\system32\Tasks
2019-03-24 09:40:37 ----RD---- C:\Program Files (x86)
2019-03-22 14:32:07 ----D---- C:\Users\Danica\AppData\Roaming\LibreOffice
2019-03-20 23:27:01 ----D---- C:\Windows\winsxs
2019-03-18 09:27:59 ----D---- C:\Windows\debug
2019-03-17 10:50:32 ----HD---- C:\ProgramData
2019-03-17 10:49:54 ----RD---- C:\Program Files
2019-03-17 10:25:29 ----D---- C:\Windows\Tasks
2019-03-17 10:25:29 ----D---- C:\Windows\system32\wfp
2019-03-17 10:25:26 ----D---- C:\Windows\system32\wbem
2019-03-17 10:24:48 ----D---- C:\Windows\system32\DriverStore
2019-03-17 10:24:48 ----D---- C:\Windows\system32\drivers\etc
2019-03-17 10:24:48 ----D---- C:\Program Files (x86)\Internet Explorer
2019-03-17 10:24:47 ----D---- C:\Windows\system32\catroot2
2019-03-17 10:24:32 ----D---- C:\Windows\registration
2019-03-16 00:18:10 ----D---- C:\Windows\SysWOW64
2019-03-15 09:04:15 ----D---- C:\Windows\rescache
2019-03-15 07:49:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-03-15 07:40:02 ----D---- C:\Windows\SYSWOW64\Dism
2019-03-15 07:40:02 ----D---- C:\Windows\SYSWOW64\cs-CZ
2019-03-15 07:40:02 ----D---- C:\Program Files\Windows Media Player
2019-03-15 07:40:02 ----D---- C:\Program Files (x86)\Windows Media Player
2019-03-15 07:39:59 ----D---- C:\Windows\system32\Dism
2019-03-15 07:39:59 ----D---- C:\Windows\system32\cs-CZ
2019-03-15 07:39:45 ----D---- C:\Program Files\Internet Explorer
2019-03-15 07:39:44 ----D---- C:\Windows\SYSWOW64\en-US
2019-03-15 07:39:41 ----SD---- C:\Windows\system32\CompatTel
2019-03-15 07:39:41 ----D---- C:\Windows\system32\drivers\en-US
2019-03-15 07:39:41 ----D---- C:\Windows\system32\appraiser
2019-03-15 07:39:40 ----D---- C:\Windows\system32\en-US
2019-03-15 07:39:35 ----D---- C:\Windows\AppPatch
2019-03-15 07:39:23 ----D---- C:\Windows\system32\migration
2019-03-15 07:39:23 ----D---- C:\Windows\system32\Boot
2019-03-15 00:00:55 ----D---- C:\Windows\system32\MRT
2019-03-14 23:57:54 ----AC---- C:\Windows\system32\MRT.exe
2019-03-13 16:26:22 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-03-13 16:26:19 ----D---- C:\Windows\system32\Macromed
2019-03-13 16:26:18 ----D---- C:\Windows\SYSWOW64\Macromed
2019-03-02 07:40:19 ----SD---- C:\Windows\system32\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-03-12 196304]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblog.sys [2019-03-12 320904]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-03-12 58168]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-03-12 88152]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-03-12 380160]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2017-04-19 1469952]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2017-04-19 40448]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2000-01-01 23552]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-03-12 205608]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-03-12 254408]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-03-12 42496]
R1 aswNetSec;aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [2019-03-12 518784]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-03-12 112520]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-03-12 1034640]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-03-12 476256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-03-12 169104]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-03-12 220632]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2019-01-27 38152]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2013-08-29 494864]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2017-01-24 4935152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 5556224]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2000-01-01 401408]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2000-01-01 816640]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2016-02-04 180264]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2018-09-05 53904]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-10 460048]
S3 LEqdUsb;Logicool SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2015-06-18 87696]
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2015-09-28 2253112]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2019-03-25 25608]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-11-22 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-03-12 360440]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2019-03-12 371824]
R2 CleanupPSvc;Avast Cleanup Premium; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [2019-01-17 9874528]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2017-01-24 344184]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2013-11-01 241416]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2019-02-12 6327168]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-03-12 6570352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-13 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-03-13 335872]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2017-01-24 279160]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe [2019-03-01 1271280]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-13 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-02-26 116224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-11-22 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-17 83984]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2017-04-19 18504]
S4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-10-03 881152]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-02-25 156960]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-02-25 409376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-02-02 6630128]

-----------------EOF-----------------
Děkuji!
Danica Tomášková

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#3 Příspěvek od danatoma »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-25-2019
# Duration: 00:00:02
# OS: Windows 7 Home Premium
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1674 octets] - [11/06/2018 19:16:10]
AdwCleaner[C00].txt - [1629 octets] - [11/06/2018 19:16:48]
AdwCleaner[S01].txt - [2277 octets] - [14/02/2019 16:59:05]
AdwCleaner[C01].txt - [2239 octets] - [14/02/2019 16:59:28]
AdwCleaner[S02].txt - [1647 octets] - [25/03/2019 17:12:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Děkuji!
Danica Tomášková

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#4 Příspěvek od Diallix »

poprosim o nove logy FRST a ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#5 Příspěvek od danatoma »

zatím log z RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Danica at 2019-03-26 08:12:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 513 GB (87%) free of 589 GB
Total RAM: 7580 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:13:00, on 26.3.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19301)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
C:\Program Files\trend micro\Danica.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Google Update] C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Chromium] "c:\users\danica\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Avast Cleanup Premium.lnk = C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF0F8BAB-DCB1-48C0-B574-983445226713}: NameServer = 100.120.128.1
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Avast Cleanup Premium (CleanupPSvc) - AVAST Software - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - AVAST Software - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7658 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {9BA95838-ED89-48C8-82AA-9333B151CF1A}
AvastUI.exe /nogui
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe" /nogui
"taskhost.exe"
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe"
taskeng.exe {F6914004-D4D3-47FB-B3AD-AE68558E3FBB}
taskeng.exe {E6D653C6-6B97-433E-B589-DFD2460D7428}
"C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe" -boot
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="197967F1-9140-3DA7-E64B-D21672B54D22" /binpath="C:\Program Files\AVAST Software\Avast"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Danica\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Danica\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=72.0.3626.121 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fedf755510,0x7fedf755520,0x7fedf755530
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1756 --on-initialized-event-handle=364 --parent-handle=368 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=6132406584253629047 --mojo-platform-channel-handle=1108 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=7887518988744919363 --mojo-platform-channel-handle=1568 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=6499198505625030222 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6499198505625030222 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2176 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=7655966140478039298 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7655966140478039298 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3152 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=6262626276828645533 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6262626276828645533 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3140 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=6564269449388549392 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6564269449388549392 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3684 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=13956643616217799506 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13956643616217799506 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3612 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=1825764802851727708 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1825764802851727708 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4408 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=18354340772723650052 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18354340772723650052 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4560 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=13113092940783724668 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13113092940783724668 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=15500151594944026272 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15500151594944026272 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=333644342012138494 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=333644342012138494 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=3645950113545212699 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3645950113545212699 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=1509000520879962112 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1509000520879962112 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3836 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1076,410664412765506388,7826212476540063204,131072 --service-pipe-token=5153111853075494438 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5153111853075494438 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3860 /prefetch:1
C:\Windows\servicing\TrustedInstaller.exe
taskhost.exe $(Arg0)
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\CompatTelRunner.exe
\??\C:\Windows\system32\conhost.exe "22894538-1498151010-1891329719-1930749362-2728946503170073362891946541029878779
C:\Windows\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:0LVVFTWUy0WIQtEQ.1
"C:\Users\Danica\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Avast Driver Updater Startup.job - C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe -boot

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-03-12 260488]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2017-04-19 79360]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2000-01-01 9197568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [2018-12-19 605992]
"Chromium"=c:\users\danica\appdata\local\chromium\application\chrome.exe [2017-02-15 829440]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [2000-01-01 299520]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-03-12 260488]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Avast Cleanup Premium.lnk - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveTrack"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-03-25 17:13:47 ----A---- C:\Windows\system32\FNTCACHE.DAT
2019-03-24 09:40:37 ----D---- C:\Program Files (x86)\LibreOffice 5
2019-03-20 09:21:03 ----A---- C:\Windows\system32\sipnotify.exe
2019-03-17 10:50:32 ----D---- C:\ProgramData\NortonInstaller
2019-03-17 10:27:42 ----A---- C:\Windows\system32\aswBoot.exe
2019-03-16 11:56:23 ----D---- C:\Program Files\LibreOffice
2019-03-14 08:32:38 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2019-03-14 08:32:37 ----A---- C:\Windows\system32\poqexec.exe
2019-03-14 08:32:35 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2019-03-14 08:32:35 ----A---- C:\Windows\system32\drmv2clt.dll
2019-03-14 08:32:35 ----A---- C:\Windows\system32\blackbox.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\quartz.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\msscp.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\evr.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2019-03-14 08:32:34 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\wmdrmsdk.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\quartz.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\mssign32.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\msscp.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\msnetobj.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\evr.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\drmmgrtn.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\crypt32.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\audiosrv.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\AudioSes.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\AUDIOKSE.dll
2019-03-14 08:32:34 ----A---- C:\Windows\system32\AudioEng.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\wmp.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\mssign32.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\mfps.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\mf.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2019-03-14 08:32:33 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\wmp.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\wintrust.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\qdvd.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\mfps.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\mfpmp.exe
2019-03-14 08:32:33 ----A---- C:\Windows\system32\mfplat.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\mf.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\EncDump.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\dxmasf.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2019-03-14 08:32:33 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2019-03-14 08:32:33 ----A---- C:\Windows\system32\cryptui.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\cryptsvc.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\cryptnet.dll
2019-03-14 08:32:33 ----A---- C:\Windows\system32\audiodg.exe
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\mferror.dll
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2019-03-14 08:32:32 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\wmploc.DLL
2019-03-14 08:32:32 ----A---- C:\Windows\system32\spwmp.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\rrinstaller.exe
2019-03-14 08:32:32 ----A---- C:\Windows\system32\pcawrk.exe
2019-03-14 08:32:32 ----A---- C:\Windows\system32\pcasvc.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\pcalua.exe
2019-03-14 08:32:32 ----A---- C:\Windows\system32\pcadm.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\msmmsp.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\mferror.dll
2019-03-14 08:32:32 ----A---- C:\Windows\system32\cryptsp.dll
2019-03-14 08:32:31 ----A---- C:\Windows\system32\pcaevts.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-03-14 08:32:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-03-14 08:32:20 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-14 08:32:20 ----A---- C:\Windows\system32\inseng.dll
2019-03-14 08:32:20 ----A---- C:\Windows\system32\ieUnatt.exe
2019-03-14 08:32:20 ----A---- C:\Windows\system32\iernonce.dll
2019-03-14 08:32:20 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-03-14 08:32:20 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-03-14 08:32:20 ----A---- C:\Windows\system32\ie4uinit.exe
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-03-14 08:32:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-03-14 08:32:19 ----A---- C:\Windows\system32\urlmon.dll
2019-03-14 08:32:19 ----A---- C:\Windows\system32\occache.dll
2019-03-14 08:32:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-03-14 08:32:19 ----A---- C:\Windows\system32\iedkcs32.dll
2019-03-14 08:32:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-03-14 08:32:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-03-14 08:32:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-03-14 08:32:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-03-14 08:32:18 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-14 08:32:18 ----A---- C:\Windows\system32\msfeeds.dll
2019-03-14 08:32:18 ----A---- C:\Windows\system32\iesetup.dll
2019-03-14 08:32:18 ----A---- C:\Windows\system32\ieapfltr.dll
2019-03-14 08:32:18 ----A---- C:\Windows\system32\dxtrans.dll
2019-03-14 08:32:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-03-14 08:32:17 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-03-14 08:32:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-03-14 08:32:17 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-03-14 08:32:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-03-14 08:32:17 ----A---- C:\Windows\system32\vbscript.dll
2019-03-14 08:32:17 ----A---- C:\Windows\system32\iertutil.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\webcheck.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\mshtmled.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\jscript9diag.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\jscript9.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\jscript.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\ieui.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\ieframe.dll
2019-03-14 08:32:16 ----A---- C:\Windows\system32\dxtmsft.dll
2019-03-14 08:32:15 ----A---- C:\Windows\system32\wininet.dll
2019-03-14 08:32:15 ----A---- C:\Windows\system32\msrating.dll
2019-03-14 08:32:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-03-14 08:32:15 ----A---- C:\Windows\system32\jsproxy.dll
2019-03-14 08:32:14 ----A---- C:\Windows\system32\mshtml.dll
2019-03-14 08:32:13 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2019-03-14 08:32:13 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2019-03-14 08:32:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2019-03-14 08:32:13 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2019-03-14 08:32:13 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2019-03-14 08:32:13 ----A---- C:\Windows\system32\WerFaultSecure.exe
2019-03-14 08:32:13 ----A---- C:\Windows\system32\WerFault.exe
2019-03-14 08:32:13 ----A---- C:\Windows\system32\msxml6.dll
2019-03-14 08:32:13 ----A---- C:\Windows\system32\msxml3.dll
2019-03-14 08:32:13 ----A---- C:\Windows\system32\Faultrep.dll
2019-03-14 08:32:13 ----A---- C:\Windows\system32\drivers\udfs.sys
2019-03-14 08:32:13 ----A---- C:\Windows\system32\drivers\cdfs.sys
2019-03-14 08:32:13 ----A---- C:\Windows\system32\appraiser.dll
2019-03-14 08:32:13 ----A---- C:\Windows\system32\aeinv.dll
2019-03-14 08:32:12 ----A---- C:\Windows\system32\win32k.sys
2019-03-14 08:32:12 ----A---- C:\Windows\system32\generaltel.dll
2019-03-14 08:32:12 ----A---- C:\Windows\system32\drivers\ntfs.sys
2019-03-14 08:32:12 ----A---- C:\Windows\system32\devinv.dll
2019-03-14 08:32:11 ----A---- C:\Windows\SYSWOW64\wer.dll
2019-03-14 08:32:11 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2019-03-14 08:32:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\wer.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\rpcrt4.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\oleaut32.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\localspl.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\kerberos.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\invagent.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\drivers\npfs.sys
2019-03-14 08:32:11 ----A---- C:\Windows\system32\drivers\msfs.sys
2019-03-14 08:32:11 ----A---- C:\Windows\system32\drivers\bridge.sys
2019-03-14 08:32:11 ----A---- C:\Windows\system32\centel.dll
2019-03-14 08:32:11 ----A---- C:\Windows\system32\acmigration.dll
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-03-14 08:32:10 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-03-14 08:32:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-03-14 08:32:10 ----A---- C:\Windows\system32\msv1_0.dll
2019-03-14 08:32:10 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-03-14 08:32:10 ----A---- C:\Windows\system32\drivers\srv.sys
2019-03-14 08:32:10 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-03-14 08:32:10 ----A---- C:\Windows\system32\drivers\fastfat.sys
2019-03-14 08:32:10 ----A---- C:\Windows\system32\CompatTelRunner.exe
2019-03-14 08:32:10 ----A---- C:\Windows\system32\aitstatic.exe
2019-03-14 08:32:10 ----A---- C:\Windows\system32\aepic.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-03-14 08:32:09 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\wermgr.exe
2019-03-14 08:32:09 ----A---- C:\Windows\system32\tzres.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\smss.exe
2019-03-14 08:32:09 ----A---- C:\Windows\system32\schannel.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\rpcss.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\ole32.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\ntdll.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\ncrypt.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\mf3216.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\lsasrv.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\kernel32.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\hal.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\hidparse.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\hidclass.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\drivers\exfat.sys
2019-03-14 08:32:09 ----A---- C:\Windows\system32\certcli.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\cdosys.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\bridgeunattend.exe
2019-03-14 08:32:09 ----A---- C:\Windows\system32\bridgeres.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\brdgcfg.dll
2019-03-14 08:32:09 ----A---- C:\Windows\system32\advapi32.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-14 08:32:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\user.exe
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\wow64win.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\wow64cpu.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\wow64.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\winsrv.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\werdiagcontroller.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\wdigest.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\TSpkg.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\sspisrv.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\sspicli.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\sscore.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\srvsvc.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\srcore.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\srclient.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\secur32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\rstrui.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\rpchttp.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\oleres.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\ntvdm64.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\msxml6r.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\msxml3r.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\msobjs.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\msimg32.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\msaudite.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\lsass.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\KernelBase.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\processr.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\hidusb.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\appid.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-03-14 08:32:08 ----A---- C:\Windows\system32\csrsrv.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\cryptbase.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\credssp.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\conhost.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\comcat.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\bcrypt.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\auditpol.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\appidsvc.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-03-14 08:32:08 ----A---- C:\Windows\system32\appidapi.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\apisetschema.dll
2019-03-14 08:32:08 ----A---- C:\Windows\system32\adtschema.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\vcruntime140.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\vccorlib140.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\msvcp140_2.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\msvcp140_1.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\msvcp140.dll
2019-02-27 00:21:26 ----A---- C:\Windows\system32\concrt140.dll

======List of files/folders modified in the last 1 month======

2019-03-26 08:13:00 ----D---- C:\Program Files\trend micro
2019-03-26 08:12:52 ----D---- C:\Windows\Temp
2019-03-26 08:12:10 ----D---- C:\Windows\system32\config
2019-03-26 08:10:26 ----D---- C:\Windows\Prefetch
2019-03-26 08:09:06 ----D---- C:\Windows\system32\drivers
2019-03-25 17:14:37 ----D---- C:\Windows\system32\Tasks
2019-03-25 17:14:04 ----D---- C:\Windows
2019-03-25 17:13:57 ----D---- C:\Windows\debug
2019-03-25 17:13:47 ----D---- C:\Windows\System32
2019-03-25 17:13:42 ----RD---- C:\Program Files
2019-03-25 15:24:03 ----D---- C:\Windows\system32\NDF
2019-03-25 08:38:47 ----D---- C:\ProgramData\McAfee
2019-03-25 08:38:20 ----D---- C:\Windows\inf
2019-03-24 22:54:22 ----SHD---- C:\System Volume Information
2019-03-24 10:49:59 ----RSD---- C:\Windows\Fonts
2019-03-24 10:48:48 ----SHD---- C:\Windows\Installer
2019-03-24 10:48:33 ----RSD---- C:\Windows\assembly
2019-03-24 09:40:37 ----RD---- C:\Program Files (x86)
2019-03-22 14:32:07 ----D---- C:\Users\Danica\AppData\Roaming\LibreOffice
2019-03-20 23:27:01 ----D---- C:\Windows\winsxs
2019-03-17 10:50:32 ----HD---- C:\ProgramData
2019-03-17 10:25:29 ----D---- C:\Windows\Tasks
2019-03-17 10:25:29 ----D---- C:\Windows\system32\wfp
2019-03-17 10:25:26 ----D---- C:\Windows\system32\wbem
2019-03-17 10:24:48 ----D---- C:\Windows\system32\DriverStore
2019-03-17 10:24:48 ----D---- C:\Windows\system32\drivers\etc
2019-03-17 10:24:48 ----D---- C:\Program Files (x86)\Internet Explorer
2019-03-17 10:24:47 ----D---- C:\Windows\system32\catroot2
2019-03-17 10:24:32 ----D---- C:\Windows\registration
2019-03-16 00:18:10 ----D---- C:\Windows\SysWOW64
2019-03-15 09:04:15 ----D---- C:\Windows\rescache
2019-03-15 07:49:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-03-15 07:40:02 ----D---- C:\Windows\SYSWOW64\Dism
2019-03-15 07:40:02 ----D---- C:\Windows\SYSWOW64\cs-CZ
2019-03-15 07:40:02 ----D---- C:\Program Files\Windows Media Player
2019-03-15 07:40:02 ----D---- C:\Program Files (x86)\Windows Media Player
2019-03-15 07:39:59 ----D---- C:\Windows\system32\Dism
2019-03-15 07:39:59 ----D---- C:\Windows\system32\cs-CZ
2019-03-15 07:39:45 ----D---- C:\Program Files\Internet Explorer
2019-03-15 07:39:44 ----D---- C:\Windows\SYSWOW64\en-US
2019-03-15 07:39:41 ----SD---- C:\Windows\system32\CompatTel
2019-03-15 07:39:41 ----D---- C:\Windows\system32\drivers\en-US
2019-03-15 07:39:41 ----D---- C:\Windows\system32\appraiser
2019-03-15 07:39:40 ----D---- C:\Windows\system32\en-US
2019-03-15 07:39:35 ----D---- C:\Windows\AppPatch
2019-03-15 07:39:23 ----D---- C:\Windows\system32\migration
2019-03-15 07:39:23 ----D---- C:\Windows\system32\Boot
2019-03-15 00:00:55 ----D---- C:\Windows\system32\MRT
2019-03-14 23:57:54 ----AC---- C:\Windows\system32\MRT.exe
2019-03-13 16:26:22 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-03-13 16:26:19 ----D---- C:\Windows\system32\Macromed
2019-03-13 16:26:18 ----D---- C:\Windows\SYSWOW64\Macromed
2019-03-02 07:40:19 ----SD---- C:\Windows\system32\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-03-12 196304]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblog.sys [2019-03-12 320904]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-03-12 58168]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-03-12 88152]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-03-12 380160]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2017-04-19 1469952]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2017-04-19 40448]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2000-01-01 23552]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-03-12 205608]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-03-12 254408]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-03-12 42496]
R1 aswNetSec;aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [2019-03-12 518784]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-03-12 112520]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-03-12 1034640]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-03-12 476256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-03-12 169104]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-03-12 220632]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2019-01-27 38152]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2013-08-29 494864]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2017-01-24 4935152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 5556224]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2000-01-01 401408]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2000-01-01 816640]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2016-02-04 180264]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2018-09-05 53904]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-10 460048]
S3 LEqdUsb;Logicool SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2015-06-18 87696]
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2015-09-28 2253112]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2019-03-26 25608]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-11-22 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-03-12 360440]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2019-03-12 371824]
R2 CleanupPSvc;Avast Cleanup Premium; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [2019-01-17 9874528]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2017-01-24 344184]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2013-11-01 241416]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2019-02-12 6327168]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-03-12 6570352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-13 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-03-13 335872]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2017-01-24 279160]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe [2019-03-01 1271280]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-13 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-02-26 116224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-11-22 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-17 83984]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2017-04-19 18504]
S4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-10-03 881152]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-02-25 156960]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-02-25 409376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-02-02 6630128]

-----------------EOF-----------------
Děkuji!
Danica Tomášková

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#6 Příspěvek od Diallix »

Potrebujem logy z FRST a ADDITION, navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#7 Příspěvek od danatoma »

Tady jsou
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Danica (administrator) on DANICA-PC (26-03-2019 09:31:06)
Running from C:\Users\Danica\Desktop
Loaded Profiles: Danica (Available Profiles: Danica)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2000-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299520 2000-01-01] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Run: [Google Update] => C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-19] (Google Inc -> Google Inc.)
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Run: [Chromium] => c:\users\danica\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-19]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 secure.tune-up.com
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{A10C2104-F2DE-4AAA-AA41-1F8916A922BE}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{BF8E6D5A-A227-42DC-BBC2-1E48544133F3}: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{EF0F8BAB-DCB1-48C0-B574-983445226713}: [NameServer] 100.120.128.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {2E2AE52D-B746-4D5A-8D87-040FF26DA1AD} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {37FE3127-D331-432F-BA62-C6FA353ED829} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {474B5B48-C606-45D6-85BD-240F1DC1BC5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {4A0FE769-7C54-4C0A-B4AB-3E525FB2DCB1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {4AC592D3-7BCD-4DC1-8B44-C589D17B7A37} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {BB2D0F1E-B329-4EC6-9E6D-7AFE0321B394} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {E179443E-DC27-473B-A279-C9C8091DC7B4} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {F41CD5ED-2BB8-4D58-9A8C-3B826C405379} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {F8D14E72-77A1-4FB6-AAEE-BB4FB3AAC7CA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454

FireFox:
========
FF DefaultProfile: 8qyzod9n.default-1549969440949
FF ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949 [2019-03-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-11-18] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: google.com/WidevineMediaOptimizer -> C:\Users\Danica\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Widevine Technologies -> Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.denik.cz/krimi/vysetrovani-tragedie ... ount/Index"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default [2019-03-26]
CHR Extension: (Prezentace) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Facebook) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-11-24]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-14]
CHR Extension: (Vyhledávání Google) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Tabulky) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Hodiny) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-11-24]
CHR Extension: (Chuck Anderson) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp [2017-07-14]
CHR Extension: (Avast Online Security) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-14]
CHR Extension: (Tlačítko Uložit) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-03-22]
CHR Extension: (Netpanel) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbidbgoheiddfilfipcobicemncfogno [2019-03-08]
CHR Extension: (Blogger) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2015-11-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Picasa) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-11-24]
CHR Extension: (Gmail) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR Extension: (Chrome Media Router) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-13]
CHR Profile: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [371824 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9874528 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18504 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344184 2017-01-24] (Intel Corporation - pGFX -> Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6327168 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6630128 2018-02-02] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-11-22] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2019-01-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [518784 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation -> Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [40448 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2016-02-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2253112 2015-09-28] (MEDIATEK INC. -> MediaTek Inc.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2019-03-26] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-26 09:31 - 2019-03-26 09:31 - 000022334 _____ C:\Users\Danica\Desktop\FRST.txt
2019-03-26 09:30 - 2019-03-26 09:31 - 000000000 ____D C:\FRST
2019-03-26 09:30 - 2019-03-26 09:30 - 002434048 _____ (Farbar) C:\Users\Danica\Desktop\FRST64.exe
2019-03-25 17:13 - 2019-03-25 17:14 - 000403856 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-24 10:48 - 2019-03-24 10:48 - 000001418 _____ C:\Users\Public\Desktop\LibreOffice 6.2.lnk
2019-03-24 10:48 - 2019-03-24 10:48 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2
2019-03-24 10:24 - 2019-03-25 11:39 - 000003082 _____ C:\Windows\System32\Tasks\{988FC987-1A6B-4AE6-B321-7940859FF519}
2019-03-24 09:42 - 2019-03-25 11:39 - 000002982 _____ C:\Windows\System32\Tasks\{6844231F-4E00-4E57-B7C4-46BFD7E7ACB2}
2019-03-24 09:40 - 2019-03-24 10:47 - 000000000 ____D C:\Program Files (x86)\LibreOffice 5
2019-03-20 09:21 - 2019-03-15 15:52 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-03-17 10:50 - 2019-03-17 11:25 - 000000000 ____D C:\Users\Danica\AppData\Local\chromium
2019-03-17 10:50 - 2019-03-17 10:51 - 000000000 ____D C:\Users\Danica\AppData\Local\{CD6EFB32-E9C6-978A-845E-B262A0364EFA}
2019-03-17 10:50 - 2019-03-17 10:50 - 000000000 ____D C:\ProgramData\NortonInstaller
2019-03-17 10:27 - 2019-03-12 15:20 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-03-16 11:56 - 2019-03-24 10:48 - 000000000 ____D C:\Program Files\LibreOffice
2019-03-14 08:32 - 2019-03-06 04:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-03-14 08:32 - 2019-03-06 04:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-03-14 08:32 - 2019-03-06 04:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-14 08:32 - 2019-03-06 04:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-14 08:32 - 2019-03-06 04:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-14 08:32 - 2019-03-06 04:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-03-14 08:32 - 2019-03-06 04:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-03-14 08:32 - 2019-03-06 04:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-03-14 08:32 - 2019-03-06 04:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 03:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-03-14 08:32 - 2019-03-06 03:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-03-14 08:32 - 2019-03-06 03:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-03-14 08:32 - 2019-03-06 03:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-03-14 08:32 - 2019-03-06 03:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-14 08:32 - 2019-03-06 03:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-03-14 08:32 - 2019-03-06 03:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-03-14 08:32 - 2019-03-06 03:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-03-14 08:32 - 2019-03-06 03:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-03-14 08:32 - 2019-03-06 03:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-03-14 08:32 - 2019-03-06 03:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-14 08:32 - 2019-03-06 03:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-14 08:32 - 2019-03-06 03:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-14 08:32 - 2019-03-06 03:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-14 08:32 - 2019-03-06 03:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-03-14 08:32 - 2019-03-06 03:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-14 08:32 - 2019-03-06 03:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-03-14 08:32 - 2019-03-06 03:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-03-14 08:32 - 2019-03-06 03:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-03-14 08:32 - 2019-03-06 03:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-03-14 08:32 - 2019-03-06 03:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-03-14 08:32 - 2019-03-06 03:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-03-14 08:32 - 2019-03-06 03:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 03:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 03:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 03:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-14 08:32 - 2019-03-05 03:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-03-14 08:32 - 2019-03-05 03:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-14 08:32 - 2019-03-05 03:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-03-14 08:32 - 2019-02-26 23:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-03-14 08:32 - 2019-02-26 22:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-03-14 08:32 - 2019-02-26 08:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-14 08:32 - 2019-02-26 08:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-03-14 08:32 - 2019-02-26 08:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-03-14 08:32 - 2019-02-26 08:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-14 08:32 - 2019-02-26 08:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-03-14 08:32 - 2019-02-26 08:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-14 08:32 - 2019-02-26 08:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-03-14 08:32 - 2019-02-26 08:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-03-14 08:32 - 2019-02-26 08:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-03-14 08:32 - 2019-02-26 08:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-14 08:32 - 2019-02-26 08:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-03-14 08:32 - 2019-02-26 08:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-03-14 08:32 - 2019-02-26 08:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-14 08:32 - 2019-02-26 08:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-03-14 08:32 - 2019-02-26 08:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-14 08:32 - 2019-02-26 08:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-14 08:32 - 2019-02-26 08:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-03-14 08:32 - 2019-02-26 08:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-03-14 08:32 - 2019-02-26 08:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-03-14 08:32 - 2019-02-26 08:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-14 08:32 - 2019-02-26 08:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-03-14 08:32 - 2019-02-26 08:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-14 08:32 - 2019-02-26 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-03-14 08:32 - 2019-02-26 08:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-03-14 08:32 - 2019-02-26 08:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-03-14 08:32 - 2019-02-26 08:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-03-14 08:32 - 2019-02-26 08:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-14 08:32 - 2019-02-26 08:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-14 08:32 - 2019-02-26 08:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-03-14 08:32 - 2019-02-26 08:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-03-14 08:32 - 2019-02-26 08:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-03-14 08:32 - 2019-02-26 08:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-03-14 08:32 - 2019-02-26 07:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-03-14 08:32 - 2019-02-26 07:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-03-14 08:32 - 2019-02-26 07:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-03-14 08:32 - 2019-02-26 07:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-14 08:32 - 2019-02-26 07:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-03-14 08:32 - 2019-02-26 07:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-03-14 08:32 - 2019-02-26 07:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-03-14 08:32 - 2019-02-26 07:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-03-14 08:32 - 2019-02-26 07:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-03-14 08:32 - 2019-02-26 07:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-03-14 08:32 - 2019-02-26 07:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-03-14 08:32 - 2019-02-26 07:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-03-14 08:32 - 2019-02-26 07:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-14 08:32 - 2019-02-26 07:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-03-14 08:32 - 2019-02-26 07:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-03-14 08:32 - 2019-02-26 07:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-03-14 08:32 - 2019-02-26 07:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-03-14 08:32 - 2019-02-26 07:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-03-14 08:32 - 2019-02-26 07:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-03-14 08:32 - 2019-02-26 07:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-03-14 08:32 - 2019-02-26 07:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-03-14 08:32 - 2019-02-26 07:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-03-14 08:32 - 2019-02-26 07:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-14 08:32 - 2019-02-26 07:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-03-14 08:32 - 2019-02-26 07:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-03-14 08:32 - 2019-02-26 07:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-03-14 08:32 - 2019-02-26 07:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-03-14 08:32 - 2019-02-26 07:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-14 08:32 - 2019-02-26 07:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-14 08:32 - 2019-02-26 07:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-14 08:32 - 2019-02-26 07:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-14 08:32 - 2019-02-26 07:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-14 08:32 - 2019-02-26 07:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-03-14 08:32 - 2019-02-26 07:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-03-14 08:32 - 2019-02-22 04:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-14 08:32 - 2019-02-22 04:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-03-14 08:32 - 2019-02-22 03:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-03-14 08:32 - 2019-02-22 03:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-14 08:32 - 2019-02-22 03:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-14 08:32 - 2019-02-16 07:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-14 08:32 - 2019-02-16 07:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-14 08:32 - 2019-02-16 07:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-14 08:32 - 2019-02-16 07:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-14 08:32 - 2019-02-16 07:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-14 08:32 - 2019-02-16 07:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-03-14 08:32 - 2019-02-16 07:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-03-14 08:32 - 2019-02-16 06:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-03-14 08:32 - 2019-02-16 06:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-03-14 08:32 - 2019-02-16 06:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-14 08:32 - 2019-02-16 06:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-03-14 08:32 - 2019-02-16 06:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-03-14 08:32 - 2019-02-16 06:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-03-14 08:32 - 2019-02-16 06:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-03-14 08:32 - 2019-02-15 17:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-14 08:32 - 2019-02-15 17:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-14 08:32 - 2019-02-15 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-03-14 08:32 - 2019-02-15 16:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-14 08:32 - 2019-02-15 16:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-14 08:32 - 2019-02-15 16:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-14 08:32 - 2019-02-15 16:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-03-14 08:32 - 2019-02-15 16:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-03-14 08:32 - 2019-02-15 16:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-14 08:32 - 2019-02-15 16:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-03-14 08:32 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-03-14 08:32 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-03-14 08:32 - 2019-02-10 17:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-03-14 08:32 - 2019-02-10 17:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-03-14 08:32 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-03-14 08:32 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-03-14 08:32 - 2019-02-10 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-03-14 08:32 - 2019-02-10 17:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-03-14 08:32 - 2019-02-10 17:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-14 08:32 - 2019-02-10 17:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-03-14 08:32 - 2019-02-10 17:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-03-14 08:32 - 2019-02-10 17:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-03-14 08:32 - 2019-02-10 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-03-14 08:32 - 2019-02-10 17:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-03-14 08:32 - 2019-02-10 17:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-14 08:32 - 2019-02-10 17:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-14 08:32 - 2019-02-10 17:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-14 08:32 - 2019-02-10 17:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-03-14 08:32 - 2019-02-10 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-03-14 08:32 - 2019-02-10 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-14 08:32 - 2019-02-10 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-03-14 08:32 - 2019-02-10 16:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-03-14 08:32 - 2019-02-10 16:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-03-14 08:32 - 2019-02-10 16:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-14 08:32 - 2019-02-10 16:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-14 08:32 - 2019-02-10 16:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-14 08:32 - 2019-02-10 16:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-14 08:32 - 2019-02-08 17:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-14 08:32 - 2019-02-08 17:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-14 08:32 - 2019-02-08 17:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-03-14 08:32 - 2019-02-08 17:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-03-14 08:32 - 2019-02-08 17:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-03-14 08:32 - 2019-02-08 16:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-14 08:32 - 2019-02-08 16:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-14 08:32 - 2019-02-08 16:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-03-14 08:32 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-03-14 08:32 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-03-14 08:32 - 2019-02-07 17:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-03-14 08:32 - 2019-02-07 17:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-03-14 08:32 - 2019-02-07 17:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-14 08:32 - 2019-02-07 16:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-03-14 08:32 - 2019-02-03 16:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-14 08:32 - 2019-01-04 17:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-14 08:32 - 2019-01-04 17:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-14 08:32 - 2019-01-04 15:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-14 08:32 - 2019-01-03 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-14 08:32 - 2019-01-03 16:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-12 09:04 - 2019-03-12 09:04 - 000052504 _____ C:\Users\Danica\Desktop\1077977260297_1_1600_20190208.pdf
2019-03-12 09:04 - 2019-03-12 09:04 - 000049465 _____ C:\Users\Danica\Desktop\1077977260297_2_1132_20190222.pdf
2019-03-09 18:29 - 2019-03-09 18:29 - 000941668 _____ C:\Users\Danica\Desktop\EN-Program Chart-WHIRLPOOL TDLR 70220.pdf
2019-02-27 00:21 - 2019-02-27 00:21 - 000627440 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2019-02-27 00:21 - 2019-02-27 00:21 - 000366320 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2019-02-27 00:21 - 2019-02-27 00:21 - 000332336 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2019-02-27 00:21 - 2019-02-27 00:21 - 000205552 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_2.dll
2019-02-27 00:21 - 2019-02-27 00:21 - 000085232 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2019-02-27 00:21 - 2019-02-27 00:21 - 000030960 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_1.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-26 08:18 - 2009-07-14 05:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-26 08:18 - 2009-07-14 05:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-26 08:16 - 2019-01-19 09:38 - 000004194 _____ C:\Windows\System32\Tasks\Avast Cleanup Update
2019-03-26 08:13 - 2016-11-29 15:35 - 000000000 ____D C:\Program Files\trend micro
2019-03-26 08:10 - 2018-02-11 17:54 - 000002912 _____ C:\Windows\System32\Tasks\Avast Driver Updater Startup
2019-03-26 08:10 - 2018-02-11 17:54 - 000000484 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job
2019-03-26 08:09 - 2017-10-04 14:33 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2019-03-26 08:09 - 2015-11-22 13:26 - 000000000 __SHD C:\Users\Danica\IntelGraphicsProfiles
2019-03-26 08:08 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-25 15:28 - 2017-03-12 09:36 - 000000000 ____D C:\Users\Danica\AppData\Local\AVAST Software
2019-03-25 15:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-03-25 11:39 - 2019-01-30 09:04 - 000004072 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1548835486
2019-03-25 11:39 - 2018-03-13 21:00 - 000004532 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-25 11:39 - 2017-08-13 20:06 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-25 11:39 - 2017-08-13 20:06 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-25 11:39 - 2016-05-02 07:38 - 000003174 _____ C:\Windows\System32\Tasks\{EAECF753-7E15-4EA0-B740-032D9FDE1E6F}
2019-03-25 11:39 - 2016-03-31 15:24 - 000003564 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA
2019-03-25 11:39 - 2016-03-31 15:24 - 000003292 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core
2019-03-25 11:39 - 2015-12-03 16:08 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-03-25 08:38 - 2018-05-10 07:10 - 000000000 ____D C:\ProgramData\McAfee
2019-03-25 08:38 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-03-24 19:57 - 2015-11-24 14:39 - 000000000 ___RD C:\Users\Danica\Desktop\Fotografie
2019-03-24 11:11 - 2015-11-25 19:14 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-03-22 14:32 - 2015-11-22 09:45 - 000000000 ____D C:\Users\Danica\AppData\Roaming\LibreOffice
2019-03-17 10:28 - 2017-03-11 08:09 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-17 10:25 - 2015-11-22 09:18 - 000000000 ____D C:\Users\Danica
2019-03-17 10:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2019-03-15 09:04 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-03-15 07:49 - 2011-04-12 09:34 - 000669596 _____ C:\Windows\system32\perfh005.dat
2019-03-15 07:49 - 2011-04-12 09:34 - 000141754 _____ C:\Windows\system32\perfc005.dat
2019-03-15 07:49 - 2009-07-14 06:13 - 001586720 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-15 07:40 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-15 07:39 - 2015-11-22 16:32 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-03-15 07:39 - 2015-11-22 16:32 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-15 07:39 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2019-03-15 00:00 - 2015-11-22 16:14 - 000000000 ____D C:\Windows\system32\MRT
2019-03-14 23:57 - 2015-11-22 16:13 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-13 16:26 - 2015-11-28 13:16 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-13 16:26 - 2015-11-28 13:16 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 16:26 - 2015-11-28 13:16 - 000004398 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-13 16:26 - 2015-11-28 13:16 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-13 16:26 - 2015-11-28 13:16 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-12 15:21 - 2015-11-24 13:06 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-03-12 15:20 - 2019-02-13 08:16 - 000518784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-03-12 15:20 - 2019-01-14 16:47 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-03-12 15:20 - 2019-01-06 20:08 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-03-12 15:20 - 2019-01-06 20:08 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-03-12 15:20 - 2019-01-06 20:08 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-03-12 15:20 - 2018-10-10 07:51 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-03-12 15:20 - 2017-11-09 18:04 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-03-12 08:49 - 2017-11-18 17:31 - 000091296 _____ C:\Users\Danica\AppData\Local\GDIPFONTCACHEV1.DAT
2019-03-06 19:31 - 2017-08-13 20:07 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-07-12 08:28 - 2018-07-12 08:28 - 000000000 _____ () C:\Users\Danica\AppData\Local\{4D73991B-C47E-45E3-BE8A-C000C23B7E0D}
2016-02-08 20:06 - 2016-02-08 20:06 - 000000000 _____ () C:\Users\Danica\AppData\Local\{8554F127-2C7C-4019-B027-5A5F0D35707F}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-25 17:56

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Danica (26-03-2019 09:32:04)
Running from C:\Users\Danica\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-11-22 08:18:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-835433377-1433666261-3082474647-500 - Administrator - Disabled)
Danica (S-1-5-21-835433377-1433666261-3082474647-1000 - Administrator - Enabled) => C:\Users\Danica
Guest (S-1-5-21-835433377-1433666261-3082474647-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{315BE77E-D725-477D-9C71-63F78844363C}) (Version: 12.2.2.172 - Adobe Systems, Inc)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.3.6507 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{8804140C-3144-4075-9526-1C662E26CA17}) (Version: 2.5.5 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.5 - AVAST Software)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.429 - AVAST Software)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
i-Look 110 (HKLM-x32\...\{99F351B0-E2CD-43E2-935F-256F1CF1348B}) (Version: 1.0.4.15 - KYE)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4578 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.4.43 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
K-Lite Codec Pack 11.6.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.6.6 - )
LibreOffice 6.2.1.2 (HKLM\...\{28B8E75D-44A5-4057-8369-5951A15BAF08}) (Version: 6.2.1.2 - The Document Foundation)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Nature Illusion Studio (HKLM-x32\...\Nature Illusion Studio) (Version: 3.41 - Nufsoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8040 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Sqirlz Water Reflections (HKLM-x32\...\Sqirlz Water Reflections) (Version: 2.6 - xiberpix)
TeamViewer 10 Host (HKLM-x32\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WebMate (HKLM-x32\...\{40B6D0B4-301A-4020-869F-2E3936E02299}) (Version: 2.2.0.4 - KYE)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zoner GIF Animator 5 (HKLM-x32\...\{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}) (Version: 5.0.3000.2 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {010290C4-6F89-469A-98F8-79F32099A5CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {046511BD-18AE-49F8-B6E9-A0084072027C} - System32\Tasks\Avast SecureLine Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {04A7D1A7-7699-4709-AC54-D87F76EB46D9} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {0C792D7E-E42C-4154-950F-F2F735CAB288} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {14415E68-8A42-437A-9801-E9B3F6B9CC54} - System32\Tasks\Opera scheduled Autoupdate 1548835486 => C:\Users\Danica\AppData\Local\Programs\Opera\launcher.exe
Task: {1456DFBE-B516-4CC7-AED1-18B6A97BE9B7} - System32\Tasks\{6844231F-4E00-4E57-B7C4-46BFD7E7ACB2} => C:\Program Files (x86)\LibreOffice 5\program\soffice.exe
Task: {19E0D47A-4C1A-40ED-A950-CA3D6DE4142A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA => C:\Users\Danica\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {2EDBC041-709E-4E01-A8F6-CC7F4BA317F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {3244A548-4B4E-4D2E-9A33-7A56D930D174} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {48EF672A-5961-4DD3-8609-83A1D317D21D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {53AB8FB0-2A63-4959-B03D-0545267495E8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core => C:\Users\Danica\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {5AFD99EB-A334-48B3-B15F-8F21C3D22CBB} - System32\Tasks\{988FC987-1A6B-4AE6-B321-7940859FF519} => msiexec.exe /package "C:\Users\Danica\Desktop\LibreOffice_5.4.7_Win_x86.msi"
Task: {65CDF71C-030D-4409-A6AB-F8CC6AC8680B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6D4CBB16-49EA-47EC-A029-4C94AA073B7B} - System32\Tasks\SafeZone scheduled Autoupdate 1448367229 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {75640AB7-B611-4AAB-8C44-F28C8C12A2A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7605C7DF-A141-421B-B195-0DC0B2D73490} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8AFE47AD-D346-4EC0-8CDB-1D31E7328A3F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\Windows\system32\sipnotify.exe (Microsoft Windows -> Microsoft Corporation)
Task: {9468C27C-0CAF-4F68-9CD6-A029E4D03A21} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\Windows\system32\sipnotify.exe (Microsoft Windows -> Microsoft Corporation)
Task: {BE9E73DB-1A4A-4233-9BB6-09F9FDDA24C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {C7C8B04E-4EAE-4F60-80D9-0EC0202189B8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {CEED3497-D174-4F84-A252-EA26A73BE981} - System32\Tasks\{EAECF753-7E15-4EA0-B740-032D9FDE1E6F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Danica\Desktop\Instaluj.cz akcelerator - 13767.exe" -d C:\Users\Danica\Desktop
Task: {DA7D9B12-8CB8-4164-9944-7D4559615EB6} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {E806E75D-78B8-490F-8948-9BFDCF674068} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {FFF2C5C5-6B98-4A10-A561-B18D98F73FBF} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Danica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5046ca2656e8714f\Chromium.lnk -> C:\Users\Danica\AppData\Local\chromium\Application\chrome.exe (The Chromium Authors) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2019-02-26 21:17 - 2019-02-26 21:17 - 000495104 _____ (The Document Foundation) [File not signed] C:\Program Files\LibreOffice\program\pyuno.pyd
2019-02-26 21:11 - 2019-02-26 21:11 - 000065024 _____ (Python Software Foundation) [File not signed] C:\Program Files\LibreOffice\program\python-core-3.5.6\lib\_socket.pyd
2019-02-26 21:11 - 2019-02-26 21:11 - 000019456 _____ (Python Software Foundation) [File not signed] C:\Program Files\LibreOffice\program\python-core-3.5.6\lib\select.pyd
2017-12-21 16:25 - 2016-09-12 14:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2019-01-19 09:39 - 2018-09-05 21:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:BFE23423 [145]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2011-10-14 15:53 - 2019-02-14 16:14 - 000000038 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 secure.tune-up.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3871DEFB-3256-41E5-9E2F-6464122C8120}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0E048752-553C-47DE-8491-2F377493FF42}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ADA3CE02-14BA-4B05-8BFE-69ADB4F9931C}] => (Allow) LPort=7000
FirewallRules: [{C20991B6-BD4A-4AE3-AE45-1A26C8701E33}] => (Allow) LPort=7000
FirewallRules: [{EC495C30-CCCD-40C8-9543-3A5EA95B80AB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe No File
FirewallRules: [{09D1E61D-E154-4DED-AB48-C3801116FBF3}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe No File
FirewallRules: [{B0D967FB-2B1D-4AD7-BEE1-D77505BDBC48}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_2\SZBrowser.exe No File
FirewallRules: [{A30B7B88-F24C-41DC-ABF2-882EF6384C25}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe No File
FirewallRules: [{68EF8BEE-21D6-4DB4-8744-EED452200639}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe No File
FirewallRules: [{E62D9686-0A04-4A5B-B742-FD1CFBE66943}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E97530E0-2BE9-4BBB-BD93-D9D8AFD0158F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{31428591-8838-438D-8443-649CC74D1266}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DC772462-E3C7-4E32-AB36-CDD5D77A7918}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CA050061-9434-43C5-AEF1-D75DD5B7CA93}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8CDEF3FA-CE41-41BE-A7CF-FFAD245635C3}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{0E0BF97A-92CE-4A4F-AD94-844B5395AC92}] => (Allow) C:\Users\Danica\AppData\Local\Programs\Opera\58.0.3135.47\opera.exe No File
FirewallRules: [{36444FDF-04C8-4392-94EC-1041A0A71512}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File
FirewallRules: [{F653E07E-7590-4138-BD4E-8FB015251B2D}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{3CBDB3CA-0062-4B4F-8D27-D6E803555A0E}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{2F14B003-1504-4ACF-9904-CB66565AB1A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

22-03-2019 14:15:41 Revo Uninstaller Pro's restore point - LibreOffice 6.1.5.2
22-03-2019 14:31:02 Installed LibreOffice 5.1.1.3
22-03-2019 20:49:22 Removed LibreOffice 6.1.5.2
22-03-2019 20:50:14 Revo Uninstaller Pro's restore point - LibreOffice 6.1.5.2
22-03-2019 21:06:58 Installed LibreOffice 5.1.1.3
24-03-2019 09:40:10 Installed LibreOffice 5.1.1.3
24-03-2019 10:00:36 Installed LibreOffice 5.4.7.2
24-03-2019 10:45:01 Installed LibreOffice 6.2.1.2
24-03-2019 19:00:14 Windows Zálohování

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/26/2019 08:08:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/26/2019 08:08:35 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Danica\AppData\Local\chromium\Application\chrome.exe se nezdařilo.
Závislé sestavení 58.0.3014.0,language="&#x2a;",type="win32",version="58.0.3014.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/25/2019 05:15:24 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/25/2019 05:15:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/25/2019 05:15:24 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/25/2019 05:15:24 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/25/2019 05:15:24 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (03/25/2019 05:15:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (03/25/2019 11:25:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2019 05:15:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/25/2019 05:15:25 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (03/25/2019 05:13:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Cleanup Premium byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/25/2019 05:13:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/25/2019 05:13:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/25/2019 05:13:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet Monitoring Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/25/2019 05:13:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2016-01-15 18:53:23.072
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C3E4969D-95AC-45BB-9AC1-1A0DBE8D68B5}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Danica-PC\Danica

CodeIntegrity:
===================================

Date: 2015-11-22 10:21:52.112
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:21:52.081
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:21:48.660
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:21:48.645
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:19.157
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:19.126
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:16.933
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:16.902
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 60%
Total physical RAM: 7580.21 MB
Available physical RAM: 2973.35 MB
Total Virtual: 15158.56 MB
Available Virtual: 10554.92 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:575.6 GB) (Free:501 GB) NTFS
Drive e: (Záloha ) (Fixed) (Total:355.69 GB) (Free:56.6 GB) NTFS


==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================
Děkuji!
Danica Tomášková

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#8 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Run: [Google Update] => C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-19] (Google Inc -> Google Inc.)
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2019-03-25 11:39 - 2017-08-13 20:06 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-25 11:39 - 2017-08-13 20:06 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-25 08:38 - 2018-05-10 07:10 - 000000000 ____D C:\ProgramData\McAfee
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {010290C4-6F89-469A-98F8-79F32099A5CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {53AB8FB0-2A63-4959-B03D-0545267495E8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core => C:\Users\Danica\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {65CDF71C-030D-4409-A6AB-F8CC6AC8680B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CEED3497-D174-4F84-A252-EA26A73BE981} - System32\Tasks\{EAECF753-7E15-4EA0-B740-032D9FDE1E6F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Danica\Desktop\Instaluj.cz akcelerator - 13767.exe" -d C:\Users\Danica\Desktop
Task: {E806E75D-78B8-490F-8948-9BFDCF674068} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:BFE23423 [145]
FirewallRules: [{EC495C30-CCCD-40C8-9543-3A5EA95B80AB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe No File
FirewallRules: [{09D1E61D-E154-4DED-AB48-C3801116FBF3}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe No File
FirewallRules: [{B0D967FB-2B1D-4AD7-BEE1-D77505BDBC48}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_2\SZBrowser.exe No File
FirewallRules: [{A30B7B88-F24C-41DC-ABF2-882EF6384C25}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe No File
FirewallRules: [{68EF8BEE-21D6-4DB4-8744-EED452200639}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe No File
FirewallRules: [{0E0BF97A-92CE-4A4F-AD94-844B5395AC92}] => (Allow) C:\Users\Danica\AppData\Local\Programs\Opera\58.0.3135.47\opera.exe No File
FirewallRules: [{36444FDF-04C8-4392-94EC-1041A0A71512}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#9 Příspěvek od danatoma »

Neumím vložit uložený text do FRST
Děkuji!
Danica Tomášková

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#10 Příspěvek od danatoma »

mohla bych vložit do OTM?
Děkuji!
Danica Tomášková

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15193
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o preventivku

#11 Příspěvek od JaRon »

zaskocim:
mas vytvoreny subor fixlist.txt :???:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#12 Příspěvek od danatoma »

Ano a vypadá takto:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Run: [Google Update] => C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-19] (Google Inc -> Google Inc.)
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2019-03-25 11:39 - 2017-08-13 20:06 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-25 11:39 - 2017-08-13 20:06 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-25 08:38 - 2018-05-10 07:10 - 000000000 ____D C:\ProgramData\McAfee
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {010290C4-6F89-469A-98F8-79F32099A5CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {53AB8FB0-2A63-4959-B03D-0545267495E8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core => C:\Users\Danica\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {65CDF71C-030D-4409-A6AB-F8CC6AC8680B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CEED3497-D174-4F84-A252-EA26A73BE981} - System32\Tasks\{EAECF753-7E15-4EA0-B740-032D9FDE1E6F} => C:\Windows\system32\pcalua.exe -a "C:\Users\Danica\Desktop\Instaluj.cz akcelerator - 13767.exe" -d C:\Users\Danica\Desktop
Task: {E806E75D-78B8-490F-8948-9BFDCF674068} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:BFE23423 [145]
FirewallRules: [{EC495C30-CCCD-40C8-9543-3A5EA95B80AB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe No File
FirewallRules: [{09D1E61D-E154-4DED-AB48-C3801116FBF3}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe No File
FirewallRules: [{B0D967FB-2B1D-4AD7-BEE1-D77505BDBC48}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_2\SZBrowser.exe No File
FirewallRules: [{A30B7B88-F24C-41DC-ABF2-882EF6384C25}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe No File
FirewallRules: [{68EF8BEE-21D6-4DB4-8744-EED452200639}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe No File
FirewallRules: [{0E0BF97A-92CE-4A4F-AD94-844B5395AC92}] => (Allow) C:\Users\Danica\AppData\Local\Programs\Opera\58.0.3135.47\opera.exe No File
FirewallRules: [{36444FDF-04C8-4392-94EC-1041A0A71512}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File

EmptyTemp:
Děkuji!
Danica Tomášková

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#13 Příspěvek od danatoma »

Já se moc omlouvám, ale je mi 74 a sem tam něco prostě neeumím :cry:
Děkuji!
Danica Tomášková

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#14 Příspěvek od Diallix »

danatoma píše:Já se moc omlouvám, ale je mi 74 a sem tam něco prostě neeumím :cry:
To je v poriadku :]]

Mate subor fixlist.txt umiestneny tam kde je umiestneny program FRST?

Ak ano, tak spustite program FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni programu FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#15 Příspěvek od danatoma »

je tohle správný LOG?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Danica (administrator) on DANICA-PC (26-03-2019 11:56:11)
Running from C:\Users\Danica\Desktop
Loaded Profiles: Danica (Available Profiles: Danica)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2000-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299520 2000-01-01] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Run: [Chromium] => c:\users\danica\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-19]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 secure.tune-up.com
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{A10C2104-F2DE-4AAA-AA41-1F8916A922BE}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{BF8E6D5A-A227-42DC-BBC2-1E48544133F3}: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{EF0F8BAB-DCB1-48C0-B574-983445226713}: [NameServer] 100.120.128.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {2E2AE52D-B746-4D5A-8D87-040FF26DA1AD} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {37FE3127-D331-432F-BA62-C6FA353ED829} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {474B5B48-C606-45D6-85BD-240F1DC1BC5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {4A0FE769-7C54-4C0A-B4AB-3E525FB2DCB1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {4AC592D3-7BCD-4DC1-8B44-C589D17B7A37} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {BB2D0F1E-B329-4EC6-9E6D-7AFE0321B394} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {E179443E-DC27-473B-A279-C9C8091DC7B4} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {F41CD5ED-2BB8-4D58-9A8C-3B826C405379} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {F8D14E72-77A1-4FB6-AAEE-BB4FB3AAC7CA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454

FireFox:
========
FF DefaultProfile: 8qyzod9n.default-1549969440949
FF ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949 [2019-03-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-11-18] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: google.com/WidevineMediaOptimizer -> C:\Users\Danica\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Widevine Technologies -> Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.denik.cz/krimi/vysetrovani-tragedie ... ount/Index"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default [2019-03-26]
CHR Extension: (Prezentace) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Facebook) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-11-24]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-14]
CHR Extension: (Vyhledávání Google) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Tabulky) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Hodiny) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-11-24]
CHR Extension: (Chuck Anderson) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp [2017-07-14]
CHR Extension: (Avast Online Security) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-14]
CHR Extension: (Tlačítko Uložit) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-03-22]
CHR Extension: (Netpanel) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbidbgoheiddfilfipcobicemncfogno [2019-03-08]
CHR Extension: (Blogger) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2015-11-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Picasa) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-11-24]
CHR Extension: (Gmail) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR Extension: (Chrome Media Router) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-13]
CHR Profile: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [371824 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9874528 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18504 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344184 2017-01-24] (Intel Corporation - pGFX -> Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6327168 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6630128 2018-02-02] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-11-22] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2019-01-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [518784 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-12] (AVAST Software s.r.o. -> AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation -> Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [40448 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2016-02-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2253112 2015-09-28] (MEDIATEK INC. -> MediaTek Inc.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2019-03-26] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-26 11:56 - 2019-03-26 11:57 - 000021883 _____ C:\Users\Danica\Desktop\FRST.txt
2019-03-26 11:48 - 2019-03-26 11:49 - 000011278 _____ C:\Users\Danica\Desktop\Fixlog.txt
2019-03-26 10:17 - 2019-03-26 10:20 - 000004605 _____ C:\Users\Danica\Desktop\Documents\fixlist.txt
2019-03-26 09:30 - 2019-03-26 11:56 - 000000000 ____D C:\FRST
2019-03-26 09:30 - 2019-03-26 09:30 - 002434048 _____ (Farbar) C:\Users\Danica\Desktop\FRST64.exe
2019-03-25 17:13 - 2019-03-25 17:14 - 000403856 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-24 10:48 - 2019-03-24 10:48 - 000001418 _____ C:\Users\Public\Desktop\LibreOffice 6.2.lnk
2019-03-24 10:48 - 2019-03-24 10:48 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2
2019-03-24 10:24 - 2019-03-25 11:39 - 000003082 _____ C:\Windows\System32\Tasks\{988FC987-1A6B-4AE6-B321-7940859FF519}
2019-03-24 09:42 - 2019-03-25 11:39 - 000002982 _____ C:\Windows\System32\Tasks\{6844231F-4E00-4E57-B7C4-46BFD7E7ACB2}
2019-03-24 09:40 - 2019-03-24 10:47 - 000000000 ____D C:\Program Files (x86)\LibreOffice 5
2019-03-20 09:21 - 2019-03-15 15:52 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-03-17 10:50 - 2019-03-17 11:25 - 000000000 ____D C:\Users\Danica\AppData\Local\chromium
2019-03-17 10:50 - 2019-03-17 10:51 - 000000000 ____D C:\Users\Danica\AppData\Local\{CD6EFB32-E9C6-978A-845E-B262A0364EFA}
2019-03-17 10:50 - 2019-03-17 10:50 - 000000000 ____D C:\ProgramData\NortonInstaller
2019-03-17 10:27 - 2019-03-12 15:20 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-03-16 11:56 - 2019-03-24 10:48 - 000000000 ____D C:\Program Files\LibreOffice
2019-03-14 08:32 - 2019-03-06 04:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-03-14 08:32 - 2019-03-06 04:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-03-14 08:32 - 2019-03-06 04:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-14 08:32 - 2019-03-06 04:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-14 08:32 - 2019-03-06 04:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-14 08:32 - 2019-03-06 04:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-03-14 08:32 - 2019-03-06 04:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-03-14 08:32 - 2019-03-06 04:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-03-14 08:32 - 2019-03-06 04:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-03-14 08:32 - 2019-03-06 04:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 03:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-03-14 08:32 - 2019-03-06 03:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-03-14 08:32 - 2019-03-06 03:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-03-14 08:32 - 2019-03-06 03:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-03-14 08:32 - 2019-03-06 03:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-14 08:32 - 2019-03-06 03:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-03-14 08:32 - 2019-03-06 03:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-03-14 08:32 - 2019-03-06 03:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-03-14 08:32 - 2019-03-06 03:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-03-14 08:32 - 2019-03-06 03:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-03-14 08:32 - 2019-03-06 03:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-14 08:32 - 2019-03-06 03:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-14 08:32 - 2019-03-06 03:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-14 08:32 - 2019-03-06 03:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-14 08:32 - 2019-03-06 03:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-03-14 08:32 - 2019-03-06 03:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-14 08:32 - 2019-03-06 03:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-14 08:32 - 2019-03-06 03:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-03-14 08:32 - 2019-03-06 03:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-03-14 08:32 - 2019-03-06 03:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-03-14 08:32 - 2019-03-06 03:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-03-14 08:32 - 2019-03-06 03:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-03-14 08:32 - 2019-03-06 03:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-03-14 08:32 - 2019-03-06 03:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 03:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 03:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-14 08:32 - 2019-03-06 03:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-14 08:32 - 2019-03-05 03:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-03-14 08:32 - 2019-03-05 03:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-14 08:32 - 2019-03-05 03:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-03-14 08:32 - 2019-02-26 23:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-03-14 08:32 - 2019-02-26 22:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-03-14 08:32 - 2019-02-26 08:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-14 08:32 - 2019-02-26 08:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-03-14 08:32 - 2019-02-26 08:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-03-14 08:32 - 2019-02-26 08:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-14 08:32 - 2019-02-26 08:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-03-14 08:32 - 2019-02-26 08:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-14 08:32 - 2019-02-26 08:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-03-14 08:32 - 2019-02-26 08:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-03-14 08:32 - 2019-02-26 08:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-03-14 08:32 - 2019-02-26 08:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-14 08:32 - 2019-02-26 08:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-03-14 08:32 - 2019-02-26 08:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-03-14 08:32 - 2019-02-26 08:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-14 08:32 - 2019-02-26 08:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-03-14 08:32 - 2019-02-26 08:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-14 08:32 - 2019-02-26 08:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-14 08:32 - 2019-02-26 08:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-03-14 08:32 - 2019-02-26 08:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-03-14 08:32 - 2019-02-26 08:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-03-14 08:32 - 2019-02-26 08:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-14 08:32 - 2019-02-26 08:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-03-14 08:32 - 2019-02-26 08:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-14 08:32 - 2019-02-26 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-03-14 08:32 - 2019-02-26 08:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-03-14 08:32 - 2019-02-26 08:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-03-14 08:32 - 2019-02-26 08:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-03-14 08:32 - 2019-02-26 08:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-14 08:32 - 2019-02-26 08:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-14 08:32 - 2019-02-26 08:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-03-14 08:32 - 2019-02-26 08:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-03-14 08:32 - 2019-02-26 08:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-03-14 08:32 - 2019-02-26 08:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-03-14 08:32 - 2019-02-26 07:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-03-14 08:32 - 2019-02-26 07:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-03-14 08:32 - 2019-02-26 07:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-03-14 08:32 - 2019-02-26 07:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-14 08:32 - 2019-02-26 07:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-03-14 08:32 - 2019-02-26 07:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-03-14 08:32 - 2019-02-26 07:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-03-14 08:32 - 2019-02-26 07:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-03-14 08:32 - 2019-02-26 07:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-03-14 08:32 - 2019-02-26 07:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-03-14 08:32 - 2019-02-26 07:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-03-14 08:32 - 2019-02-26 07:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-03-14 08:32 - 2019-02-26 07:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-14 08:32 - 2019-02-26 07:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-03-14 08:32 - 2019-02-26 07:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-03-14 08:32 - 2019-02-26 07:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-03-14 08:32 - 2019-02-26 07:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-03-14 08:32 - 2019-02-26 07:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-03-14 08:32 - 2019-02-26 07:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-03-14 08:32 - 2019-02-26 07:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-03-14 08:32 - 2019-02-26 07:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-03-14 08:32 - 2019-02-26 07:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-03-14 08:32 - 2019-02-26 07:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-14 08:32 - 2019-02-26 07:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-03-14 08:32 - 2019-02-26 07:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-03-14 08:32 - 2019-02-26 07:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-03-14 08:32 - 2019-02-26 07:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-03-14 08:32 - 2019-02-26 07:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-14 08:32 - 2019-02-26 07:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-14 08:32 - 2019-02-26 07:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-14 08:32 - 2019-02-26 07:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-14 08:32 - 2019-02-26 07:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-14 08:32 - 2019-02-26 07:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-03-14 08:32 - 2019-02-26 07:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-03-14 08:32 - 2019-02-22 04:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-14 08:32 - 2019-02-22 04:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-03-14 08:32 - 2019-02-22 03:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-03-14 08:32 - 2019-02-22 03:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-14 08:32 - 2019-02-22 03:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-14 08:32 - 2019-02-16 07:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-14 08:32 - 2019-02-16 07:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-14 08:32 - 2019-02-16 07:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-14 08:32 - 2019-02-16 07:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-14 08:32 - 2019-02-16 07:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-14 08:32 - 2019-02-16 07:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-03-14 08:32 - 2019-02-16 07:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-03-14 08:32 - 2019-02-16 06:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-03-14 08:32 - 2019-02-16 06:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-03-14 08:32 - 2019-02-16 06:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-14 08:32 - 2019-02-16 06:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-03-14 08:32 - 2019-02-16 06:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-03-14 08:32 - 2019-02-16 06:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-03-14 08:32 - 2019-02-16 06:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-03-14 08:32 - 2019-02-15 17:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-14 08:32 - 2019-02-15 17:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-14 08:32 - 2019-02-15 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-03-14 08:32 - 2019-02-15 16:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-14 08:32 - 2019-02-15 16:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-14 08:32 - 2019-02-15 16:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-14 08:32 - 2019-02-15 16:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-03-14 08:32 - 2019-02-15 16:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-03-14 08:32 - 2019-02-15 16:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-14 08:32 - 2019-02-15 16:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-03-14 08:32 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-03-14 08:32 - 2019-02-15 16:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-03-14 08:32 - 2019-02-10 17:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-03-14 08:32 - 2019-02-10 17:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-03-14 08:32 - 2019-02-10 17:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-03-14 08:32 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-03-14 08:32 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-03-14 08:32 - 2019-02-10 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-03-14 08:32 - 2019-02-10 17:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-03-14 08:32 - 2019-02-10 17:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-14 08:32 - 2019-02-10 17:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-03-14 08:32 - 2019-02-10 17:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-03-14 08:32 - 2019-02-10 17:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-14 08:32 - 2019-02-10 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-03-14 08:32 - 2019-02-10 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-03-14 08:32 - 2019-02-10 17:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-03-14 08:32 - 2019-02-10 17:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-03-14 08:32 - 2019-02-10 17:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-14 08:32 - 2019-02-10 17:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-14 08:32 - 2019-02-10 17:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-14 08:32 - 2019-02-10 17:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-03-14 08:32 - 2019-02-10 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-03-14 08:32 - 2019-02-10 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-14 08:32 - 2019-02-10 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-03-14 08:32 - 2019-02-10 16:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-03-14 08:32 - 2019-02-10 16:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-03-14 08:32 - 2019-02-10 16:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-14 08:32 - 2019-02-10 16:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-14 08:32 - 2019-02-10 16:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-14 08:32 - 2019-02-10 16:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-14 08:32 - 2019-02-08 17:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-14 08:32 - 2019-02-08 17:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-14 08:32 - 2019-02-08 17:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-03-14 08:32 - 2019-02-08 17:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-03-14 08:32 - 2019-02-08 17:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-03-14 08:32 - 2019-02-08 16:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-14 08:32 - 2019-02-08 16:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-14 08:32 - 2019-02-08 16:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-03-14 08:32 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-03-14 08:32 - 2019-02-08 16:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-03-14 08:32 - 2019-02-07 17:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-03-14 08:32 - 2019-02-07 17:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-03-14 08:32 - 2019-02-07 17:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-14 08:32 - 2019-02-07 16:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-03-14 08:32 - 2019-02-03 16:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-14 08:32 - 2019-01-04 17:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-14 08:32 - 2019-01-04 17:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-14 08:32 - 2019-01-04 15:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-14 08:32 - 2019-01-04 15:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-14 08:32 - 2019-01-03 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-14 08:32 - 2019-01-03 16:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-12 09:04 - 2019-03-12 09:04 - 000052504 _____ C:\Users\Danica\Desktop\1077977260297_1_1600_20190208.pdf
2019-03-12 09:04 - 2019-03-12 09:04 - 000049465 _____ C:\Users\Danica\Desktop\1077977260297_2_1132_20190222.pdf
2019-03-09 18:29 - 2019-03-09 18:29 - 000941668 _____ C:\Users\Danica\Desktop\EN-Program Chart-WHIRLPOOL TDLR 70220.pdf
2019-02-27 00:21 - 2019-02-27 00:21 - 000627440 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2019-02-27 00:21 - 2019-02-27 00:21 - 000366320 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2019-02-27 00:21 - 2019-02-27 00:21 - 000332336 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2019-02-27 00:21 - 2019-02-27 00:21 - 000205552 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_2.dll
2019-02-27 00:21 - 2019-02-27 00:21 - 000085232 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2019-02-27 00:21 - 2019-02-27 00:21 - 000030960 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_1.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-26 11:53 - 2018-02-11 17:54 - 000002912 _____ C:\Windows\System32\Tasks\Avast Driver Updater Startup
2019-03-26 11:53 - 2018-02-11 17:54 - 000000484 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job
2019-03-26 11:52 - 2015-11-22 13:26 - 000000000 __SHD C:\Users\Danica\IntelGraphicsProfiles
2019-03-26 11:51 - 2017-10-04 14:33 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2019-03-26 11:50 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-26 08:18 - 2009-07-14 05:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-26 08:18 - 2009-07-14 05:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-26 08:16 - 2019-01-19 09:38 - 000004194 _____ C:\Windows\System32\Tasks\Avast Cleanup Update
2019-03-26 08:13 - 2016-11-29 15:35 - 000000000 ____D C:\Program Files\trend micro
2019-03-25 15:28 - 2017-03-12 09:36 - 000000000 ____D C:\Users\Danica\AppData\Local\AVAST Software
2019-03-25 15:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-03-25 11:39 - 2019-01-30 09:04 - 000004072 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1548835486
2019-03-25 11:39 - 2018-03-13 21:00 - 000004532 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-25 11:39 - 2016-03-31 15:24 - 000003564 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA
2019-03-25 11:39 - 2015-12-03 16:08 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-03-25 08:38 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-03-24 19:57 - 2015-11-24 14:39 - 000000000 ___RD C:\Users\Danica\Desktop\Fotografie
2019-03-24 11:11 - 2015-11-25 19:14 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-03-22 14:32 - 2015-11-22 09:45 - 000000000 ____D C:\Users\Danica\AppData\Roaming\LibreOffice
2019-03-17 10:28 - 2017-03-11 08:09 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-17 10:25 - 2015-11-22 09:18 - 000000000 ____D C:\Users\Danica
2019-03-17 10:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2019-03-15 09:04 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-03-15 07:49 - 2011-04-12 09:34 - 000669596 _____ C:\Windows\system32\perfh005.dat
2019-03-15 07:49 - 2011-04-12 09:34 - 000141754 _____ C:\Windows\system32\perfc005.dat
2019-03-15 07:49 - 2009-07-14 06:13 - 001586720 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-15 07:40 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-15 07:39 - 2015-11-22 16:32 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-03-15 07:39 - 2015-11-22 16:32 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-15 07:39 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2019-03-15 00:00 - 2015-11-22 16:14 - 000000000 ____D C:\Windows\system32\MRT
2019-03-14 23:57 - 2015-11-22 16:13 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-13 16:26 - 2015-11-28 13:16 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-13 16:26 - 2015-11-28 13:16 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 16:26 - 2015-11-28 13:16 - 000004398 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-13 16:26 - 2015-11-28 13:16 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-13 16:26 - 2015-11-28 13:16 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-12 15:21 - 2015-11-24 13:06 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-03-12 15:20 - 2019-02-13 08:16 - 000518784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-03-12 15:20 - 2019-01-14 16:47 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-03-12 15:20 - 2019-01-06 20:08 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-03-12 15:20 - 2019-01-06 20:08 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-03-12 15:20 - 2019-01-06 20:08 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-03-12 15:20 - 2018-10-10 07:51 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-03-12 15:20 - 2017-11-09 18:04 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-03-12 15:20 - 2015-11-24 13:06 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-03-12 08:49 - 2017-11-18 17:31 - 000091296 _____ C:\Users\Danica\AppData\Local\GDIPFONTCACHEV1.DAT
2019-03-06 19:31 - 2017-08-13 20:07 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-07-12 08:28 - 2018-07-12 08:28 - 000000000 _____ () C:\Users\Danica\AppData\Local\{4D73991B-C47E-45E3-BE8A-C000C23B7E0D}
2016-02-08 20:06 - 2016-02-08 20:06 - 000000000 _____ () C:\Users\Danica\AppData\Local\{8554F127-2C7C-4019-B027-5A5F0D35707F}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
Děkuji!
Danica Tomášková

Odpovědět