Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivku

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Prosím o preventivku

#1 Příspěvek od danatoma »

Dobrý den. Mám trochu problém s přehráváním videí od iPrima. Nejspíš je chyba na jejich straně, ale já bych prosila, abych měla jistotu o preventivku. Přikládám log z FRTS

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 01
Ran by Danica (administrator) on DANICA-PC (Gigabyte Technology Co., Ltd. Z97-D3H) (12-10-2019 16:44:40)
Running from C:\Users\Danica\Desktop
Loaded Profiles: Danica (Available Profiles: Danica)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2000-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299520 2000-01-01] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Run: [Chromium] => c:\users\danica\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Run: [Google Update] => C:\Users\Danica\AppData\Local\Google\Update\1.3.35.302\GoogleUpdateCore.exe [1107752 2019-10-08] (Google Inc -> Google LLC)
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-19]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04A7D1A7-7699-4709-AC54-D87F76EB46D9} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {0C792D7E-E42C-4154-950F-F2F735CAB288} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {14415E68-8A42-437A-9801-E9B3F6B9CC54} - System32\Tasks\Opera scheduled Autoupdate 1548835486 => C:\Users\Danica\AppData\Local\Programs\Opera\launcher.exe
Task: {1456DFBE-B516-4CC7-AED1-18B6A97BE9B7} - \{6844231F-4E00-4E57-B7C4-46BFD7E7ACB2} -> No File <==== ATTENTION
Task: {1524AED7-FB8C-4454-B743-5EFD2B8C2B7D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {3244A548-4B4E-4D2E-9A33-7A56D930D174} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {48EF672A-5961-4DD3-8609-83A1D317D21D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [1453112 2019-09-21] (Adobe Inc. -> Adobe)
Task: {5AFD99EB-A334-48B3-B15F-8F21C3D22CBB} - \{988FC987-1A6B-4AE6-B321-7940859FF519} -> No File <==== ATTENTION
Task: {6D4CBB16-49EA-47EC-A029-4C94AA073B7B} - System32\Tasks\SafeZone scheduled Autoupdate 1448367229 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {75640AB7-B611-4AAB-8C44-F28C8C12A2A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-12] (Adobe Inc. -> Adobe)
Task: {7605C7DF-A141-421B-B195-0DC0B2D73490} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-12] (Adobe Inc. -> Adobe)
Task: {77DB11A3-79E1-4A44-BA20-FFA423F13490} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-13] (Google Inc -> Google Inc.)
Task: {9330AAF2-1B98-4F5D-9B75-B42F7E1950D5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core => C:\Users\Danica\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-02] (Google Inc -> Google Inc.)
Task: {BE7BF55D-38EA-40BB-962B-6440C64E8CC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-13] (Google Inc -> Google Inc.)
Task: {BE9E73DB-1A4A-4233-9BB6-09F9FDDA24C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {BEDFFDE4-5F70-45F8-B870-F2F19E6F1070} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1380232 2019-08-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {DA7D9B12-8CB8-4164-9944-7D4559615EB6} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {DC2AC09E-3F49-4C43-BF18-BF4D3672BB4D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA => C:\Users\Danica\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-02] (Google Inc -> Google Inc.)
Task: {E4ADD619-A4F2-45B0-8CD2-8DF8C971400A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {FFF2C5C5-6B98-4A10-A561-B18D98F73FBF} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30244056 2019-04-10] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 secure.tune-up.com
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{A10C2104-F2DE-4AAA-AA41-1F8916A922BE}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{BF8E6D5A-A227-42DC-BBC2-1E48544133F3}: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{EF0F8BAB-DCB1-48C0-B574-983445226713}: [NameServer] 100.120.128.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {2E2AE52D-B746-4D5A-8D87-040FF26DA1AD} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {37FE3127-D331-432F-BA62-C6FA353ED829} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {474B5B48-C606-45D6-85BD-240F1DC1BC5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {4A0FE769-7C54-4C0A-B4AB-3E525FB2DCB1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {4AC592D3-7BCD-4DC1-8B44-C589D17B7A37} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {BB2D0F1E-B329-4EC6-9E6D-7AFE0321B394} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {E179443E-DC27-473B-A279-C9C8091DC7B4} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {F41CD5ED-2BB8-4D58-9A8C-3B826C405379} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {F8D14E72-77A1-4FB6-AAEE-BB4FB3AAC7CA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454

FireFox:
========
FF DefaultProfile: 8qyzod9n.default-1549969440949
FF ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949 [2019-07-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-11-18] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-07] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-07] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: google.com/WidevineMediaOptimizer -> C:\Users\Danica\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Widevine Technologies -> Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.denik.cz/krimi/vysetrovani-tragedie ... ount/Index"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default [2019-10-12]
CHR DownloadDir: C:\Users\Danica\Desktop
CHR Extension: (Prezentace) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Facebook) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-11-24]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Tabulky) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Hodiny) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-11-24]
CHR Extension: (Chuck Anderson) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp [2017-07-14]
CHR Extension: (Avast Online Security) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-17]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-09-25]
CHR Extension: (Netpanel) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbidbgoheiddfilfipcobicemncfogno [2019-09-20]
CHR Extension: (Blogger) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2015-11-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Picasa) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-11-24]
CHR Extension: (Gmail) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-21]
CHR Profile: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [343016 2018-09-13] (Intel Corporation -> Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [7449992 2019-08-07] (AVAST Software s.r.o. -> AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-11-22] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2019-01-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [552848 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation -> Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [40448 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2016-02-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2253112 2015-09-28] (MEDIATEK INC. -> MediaTek Inc.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2019-10-12] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-12 16:44 - 2019-10-12 16:45 - 000026438 _____ C:\Users\Danica\Desktop\FRST.txt
2019-10-11 22:54 - 2019-10-11 22:54 - 000001529 _____ C:\Users\Danica\Desktop\iexplore – zástupce.lnk
2019-10-11 07:43 - 2019-10-11 07:44 - 000402736 _____ C:\Windows\system32\FNTCACHE.DAT
2019-10-09 22:31 - 2019-10-07 08:49 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-10-09 22:31 - 2019-10-07 07:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-10-09 22:31 - 2019-10-06 06:12 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-10-09 22:31 - 2019-10-06 06:00 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-10-09 22:31 - 2019-10-06 06:00 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-10-09 22:31 - 2019-10-06 05:49 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-10-09 22:31 - 2019-10-06 05:48 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-10-09 22:31 - 2019-10-06 05:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-10-09 22:31 - 2019-10-06 05:47 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-10-09 22:31 - 2019-10-06 05:47 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-10-09 22:31 - 2019-10-06 05:46 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-10-09 22:31 - 2019-10-06 05:41 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-10-09 22:31 - 2019-10-06 05:40 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-10-09 22:31 - 2019-10-06 05:38 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-10-09 22:31 - 2019-10-06 05:37 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-10-09 22:31 - 2019-10-06 05:37 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-10-09 22:31 - 2019-10-06 05:36 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-10-09 22:31 - 2019-10-06 05:36 - 000797696 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-10-09 22:31 - 2019-10-06 05:34 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-10-09 22:31 - 2019-10-06 05:32 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-10-09 22:31 - 2019-10-06 05:31 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-10-09 22:31 - 2019-10-06 05:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-10-09 22:31 - 2019-10-06 05:28 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-10-09 22:31 - 2019-10-06 05:23 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-10-09 22:31 - 2019-10-06 05:22 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-10-09 22:31 - 2019-10-06 05:22 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-10-09 22:31 - 2019-10-06 05:19 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-10-09 22:31 - 2019-10-06 05:19 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-10-09 22:31 - 2019-10-06 05:18 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-10-09 22:31 - 2019-10-06 05:18 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-10-09 22:31 - 2019-10-06 05:17 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-10-09 22:31 - 2019-10-06 05:17 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-10-09 22:31 - 2019-10-06 05:17 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-10-09 22:31 - 2019-10-06 05:16 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-10-09 22:31 - 2019-10-06 05:16 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-10-09 22:31 - 2019-10-06 05:15 - 002302464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-10-09 22:31 - 2019-10-06 05:12 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-10-09 22:31 - 2019-10-06 05:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-10-09 22:31 - 2019-10-06 05:11 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-10-09 22:31 - 2019-10-06 05:10 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-10-09 22:31 - 2019-10-06 05:10 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-10-09 22:31 - 2019-10-06 05:10 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-10-09 22:31 - 2019-10-06 05:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-10-09 22:31 - 2019-10-06 05:05 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-10-09 22:31 - 2019-10-06 05:05 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-10-09 22:31 - 2019-10-06 05:03 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-10-09 22:31 - 2019-10-06 05:03 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-10-09 22:31 - 2019-10-06 05:03 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-10-09 22:31 - 2019-10-06 05:00 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-10-09 22:31 - 2019-10-06 05:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-10-09 22:31 - 2019-10-06 04:59 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-10-09 22:31 - 2019-10-06 04:58 - 015413760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-10-09 22:31 - 2019-10-06 04:57 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-10-09 22:31 - 2019-10-06 04:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-10-09 22:31 - 2019-10-06 04:56 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-10-09 22:31 - 2019-10-06 04:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-10-09 22:31 - 2019-10-06 04:55 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-10-09 22:31 - 2019-10-06 04:53 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-10-09 22:31 - 2019-10-06 04:50 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-10-09 22:31 - 2019-10-06 04:49 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-10-09 22:31 - 2019-10-06 04:48 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-10-09 22:31 - 2019-10-06 04:48 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-10-09 22:31 - 2019-10-06 04:45 - 013808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-10-09 22:31 - 2019-10-06 04:45 - 001566208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-10-09 22:31 - 2019-10-06 04:35 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-10-09 22:31 - 2019-10-06 04:34 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-10-09 22:31 - 2019-10-06 04:32 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-10-09 22:31 - 2019-10-06 04:30 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-10-09 22:31 - 2019-09-19 06:27 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2019-10-09 22:31 - 2019-09-17 04:32 - 004060896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-10-09 22:31 - 2019-09-17 04:32 - 003966688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-10-09 22:31 - 2019-09-17 04:32 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-10-09 22:31 - 2019-09-17 04:32 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-10-09 22:31 - 2019-09-17 04:31 - 005552864 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-10-09 22:31 - 2019-09-17 04:31 - 001319496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-10-09 22:31 - 2019-09-17 04:31 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-10-09 22:31 - 2019-09-17 04:31 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-10-09 22:31 - 2019-09-17 04:31 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-10-09 22:31 - 2019-09-17 04:30 - 001670784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 04:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-10-09 22:31 - 2019-09-17 04:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-10-09 22:31 - 2019-09-17 04:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-10-09 22:31 - 2019-09-17 04:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-10-09 22:31 - 2019-09-17 04:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-10-09 22:31 - 2019-09-17 03:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-10-09 22:31 - 2019-09-17 03:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-10-09 22:31 - 2019-09-17 03:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-10-09 22:31 - 2019-09-17 03:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-10-09 22:31 - 2019-09-17 03:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-10-09 22:31 - 2019-09-17 03:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-10-09 22:31 - 2019-09-17 03:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 03:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 03:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 03:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-10-09 22:31 - 2019-09-17 03:56 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-10-09 22:31 - 2019-09-17 03:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-10-09 22:31 - 2019-09-17 03:55 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-10-09 22:31 - 2019-09-17 03:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-10-09 22:31 - 2019-09-17 03:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-10-09 22:31 - 2019-09-17 03:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-10-09 22:31 - 2019-09-17 03:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-10-09 22:31 - 2019-09-17 03:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-10-09 22:31 - 2019-09-17 03:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-10-09 22:31 - 2019-09-17 03:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-10-09 22:31 - 2019-09-17 03:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-10-09 22:31 - 2019-09-17 03:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-10-09 22:31 - 2019-09-17 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-10-09 22:31 - 2019-09-17 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-10-09 22:31 - 2019-09-17 03:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-10-09 22:31 - 2019-09-17 03:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-10-09 22:31 - 2019-09-17 02:13 - 000455392 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-10-09 22:31 - 2019-09-11 06:56 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-10-09 22:31 - 2019-09-11 06:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-10-09 22:31 - 2019-09-10 04:27 - 000383488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-10-09 22:31 - 2019-09-10 04:27 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-10-09 22:31 - 2019-09-10 04:27 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-10-09 22:31 - 2019-09-10 04:24 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-10-09 22:31 - 2019-09-10 04:24 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-10-09 22:31 - 2019-09-10 04:24 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-10-09 22:31 - 2019-09-10 04:24 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-10-09 22:31 - 2019-09-10 04:24 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-10-09 22:31 - 2019-09-10 04:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-10-09 22:31 - 2019-09-10 04:02 - 006135296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-10-09 22:31 - 2019-09-10 04:00 - 000361472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-10-09 22:31 - 2019-09-10 04:00 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-10-09 22:31 - 2019-09-10 04:00 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-10-09 22:31 - 2019-09-10 04:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-10-09 22:31 - 2019-09-10 04:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-10-09 22:31 - 2019-09-10 03:54 - 003231744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-10-09 22:31 - 2019-09-10 03:53 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-10-09 22:31 - 2019-09-10 03:53 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-10-09 22:31 - 2019-09-10 03:53 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-10-09 22:31 - 2019-09-10 03:53 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-10-09 22:31 - 2019-09-10 03:52 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2019-10-09 22:31 - 2019-09-10 03:49 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-10-09 22:31 - 2019-09-10 02:09 - 007082496 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-10-09 22:31 - 2019-09-10 02:09 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-10-09 11:26 - 2019-10-09 11:26 - 000784999 _____ C:\Users\Danica\Desktop\Manual_V650CZSKDE170811-1504866674.pdf
2019-10-08 07:40 - 2019-10-12 16:31 - 000003566 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA
2019-10-08 07:40 - 2019-10-12 16:31 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core
2019-10-07 23:28 - 2019-10-12 16:31 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-07 23:28 - 2019-10-12 16:31 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-04 17:34 - 2019-09-12 05:53 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-10-04 17:34 - 2019-09-12 05:52 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-10-04 17:34 - 2019-09-12 05:52 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-10-04 17:34 - 2019-09-12 05:44 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-10-04 17:34 - 2019-09-12 05:44 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-10-04 17:34 - 2019-09-12 05:44 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-10-04 17:34 - 2019-09-12 05:44 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-10-04 17:34 - 2019-09-12 05:44 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-10-04 17:34 - 2019-09-12 05:24 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-10-01 15:48 - 2019-10-01 15:48 - 000000017 _____ C:\Users\Danica\AppData\Local\resmon.resmoncfg
2019-09-30 16:07 - 2019-09-30 16:07 - 000355720 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-09-30 16:07 - 2019-09-30 16:07 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-09-30 16:07 - 2019-09-30 16:07 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-12 16:44 - 2019-03-26 10:30 - 001616384 _____ (Farbar) C:\Users\Danica\Desktop\FRST64.exe
2019-10-12 16:44 - 2019-03-26 10:30 - 000000000 ____D C:\FRST
2019-10-12 16:36 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-12 16:36 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-12 16:31 - 2019-01-30 10:04 - 000004072 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1548835486
2019-10-12 16:31 - 2018-03-13 22:00 - 000004532 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-12 16:31 - 2015-12-03 17:08 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2019-10-12 09:39 - 2017-03-12 10:36 - 000000000 ____D C:\Users\Danica\AppData\Local\AVAST Software
2019-10-12 08:46 - 2019-01-19 10:38 - 000004194 _____ C:\Windows\system32\Tasks\Avast Cleanup Update
2019-10-12 08:44 - 2015-11-28 14:16 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-10-12 08:44 - 2015-11-28 14:16 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-10-12 08:44 - 2015-11-28 14:16 - 000004398 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-12 08:44 - 2015-11-28 14:16 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-12 08:44 - 2015-11-28 14:16 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-12 08:43 - 2018-02-11 18:54 - 000002912 _____ C:\Windows\system32\Tasks\Avast Driver Updater Startup
2019-10-12 08:43 - 2018-02-11 18:54 - 000000484 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job
2019-10-12 08:43 - 2015-11-22 14:26 - 000000000 __SHD C:\Users\Danica\IntelGraphicsProfiles
2019-10-12 08:40 - 2017-03-11 09:09 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-10-12 08:38 - 2017-10-04 15:33 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2019-10-12 08:38 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-11 19:56 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-10-11 07:53 - 2011-04-12 10:34 - 000669596 _____ C:\Windows\system32\perfh005.dat
2019-10-11 07:53 - 2011-04-12 10:34 - 000141754 _____ C:\Windows\system32\perfc005.dat
2019-10-11 07:53 - 2009-07-14 07:13 - 001586720 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-11 07:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-10-10 07:33 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-10-09 23:58 - 2015-11-22 11:20 - 001561434 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-10-09 23:57 - 2015-11-22 17:14 - 000000000 ____D C:\Windows\system32\MRT
2019-10-09 23:54 - 2015-11-22 17:13 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-07 23:28 - 2015-11-22 10:34 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-07 11:48 - 2015-11-25 20:14 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-10-06 09:12 - 2018-12-10 08:47 - 000000000 ____D C:\Users\Danica\Desktop\SpiderEma-gify
2019-10-01 08:06 - 2009-07-14 05:20 - 000000000 ____D C:\PerfLogs
2019-09-30 16:08 - 2015-11-24 14:06 - 000848432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-09-30 16:08 - 2015-11-24 14:06 - 000460448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-09-30 16:07 - 2019-02-13 09:16 - 000552848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-09-30 16:07 - 2019-01-14 17:47 - 000274456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-09-30 16:07 - 2019-01-06 21:08 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-09-30 16:07 - 2019-01-06 21:08 - 000065120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-09-30 16:07 - 2018-10-10 08:51 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-09-30 16:07 - 2017-11-09 19:04 - 000204824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-09-30 16:07 - 2015-11-24 14:06 - 000316528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-09-30 16:07 - 2015-11-24 14:06 - 000110320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-09-30 16:07 - 2015-11-24 14:06 - 000083792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-09-21 11:08 - 2015-11-22 10:44 - 000000000 ____D C:\Users\Danica\AppData\Local\Adobe
2019-09-21 11:07 - 2017-05-25 18:35 - 000004546 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-09-20 07:51 - 2009-07-14 07:08 - 000032552 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-09-19 22:56 - 2017-08-13 21:07 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-14 21:12 - 2015-11-24 15:38 - 000000000 ____D C:\Users\Danica\Desktop\obrazky-web
2019-09-12 07:12 - 2015-11-22 17:32 - 000000000 ___SD C:\Windows\system32\CompatTel

==================== Files in the root of some directories ================

2019-10-01 15:48 - 2019-10-01 15:48 - 000000017 _____ () C:\Users\Danica\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-10-10 20:08
==================== End of FRST.txt ============================




A ještě Additional scan

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 01
Ran by Danica (12-10-2019 16:45:55)
Running from C:\Users\Danica\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-11-22 08:18:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-835433377-1433666261-3082474647-500 - Administrator - Disabled)
Danica (S-1-5-21-835433377-1433666261-3082474647-1000 - Administrator - Enabled) => C:\Users\Danica
Guest (S-1-5-21-835433377-1433666261-3082474647-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.270 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{315BE77E-D725-477D-9C71-63F78844363C}) (Version: 12.2.2.172 - Adobe Systems, Inc)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.429 - AVAST Software)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
i-Look 110 (HKLM-x32\...\{99F351B0-E2CD-43E2-935F-256F1CF1348B}) (Version: 1.0.4.15 - KYE)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5057 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.4.43 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
K-Lite Codec Pack 11.6.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.6.6 - )
LibreOffice 6.2.1.2 (HKLM\...\{28B8E75D-44A5-4057-8369-5951A15BAF08}) (Version: 6.2.1.2 - The Document Foundation)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Nature Illusion Studio (HKLM-x32\...\Nature Illusion Studio) (Version: 3.41 - Nufsoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8040 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Sqirlz Water Reflections (HKLM-x32\...\Sqirlz Water Reflections) (Version: 2.6 - xiberpix)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WebMate (HKLM-x32\...\{40B6D0B4-301A-4020-869F-2E3936E02299}) (Version: 2.2.0.4 - KYE)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoner GIF Animator 5 (HKLM-x32\...\{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}) (Version: 5.0.3000.2 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll (Google Inc -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ==================


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list
ShortcutWithArgument: C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list
ShortcutWithArgument: C:\Users\Danica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5046ca2656e8714f\Chromium.lnk -> C:\Users\Danica\AppData\Local\chromium\Application\chrome.exe (The Chromium Authors) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2017-12-21 17:25 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2019-01-19 10:39 - 2018-09-05 22:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2011-10-14 16:53 - 2019-02-14 17:14 - 000000038 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 secure.tune-up.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3871DEFB-3256-41E5-9E2F-6464122C8120}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0E048752-553C-47DE-8491-2F377493FF42}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ADA3CE02-14BA-4B05-8BFE-69ADB4F9931C}] => (Allow) LPort=7000
FirewallRules: [{C20991B6-BD4A-4AE3-AE45-1A26C8701E33}] => (Allow) LPort=7000
FirewallRules: [{E62D9686-0A04-4A5B-B742-FD1CFBE66943}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
FirewallRules: [{E97530E0-2BE9-4BBB-BD93-D9D8AFD0158F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
FirewallRules: [{31428591-8838-438D-8443-649CC74D1266}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{DC772462-E3C7-4E32-AB36-CDD5D77A7918}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{CA050061-9434-43C5-AEF1-D75DD5B7CA93}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8CDEF3FA-CE41-41BE-A7CF-FFAD245635C3}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F653E07E-7590-4138-BD4E-8FB015251B2D}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{3CBDB3CA-0062-4B4F-8D27-D6E803555A0E}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{128DB31F-5140-4A44-A835-B7EDBEF3E5D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-10-2019 23:52:42 Windows Update

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/12/2019 08:39:35 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Nelze číst data o výkonu ze služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (10/12/2019 08:38:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/11/2019 07:44:47 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/11/2019 07:44:47 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/11/2019 07:44:47 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/11/2019 07:44:47 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/11/2019 07:44:47 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (10/11/2019 07:44:46 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (10/12/2019 04:44:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/12/2019 08:43:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Avast Cleanup Premium přestala během spouštění reagovat.

Error: (10/11/2019 10:18:55 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.

Error: (10/11/2019 10:16:24 PM) (Source: DCOM) (EventID: 10016) (User: Danica-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
a APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
uživateli Danica-PC\Danica SID (S-1-5-21-835433377-1433666261-3082474647-1000) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/11/2019 10:16:18 PM) (Source: DCOM) (EventID: 10016) (User: Danica-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
a APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
uživateli Danica-PC\Danica SID (S-1-5-21-835433377-1433666261-3082474647-1000) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/11/2019 07:45:44 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (10/11/2019 07:45:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (10/11/2019 07:45:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
===================================
Date: 2016-01-15 18:53:23.072
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C3E4969D-95AC-45BB-9AC1-1A0DBE8D68B5}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Danica-PC\Danica

CodeIntegrity:
===================================

Date: 2015-11-22 10:21:52.112
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:21:52.081
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:21:48.660
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:21:48.645
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:19.157
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:19.126
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:16.933
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:16.902
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F9 09/18/2015
Motherboard: Gigabyte Technology Co., Ltd. Z97-D3H-CF
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 67%
Total physical RAM: 7580.21 MB
Available physical RAM: 2491.32 MB
Total Virtual: 15158.56 MB
Available Virtual: 10118.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:575.6 GB) (Free:515.51 GB) NTFS
Drive e: (Záloha ) (Fixed) (Total:355.69 GB) (Free:263.97 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 32DA4823)

Partition: GPT.

==================== End of Addition.txt ============================
Děkuji!
Danica Tomášková

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#3 Příspěvek od danatoma »

Mám velký problém - PC mi umřelo. Po odeslání logu jsem si pustila video a nešel zvuk. Zkusila jsem restartovat a už mi nic nenaskočilo. Teda ano, ale mihla se mi zpráva, že win... něco , jako že na PC nefunguje. Takže teď jsem na notebooku a nemůžu nic dělat.
Děkuji!
Danica Tomášková

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#4 Příspěvek od Conder »

Co sa deje po zapnuti PC? Ukaze sa aj obrazovka spustania Windowsu?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#5 Příspěvek od danatoma »

Dala jsem nějak dohromady a dopoledne pošlu nový log.
Děkuji!
Danica Tomášková

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#6 Příspěvek od danatoma »

Hezkou neděli přeji. Asi budu muset vložit nový log z RSIT nebo FRST.

Tady je výsledek AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-04-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-13-2019
# Duration: 00:00:02
# OS: Windows 7 Home Premium
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1674 octets] - [11/06/2018 19:16:10]
AdwCleaner[C00].txt - [1629 octets] - [11/06/2018 19:16:48]
AdwCleaner[S01].txt - [2277 octets] - [14/02/2019 16:59:05]
AdwCleaner[C01].txt - [2239 octets] - [14/02/2019 16:59:28]
AdwCleaner[S02].txt - [1647 octets] - [25/03/2019 17:12:44]
AdwCleaner[C02].txt - [1775 octets] - [25/03/2019 17:13:03]
AdwCleaner_Debug.log - [19611 octets] - [13/10/2019 08:30:46]
AdwCleaner[S03].txt - [1903 octets] - [13/10/2019 08:31:10]
AdwCleaner[S04].txt - [1964 octets] - [13/10/2019 08:33:02]
AdwCleaner[S05].txt - [2026 octets] - [13/10/2019 08:36:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt #########

==================================================

Nový log z FRST:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by Danica (13-10-2019 08:58:28)
Running from C:\Users\Danica\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-11-22 08:18:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-835433377-1433666261-3082474647-500 - Administrator - Disabled)
Danica (S-1-5-21-835433377-1433666261-3082474647-1000 - Administrator - Enabled) => C:\Users\Danica
Guest (S-1-5-21-835433377-1433666261-3082474647-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.270 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{315BE77E-D725-477D-9C71-63F78844363C}) (Version: 12.2.2.172 - Adobe Systems, Inc)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.429 - AVAST Software)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
i-Look 110 (HKLM-x32\...\{99F351B0-E2CD-43E2-935F-256F1CF1348B}) (Version: 1.0.4.15 - KYE)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5057 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.4.43 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
K-Lite Codec Pack 11.6.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.6.6 - )
LibreOffice 6.2.1.2 (HKLM\...\{28B8E75D-44A5-4057-8369-5951A15BAF08}) (Version: 6.2.1.2 - The Document Foundation)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Nature Illusion Studio (HKLM-x32\...\Nature Illusion Studio) (Version: 3.41 - Nufsoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8040 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Sqirlz Water Reflections (HKLM-x32\...\Sqirlz Water Reflections) (Version: 2.6 - xiberpix)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WebMate (HKLM-x32\...\{40B6D0B4-301A-4020-869F-2E3936E02299}) (Version: 2.2.0.4 - KYE)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
WinASO Registry Optimizer 4.0.5 (HKLM-x32\...\WinASO Registry Optimizer 4.0.5_is1) (Version: - X.M.Y International LLC)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zoner GIF Animator 5 (HKLM-x32\...\{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}) (Version: 5.0.3000.2 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll (Google Inc -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ==================


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list
ShortcutWithArgument: C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list
ShortcutWithArgument: C:\Users\Danica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5046ca2656e8714f\Chromium.lnk -> C:\Users\Danica\AppData\Local\chromium\Application\chrome.exe (The Chromium Authors) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2017-12-21 17:25 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2019-01-19 10:39 - 2018-09-05 22:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2011-10-14 16:53 - 2019-02-14 17:14 - 000000038 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 secure.tune-up.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3871DEFB-3256-41E5-9E2F-6464122C8120}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0E048752-553C-47DE-8491-2F377493FF42}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ADA3CE02-14BA-4B05-8BFE-69ADB4F9931C}] => (Allow) LPort=7000
FirewallRules: [{C20991B6-BD4A-4AE3-AE45-1A26C8701E33}] => (Allow) LPort=7000
FirewallRules: [{E62D9686-0A04-4A5B-B742-FD1CFBE66943}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
FirewallRules: [{E97530E0-2BE9-4BBB-BD93-D9D8AFD0158F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
FirewallRules: [{31428591-8838-438D-8443-649CC74D1266}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{DC772462-E3C7-4E32-AB36-CDD5D77A7918}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{CA050061-9434-43C5-AEF1-D75DD5B7CA93}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8CDEF3FA-CE41-41BE-A7CF-FFAD245635C3}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F653E07E-7590-4138-BD4E-8FB015251B2D}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{3CBDB3CA-0062-4B4F-8D27-D6E803555A0E}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{128DB31F-5140-4A44-A835-B7EDBEF3E5D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-10-2019 23:52:42 Windows Update
12-10-2019 20:50:07 Windows Update

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2019 08:39:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/13/2019 08:24:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/13/2019 01:06:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/13/2019 12:58:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/13/2019 12:55:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/12/2019 08:50:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Parametr není správný.
.

Error: (10/12/2019 08:50:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
Parametr není správný.
.

Error: (10/12/2019 08:32:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (10/13/2019 08:38:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (10/13/2019 08:37:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (10/13/2019 08:37:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (10/13/2019 08:37:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft .NET Framework NGEN v4.0.30319_X64 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (10/13/2019 08:37:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (10/13/2019 08:37:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft .NET Framework NGEN v4.0.30319_X86 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (10/13/2019 08:37:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet Monitoring Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/13/2019 08:37:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2016-01-15 18:53:23.072
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C3E4969D-95AC-45BB-9AC1-1A0DBE8D68B5}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Danica-PC\Danica

CodeIntegrity:
===================================

Date: 2015-11-22 10:21:52.112
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:21:52.081
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:21:48.660
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:21:48.645
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:19.157
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:19.126
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:16.933
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-22 10:19:16.902
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\RltkAPO64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F9 09/18/2015
Motherboard: Gigabyte Technology Co., Ltd. Z97-D3H-CF
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 41%
Total physical RAM: 7580.21 MB
Available physical RAM: 4455.97 MB
Total Virtual: 15158.56 MB
Available Virtual: 12169.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:575.6 GB) (Free:512.35 GB) NTFS
Drive e: (Záloha ) (Fixed) (Total:355.69 GB) (Free:263.97 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 32DA4823)

Partition: GPT.

==================== End of Addition.txt ============================
Děkuji!
Danica Tomášková

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#7 Příspěvek od Conder »

Ano, poprosil by som o obidva nove logy z FRST, teda aj log FRST.txt.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#8 Příspěvek od danatoma »

Tady to je:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
Ran by Danica (administrator) on DANICA-PC (Gigabyte Technology Co., Ltd. Z97-D3H) (13-10-2019 08:57:30)
Running from C:\Users\Danica\Desktop
Loaded Profiles: Danica (Available Profiles: Danica)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Users\Danica\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2000-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299520 2000-01-01] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Run: [Chromium] => c:\users\danica\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Run: [Google Update] => C:\Users\Danica\AppData\Local\Google\Update\1.3.35.302\GoogleUpdateCore.exe [1107752 2019-10-08] (Google Inc -> Google LLC)
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-19]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04A7D1A7-7699-4709-AC54-D87F76EB46D9} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {0C792D7E-E42C-4154-950F-F2F735CAB288} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {14415E68-8A42-437A-9801-E9B3F6B9CC54} - System32\Tasks\Opera scheduled Autoupdate 1548835486 => C:\Users\Danica\AppData\Local\Programs\Opera\launcher.exe
Task: {1456DFBE-B516-4CC7-AED1-18B6A97BE9B7} - \{6844231F-4E00-4E57-B7C4-46BFD7E7ACB2} -> No File <==== ATTENTION
Task: {3244A548-4B4E-4D2E-9A33-7A56D930D174} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {48EF672A-5961-4DD3-8609-83A1D317D21D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [1453112 2019-09-21] (Adobe Inc. -> Adobe)
Task: {5AFD99EB-A334-48B3-B15F-8F21C3D22CBB} - \{988FC987-1A6B-4AE6-B321-7940859FF519} -> No File <==== ATTENTION
Task: {6D4CBB16-49EA-47EC-A029-4C94AA073B7B} - System32\Tasks\SafeZone scheduled Autoupdate 1448367229 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {75640AB7-B611-4AAB-8C44-F28C8C12A2A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-13] (Adobe Inc. -> Adobe)
Task: {7605C7DF-A141-421B-B195-0DC0B2D73490} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-13] (Adobe Inc. -> Adobe)
Task: {77DB11A3-79E1-4A44-BA20-FFA423F13490} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-13] (Google Inc -> Google Inc.)
Task: {9330AAF2-1B98-4F5D-9B75-B42F7E1950D5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core => C:\Users\Danica\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-02] (Google Inc -> Google Inc.)
Task: {BE7BF55D-38EA-40BB-962B-6440C64E8CC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-13] (Google Inc -> Google Inc.)
Task: {BE9E73DB-1A4A-4233-9BB6-09F9FDDA24C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {BEDFFDE4-5F70-45F8-B870-F2F19E6F1070} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1380232 2019-08-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {CAEE6B8D-F3B3-4486-B4DE-BB67D75355D4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {D7D403FC-3B78-45D3-B1E1-E1BE5906998A} - System32\Tasks\WinASORegistryOptimizerForDanica => C:\Program Files (x86)\WinASO\Registry Optimizer 4.0\RegOpt.exe [7456648 2012-07-21] (Winaso.com -> X.M.Y International, LLC) [File not signed]
Task: {DA7D9B12-8CB8-4164-9944-7D4559615EB6} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {DC2AC09E-3F49-4C43-BF18-BF4D3672BB4D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA => C:\Users\Danica\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-02] (Google Inc -> Google Inc.)
Task: {E4ADD619-A4F2-45B0-8CD2-8DF8C971400A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {FFF2C5C5-6B98-4A10-A561-B18D98F73FBF} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30244056 2019-04-10] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
Task: C:\Windows\Tasks\WinASORegistryOptimizerForDanica.job => C:\Program Files (x86)\WinASO\Registry Optimizer 4.0\RegOpt.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 secure.tune-up.com
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{A10C2104-F2DE-4AAA-AA41-1F8916A922BE}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{BF8E6D5A-A227-42DC-BBC2-1E48544133F3}: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{EF0F8BAB-DCB1-48C0-B574-983445226713}: [NameServer] 100.120.128.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {2E2AE52D-B746-4D5A-8D87-040FF26DA1AD} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {37FE3127-D331-432F-BA62-C6FA353ED829} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {474B5B48-C606-45D6-85BD-240F1DC1BC5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {4A0FE769-7C54-4C0A-B4AB-3E525FB2DCB1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {4AC592D3-7BCD-4DC1-8B44-C589D17B7A37} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {BB2D0F1E-B329-4EC6-9E6D-7AFE0321B394} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {E179443E-DC27-473B-A279-C9C8091DC7B4} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {F41CD5ED-2BB8-4D58-9A8C-3B826C405379} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {F8D14E72-77A1-4FB6-AAEE-BB4FB3AAC7CA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454

FireFox:
========
FF DefaultProfile: 8qyzod9n.default-1549969440949
FF ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949 [2019-10-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-13] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-13] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-11-18] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-07] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-07] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: google.com/WidevineMediaOptimizer -> C:\Users\Danica\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Widevine Technologies -> Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.denik.cz/krimi/vysetrovani-tragedie ... ount/Index"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default [2019-10-13]
CHR DownloadDir: C:\Users\Danica\Desktop
CHR Extension: (Prezentace) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Facebook) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-11-24]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Tabulky) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Hodiny) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-11-24]
CHR Extension: (Chuck Anderson) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp [2017-07-14]
CHR Extension: (Avast Online Security) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-17]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-09-25]
CHR Extension: (Netpanel) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbidbgoheiddfilfipcobicemncfogno [2019-09-20]
CHR Extension: (Blogger) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2015-11-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Picasa) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-11-24]
CHR Extension: (Gmail) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-21]
CHR Profile: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-12] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [343016 2018-09-13] (Intel Corporation -> Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [7449992 2019-08-07] (AVAST Software s.r.o. -> AVAST Software)
R2 TeamViewer; C:\Users\Danica\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe [9569112 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH) <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-11-22] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2019-01-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [552848 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-09-30] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation -> Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [40448 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180264 2016-02-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2253112 2015-09-28] (MEDIATEK INC. -> MediaTek Inc.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2019-10-13] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-13 08:57 - 2019-10-13 08:58 - 000025661 _____ C:\Users\Danica\Desktop\FRST.txt
2019-10-13 08:57 - 2019-10-13 08:57 - 000000000 ____D C:\Users\Danica\Desktop\FRST-OlderVersion
2019-10-13 08:35 - 2019-10-13 08:35 - 007622344 _____ (Malwarebytes) C:\Users\Danica\Desktop\adwcleaner_7.4.1.exe
2019-10-12 20:49 - 2019-10-07 08:49 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-10-12 20:49 - 2019-10-07 07:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-10-12 20:49 - 2019-10-06 06:12 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-10-12 20:49 - 2019-10-06 06:00 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-10-12 20:49 - 2019-10-06 06:00 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-10-12 20:49 - 2019-10-06 05:49 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-10-12 20:49 - 2019-10-06 05:48 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-10-12 20:49 - 2019-10-06 05:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-10-12 20:49 - 2019-10-06 05:47 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-10-12 20:49 - 2019-10-06 05:47 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-10-12 20:49 - 2019-10-06 05:46 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-10-12 20:49 - 2019-10-06 05:41 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-10-12 20:49 - 2019-10-06 05:40 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-10-12 20:49 - 2019-10-06 05:38 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-10-12 20:49 - 2019-10-06 05:37 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-10-12 20:49 - 2019-10-06 05:37 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-10-12 20:49 - 2019-10-06 05:36 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-10-12 20:49 - 2019-10-06 05:36 - 000797696 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-10-12 20:49 - 2019-10-06 05:34 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-10-12 20:49 - 2019-10-06 05:32 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-10-12 20:49 - 2019-10-06 05:31 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-10-12 20:49 - 2019-10-06 05:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-10-12 20:49 - 2019-10-06 05:28 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-10-12 20:49 - 2019-10-06 05:23 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-10-12 20:49 - 2019-10-06 05:22 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-10-12 20:49 - 2019-10-06 05:22 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-10-12 20:49 - 2019-10-06 05:19 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-10-12 20:49 - 2019-10-06 05:19 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-10-12 20:49 - 2019-10-06 05:18 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-10-12 20:49 - 2019-10-06 05:18 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-10-12 20:49 - 2019-10-06 05:17 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-10-12 20:49 - 2019-10-06 05:17 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-10-12 20:49 - 2019-10-06 05:17 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-10-12 20:49 - 2019-10-06 05:16 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-10-12 20:49 - 2019-10-06 05:16 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-10-12 20:49 - 2019-10-06 05:15 - 002302464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-10-12 20:49 - 2019-10-06 05:12 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-10-12 20:49 - 2019-10-06 05:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-10-12 20:49 - 2019-10-06 05:11 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-10-12 20:49 - 2019-10-06 05:10 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-10-12 20:49 - 2019-10-06 05:10 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-10-12 20:49 - 2019-10-06 05:10 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-10-12 20:49 - 2019-10-06 05:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-10-12 20:49 - 2019-10-06 05:05 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-10-12 20:49 - 2019-10-06 05:05 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-10-12 20:49 - 2019-10-06 05:03 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-10-12 20:49 - 2019-10-06 05:03 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-10-12 20:49 - 2019-10-06 05:03 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-10-12 20:49 - 2019-10-06 05:00 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-10-12 20:49 - 2019-10-06 05:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-10-12 20:49 - 2019-10-06 04:59 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-10-12 20:49 - 2019-10-06 04:58 - 015413760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-10-12 20:49 - 2019-10-06 04:57 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-10-12 20:49 - 2019-10-06 04:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-10-12 20:49 - 2019-10-06 04:56 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-10-12 20:49 - 2019-10-06 04:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-10-12 20:49 - 2019-10-06 04:55 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-10-12 20:49 - 2019-10-06 04:53 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-10-12 20:49 - 2019-10-06 04:50 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-10-12 20:49 - 2019-10-06 04:49 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-10-12 20:49 - 2019-10-06 04:48 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-10-12 20:49 - 2019-10-06 04:48 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-10-12 20:49 - 2019-10-06 04:45 - 013808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-10-12 20:49 - 2019-10-06 04:45 - 001566208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-10-12 20:49 - 2019-10-06 04:35 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-10-12 20:49 - 2019-10-06 04:34 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-10-12 20:49 - 2019-10-06 04:32 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-10-12 20:49 - 2019-10-06 04:30 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-10-12 20:49 - 2019-09-19 06:27 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2019-10-12 20:49 - 2019-09-17 04:32 - 004060896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-10-12 20:49 - 2019-09-17 04:32 - 003966688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-10-12 20:49 - 2019-09-17 04:32 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-10-12 20:49 - 2019-09-17 04:32 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-10-12 20:49 - 2019-09-17 04:31 - 005552864 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-10-12 20:49 - 2019-09-17 04:31 - 001319496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-10-12 20:49 - 2019-09-17 04:31 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-10-12 20:49 - 2019-09-17 04:31 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-10-12 20:49 - 2019-09-17 04:31 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-10-12 20:49 - 2019-09-17 04:30 - 001670784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 04:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-10-12 20:49 - 2019-09-17 04:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-10-12 20:49 - 2019-09-17 04:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-10-12 20:49 - 2019-09-17 04:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-10-12 20:49 - 2019-09-17 04:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-10-12 20:49 - 2019-09-17 03:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-10-12 20:49 - 2019-09-17 03:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-10-12 20:49 - 2019-09-17 03:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-10-12 20:49 - 2019-09-17 03:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-10-12 20:49 - 2019-09-17 03:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-10-12 20:49 - 2019-09-17 03:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-10-12 20:49 - 2019-09-17 03:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 03:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 03:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 03:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-10-12 20:49 - 2019-09-17 03:56 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-10-12 20:49 - 2019-09-17 03:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-10-12 20:49 - 2019-09-17 03:55 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-10-12 20:49 - 2019-09-17 03:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-10-12 20:49 - 2019-09-17 03:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-10-12 20:49 - 2019-09-17 03:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-10-12 20:49 - 2019-09-17 03:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-10-12 20:49 - 2019-09-17 03:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-10-12 20:49 - 2019-09-17 03:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-10-12 20:49 - 2019-09-17 03:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-10-12 20:49 - 2019-09-17 03:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-10-12 20:49 - 2019-09-17 03:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-10-12 20:49 - 2019-09-17 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-10-12 20:49 - 2019-09-17 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-10-12 20:49 - 2019-09-17 03:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-10-12 20:49 - 2019-09-17 03:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-10-12 20:49 - 2019-09-17 02:13 - 000455392 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-10-12 20:49 - 2019-09-11 06:56 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-10-12 20:49 - 2019-09-11 06:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-10-12 20:49 - 2019-09-10 04:27 - 000383488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-10-12 20:49 - 2019-09-10 04:27 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-10-12 20:49 - 2019-09-10 04:27 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-10-12 20:49 - 2019-09-10 04:24 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-10-12 20:49 - 2019-09-10 04:24 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-10-12 20:49 - 2019-09-10 04:24 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-10-12 20:49 - 2019-09-10 04:24 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-10-12 20:49 - 2019-09-10 04:24 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-10-12 20:49 - 2019-09-10 04:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-10-12 20:49 - 2019-09-10 04:02 - 006135296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-10-12 20:49 - 2019-09-10 04:00 - 000361472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-10-12 20:49 - 2019-09-10 04:00 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-10-12 20:49 - 2019-09-10 04:00 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-10-12 20:49 - 2019-09-10 04:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-10-12 20:49 - 2019-09-10 04:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-10-12 20:49 - 2019-09-10 03:54 - 003231744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-10-12 20:49 - 2019-09-10 03:53 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-10-12 20:49 - 2019-09-10 03:53 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-10-12 20:49 - 2019-09-10 03:53 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-10-12 20:49 - 2019-09-10 03:53 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-10-12 20:49 - 2019-09-10 03:52 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2019-10-12 20:49 - 2019-09-10 03:49 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-10-12 20:49 - 2019-09-10 02:09 - 007082496 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-10-12 20:49 - 2019-09-10 02:09 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-10-12 20:45 - 2019-10-13 00:55 - 000000530 _____ C:\Windows\Tasks\WinASORegistryOptimizerForDanica.job
2019-10-12 20:45 - 2019-10-12 23:06 - 000003260 _____ C:\Windows\system32\Tasks\WinASORegistryOptimizerForDanica
2019-10-12 20:37 - 2019-10-12 20:37 - 000002003 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2019-10-12 20:37 - 2019-10-12 20:37 - 000002003 _____ C:\ProgramData\Desktop\Avast Premium Security.lnk
2019-10-12 20:36 - 2019-09-30 16:07 - 000355720 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-10-12 20:26 - 2019-10-12 20:26 - 000001210 _____ C:\Users\Danica\Desktop\WinASO Registry Optimizer.lnk
2019-10-12 20:26 - 2019-10-12 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinASO
2019-10-12 20:26 - 2019-10-12 20:26 - 000000000 ____D C:\Program Files (x86)\WinASO
2019-10-12 19:49 - 2019-10-12 19:49 - 000064376 _____ C:\Windows\ntbtlog.txt
2019-10-09 11:26 - 2019-10-09 11:26 - 000784999 _____ C:\Users\Danica\Desktop\Manual_V650CZSKDE170811-1504866674.pdf
2019-10-08 07:40 - 2019-10-12 23:06 - 000003566 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA
2019-10-08 07:40 - 2019-10-12 23:06 - 000003294 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core
2019-10-07 23:28 - 2019-10-12 23:05 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-07 23:28 - 2019-10-12 23:05 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-06 09:10 - 2019-10-13 00:54 - 000402736 _____ C:\Windows\system32\FNTCACHE.DAT
2019-10-04 17:34 - 2019-09-12 05:53 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-10-04 17:34 - 2019-09-12 05:52 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-10-04 17:34 - 2019-09-12 05:52 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-10-04 17:34 - 2019-09-12 05:44 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-10-04 17:34 - 2019-09-12 05:44 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-10-04 17:34 - 2019-09-12 05:44 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-10-04 17:34 - 2019-09-12 05:44 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-10-04 17:34 - 2019-09-12 05:44 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-10-04 17:34 - 2019-09-12 05:24 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-10-01 15:48 - 2019-10-01 15:48 - 000000017 _____ C:\Users\Danica\AppData\Local\resmon.resmoncfg
2019-09-30 16:07 - 2019-09-30 16:07 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-09-30 16:07 - 2019-09-30 16:07 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-13 08:57 - 2019-03-26 10:30 - 001616384 _____ (Farbar) C:\Users\Danica\Desktop\FRST64.exe
2019-10-13 08:57 - 2019-03-26 10:30 - 000000000 ____D C:\FRST
2019-10-13 08:48 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-13 08:48 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-13 08:46 - 2019-01-19 10:38 - 000004194 _____ C:\Windows\system32\Tasks\Avast Cleanup Update
2019-10-13 08:41 - 2018-02-11 18:54 - 000002912 _____ C:\Windows\system32\Tasks\Avast Driver Updater Startup
2019-10-13 08:41 - 2018-02-11 18:54 - 000000484 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job
2019-10-13 08:41 - 2015-11-22 14:26 - 000000000 __SHD C:\Users\Danica\IntelGraphicsProfiles
2019-10-13 08:39 - 2017-10-04 15:33 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2019-10-13 08:38 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-13 08:26 - 2011-04-12 10:34 - 000669596 _____ C:\Windows\system32\perfh005.dat
2019-10-13 08:26 - 2011-04-12 10:34 - 000141754 _____ C:\Windows\system32\perfc005.dat
2019-10-13 08:26 - 2009-07-14 07:13 - 001586720 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-13 08:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-10-13 01:01 - 2018-03-13 22:00 - 000004532 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-13 01:01 - 2015-11-28 14:16 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-10-13 01:01 - 2015-11-28 14:16 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-10-13 01:01 - 2015-11-28 14:16 - 000004398 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-13 01:01 - 2015-11-28 14:16 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-13 01:01 - 2015-11-28 14:16 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-13 00:52 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-10-12 23:06 - 2019-01-30 10:04 - 000004072 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1548835486
2019-10-12 23:06 - 2015-12-03 17:08 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2019-10-12 20:56 - 2015-11-22 11:20 - 001561434 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-10-12 20:55 - 2015-11-22 17:14 - 000000000 ____D C:\Windows\system32\MRT
2019-10-12 20:51 - 2015-11-22 17:13 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-12 20:38 - 2017-03-12 10:36 - 000000000 ____D C:\Users\Danica\AppData\Local\AVAST Software
2019-10-12 20:37 - 2017-03-11 09:09 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-10-12 20:36 - 2019-07-13 12:59 - 000000000 ____D C:\Users\Danica\AppData\Roaming\TeamViewer
2019-10-12 20:32 - 2015-11-22 10:18 - 000000000 ____D C:\Users\Danica
2019-10-12 20:24 - 2018-02-11 19:30 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-10-12 20:24 - 2018-02-11 19:30 - 000000000 ____D C:\Windows\system32\RTCOM
2019-10-12 20:24 - 2015-12-11 21:21 - 000000000 ____D C:\Windows\SysWOW64\Adobe
2019-10-12 20:24 - 2015-11-24 19:37 - 000000000 ____D C:\Windows\Album
2019-10-12 20:24 - 2015-11-24 19:35 - 000000000 ____D C:\Windows\PixArt
2019-10-12 20:24 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-10-12 20:24 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\Offline Web Pages
2019-10-12 20:24 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2019-10-12 20:24 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2019-10-12 20:24 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar
2019-10-12 20:24 - 2009-07-14 07:09 - 000000000 ____D C:\Windows\system32\Tasks\WPD
2019-10-12 20:24 - 2009-07-14 06:45 - 000000000 ____D C:\Windows\Setup
2019-10-12 20:24 - 2009-07-14 05:20 - 000000000 __RSD C:\Windows\Media
2019-10-12 20:24 - 2009-07-14 05:20 - 000000000 __RHD C:\Users\Public\Libraries
2019-10-12 20:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\TAPI
2019-10-12 20:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-10-12 20:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Msdtc
2019-10-12 20:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\security
2019-10-12 20:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-10-12 20:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\AppCompat
2019-10-12 20:23 - 2019-05-23 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
2019-10-12 20:23 - 2019-03-24 11:48 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2
2019-10-12 20:23 - 2019-03-17 11:50 - 000000000 ____D C:\Users\Danica\AppData\Local\{CD6EFB32-E9C6-978A-845E-B262A0364EFA}
2019-10-12 20:23 - 2018-09-23 23:41 - 000000000 ____D C:\d108b5620015b01cd37c
2019-10-12 20:23 - 2018-05-20 21:09 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
2019-10-12 20:23 - 2018-02-11 19:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-10-12 20:23 - 2017-12-07 00:05 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2019-10-12 20:23 - 2017-10-03 12:22 - 000000000 ____D C:\Users\Danica\AppData\Roaming\dvdcss
2019-10-12 20:23 - 2017-03-15 19:45 - 000000000 ___RD C:\Program Files (x86)\Skype
2019-10-12 20:23 - 2016-11-29 20:34 - 000000000 ____D C:\AdwCleaner
2019-10-12 20:23 - 2016-11-29 16:35 - 000000000 ____D C:\Program Files\trend micro
2019-10-12 20:23 - 2016-10-11 13:55 - 000000000 ____D C:\Users\Danica\Desktop\Documents\Nufsoft
2019-10-12 20:23 - 2016-10-11 13:55 - 000000000 ____D C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nufsoft
2019-10-12 20:23 - 2016-04-14 18:59 - 000000000 ____D C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections
2019-10-12 20:23 - 2016-04-14 18:59 - 000000000 ____D C:\Program Files (x86)\Sqirlz Water Reflections
2019-10-12 20:23 - 2016-03-31 16:25 - 000000000 ____D C:\Users\Danica\AppData\Roaming\IDM
2019-10-12 20:23 - 2016-01-28 11:23 - 000000000 ___HD C:\ProgramData\CanonIJEGV
2019-10-12 20:23 - 2016-01-28 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP250 series Manual
2019-10-12 20:23 - 2016-01-28 10:12 - 000000000 ___RD C:\Users\Danica\Desktop\Documents\Scanned Documents
2019-10-12 20:23 - 2015-12-16 15:08 - 000000000 ____D C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2019-10-12 20:23 - 2015-11-24 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2019-10-12 20:23 - 2015-11-24 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebMate
2019-10-12 20:23 - 2015-11-24 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Look 110
2019-10-12 20:23 - 2015-11-24 18:26 - 000000000 ____D C:\Users\Danica\AppData\Roaming\Skype
2019-10-12 20:23 - 2015-11-24 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner GIF Animator 5
2019-10-12 20:23 - 2015-11-24 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-10-12 20:23 - 2015-11-24 16:24 - 000000000 ____D C:\Users\Danica\AppData\Roaming\PhotoFiltre Studio X
2019-10-12 20:23 - 2015-11-24 16:20 - 000000000 ____D C:\Program Files\PhotoFiltre Studio X
2019-10-12 20:23 - 2015-11-24 15:39 - 000000000 ___RD C:\Users\Danica\Desktop\Fotografie
2019-10-12 20:23 - 2015-11-24 13:32 - 000000000 ____D C:\Users\Danica\Desktop\Formats
2019-10-12 20:23 - 2015-11-24 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP250 series
2019-10-12 20:23 - 2015-11-22 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2019-10-12 20:23 - 2015-11-22 19:12 - 000000000 ____D C:\ProgramData\Ashampoo
2019-10-12 20:23 - 2015-11-22 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-10-12 20:23 - 2015-11-22 11:29 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-10-12 20:23 - 2015-11-22 11:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-10-12 20:23 - 2015-11-22 11:13 - 000000000 ____D C:\Program Files\Intel
2019-10-12 20:23 - 2015-11-22 10:44 - 000000000 ____D C:\Users\Danica\Servis
2019-10-12 20:23 - 2015-11-22 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-10-12 20:23 - 2015-11-22 10:33 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2019-10-12 20:23 - 2015-11-22 10:32 - 000000000 ____D C:\Users\Danica\AppData\Roaming\vlc
2019-10-12 20:23 - 2015-11-22 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-10-12 20:23 - 2015-11-22 10:31 - 000000000 ____D C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 20:23 - 2015-11-22 10:31 - 000000000 ____D C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2019-10-12 20:23 - 2015-11-22 10:31 - 000000000 ____D C:\Users\Danica\AppData\Roaming\GHISLER
2019-10-12 20:23 - 2015-11-22 10:31 - 000000000 ____D C:\totalcmd
2019-10-12 20:23 - 2015-11-22 10:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-12 20:23 - 2015-11-22 10:31 - 000000000 ____D C:\Program Files\WinRAR
2019-10-12 20:23 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\Microsoft Games
2019-10-12 20:23 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-10-12 20:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2019-10-12 20:11 - 2015-11-22 10:44 - 000000000 ____D C:\Users\Danica\AppData\Roaming\Adobe
2019-10-07 23:28 - 2015-11-22 10:34 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-07 11:48 - 2015-11-25 20:14 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-10-06 09:12 - 2018-12-10 08:47 - 000000000 ____D C:\Users\Danica\Desktop\SpiderEma-gify
2019-10-01 08:06 - 2009-07-14 05:20 - 000000000 ____D C:\PerfLogs
2019-09-30 16:08 - 2015-11-24 14:06 - 000848432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-09-30 16:08 - 2015-11-24 14:06 - 000460448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-09-30 16:07 - 2019-02-13 09:16 - 000552848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-09-30 16:07 - 2019-01-14 17:47 - 000274456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-09-30 16:07 - 2019-01-06 21:08 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-09-30 16:07 - 2019-01-06 21:08 - 000065120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-09-30 16:07 - 2018-10-10 08:51 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-09-30 16:07 - 2017-11-09 19:04 - 000204824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-09-30 16:07 - 2015-11-24 14:06 - 000316528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-09-30 16:07 - 2015-11-24 14:06 - 000110320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-09-30 16:07 - 2015-11-24 14:06 - 000083792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-09-21 11:08 - 2015-11-22 10:44 - 000000000 ____D C:\Users\Danica\AppData\Local\Adobe
2019-09-21 11:07 - 2017-05-25 18:35 - 000004546 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-09-20 07:51 - 2009-07-14 07:08 - 000032552 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-09-19 22:56 - 2017-08-13 21:07 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-14 21:12 - 2015-11-24 15:38 - 000000000 ____D C:\Users\Danica\Desktop\obrazky-web

==================== Files in the root of some directories ================

2019-10-01 15:48 - 2019-10-01 15:48 - 000000017 _____ () C:\Users\Danica\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-10-10 20:08
==================== End of FRST.txt ============================
Děkuji!
Danica Tomášková

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#9 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    
    Task: {1456DFBE-B516-4CC7-AED1-18B6A97BE9B7} - \{6844231F-4E00-4E57-B7C4-46BFD7E7ACB2} -> No File <==== ATTENTION
    Task: {5AFD99EB-A334-48B3-B15F-8F21C3D22CBB} - \{988FC987-1A6B-4AE6-B321-7940859FF519} -> No File <==== ATTENTION
    CHR StartupUrls: Default -> "hxxp://www.denik.cz/krimi/vysetrovani-tragedie-pilot-pred-osudovym-padem-zrejme-zariskoval-20170824.html","hxxps://www.facebook.com/groups/701399133346992/","hxxps://voyo.nova.cz/product/serialy/44163-kriminalka-andel-iv-14-dil-slecna-smrt","hxxps://my.upc.cz/MyAccount/Index"
    R2 TeamViewer; C:\Users\Danica\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe [9569112 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH) <==== ATTENTION
    CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#10 Příspěvek od danatoma »

Je to tohle?

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by Danica (13-10-2019 22:35:46) Run:3
Running from C:\Users\Danica\Desktop
Loaded Profiles: Danica (Available Profiles: Danica)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

Task: {1456DFBE-B516-4CC7-AED1-18B6A97BE9B7} - \{6844231F-4E00-4E57-B7C4-46BFD7E7ACB2} -> No File <==== ATTENTION
Task: {5AFD99EB-A334-48B3-B15F-8F21C3D22CBB} - \{988FC987-1A6B-4AE6-B321-7940859FF519} -> No File <==== ATTENTION
CHR StartupUrls: Default -> "hxxp://www.denik.cz/krimi/vysetrovani-tragedie ... ount/Index"
R2 TeamViewer; C:\Users\Danica\AppData\Local\Temp\TeamViewer\TeamViewer_Service.exe [9569112 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 15313
Average :
Sum : 8726958896
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1456DFBE-B516-4CC7-AED1-18B6A97BE9B7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1456DFBE-B516-4CC7-AED1-18B6A97BE9B7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6844231F-4E00-4E57-B7C4-46BFD7E7ACB2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AFD99EB-A334-48B3-B15F-8F21C3D22CBB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AFD99EB-A334-48B3-B15F-8F21C3D22CBB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{988FC987-1A6B-4AE6-B321-7940859FF519}" => removed successfully
"Chrome StartupUrls" => removed successfully
HKLM\System\CurrentControlSet\Services\TeamViewer => removed successfully
TeamViewer => service removed successfully
HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8036546 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 51071665 B
Edge => 0 B
Chrome => 432676752 B
Firefox => 43746192 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Danica => 102873185 B

RecycleBin => 169636 B
EmptyTemp: => 617 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:36:36 ====
Děkuji!
Danica Tomášková

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15195
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o preventivku

#11 Příspěvek od JaRon »

Ahoj,
pokial sa objavi kolega mozes poupratovat plochu - 8GB je privela, postaci do 1GB :)
dalej s nim
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#12 Příspěvek od Conder »

OK, odporucam poupratovat plochu (presunut subory napr. do dokumentov a na ploche nechat iba odkazy/zastupcov).

Ako to momentalne vyzera s PC?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#13 Příspěvek od danatoma »

Děkuji, PC je v pořádku. Plochu uklidím - já vím, že tam mám spoustu věcí, které jsem tam natahala jen proto, že jsem líná hledat v dokumentech. Polepším se.
Ještě jednou veliký dík :wub:
Děkuji!
Danica Tomášková

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku

#14 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

danatoma
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 349
Registrován: 14 úno 2008 20:05
Bydliště: Praha
Kontaktovat uživatele:

Re: Prosím o preventivku

#15 Příspěvek od danatoma »

# DelFix v1.013 - Logfile created 15/10/2019 at 16:31:43
# Updated 17/04/2016 by Xplode
# Username : Danica - DANICA-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTM
Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Danica\Desktop\adwcleaner_7.4.1.exe
Deleted : C:\Users\Danica\Desktop\FRST64.exe
Deleted : C:\Users\Danica\Desktop\OTM.exe
Deleted : C:\Users\Danica\Desktop\RSITx64.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########
Děkuji!
Danica Tomášková

Zamčeno