Dobrý den, posílam logy ntb je pomalejší než obvykle. Děkuji
Log zde:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.02.2019 02
Ran by gosse (administrator) on LAPTOP-BDPBB4VM (24-02-2019 09:48:21)
Running from C:\Users\gosse\Desktop
Loaded Profiles: gosse (Available Profiles: gosse)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\System32\dolbyaposvc\DAX3API.exe
(Fortemedia) C:\Windows\System32\FMService64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_adfc895a03788015\IntelCpHDCPSvc.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_adfc895a03788015\IntelCpHeciSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(BitTorrent Inc.) C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe
(Lenovo(beijing) Limited) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.50.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(BitTorrent Inc.) C:\Users\gosse\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera_crashreporter.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(BitTorrent Inc.) C:\Users\gosse\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(SweetLabs, Inc) C:\Users\gosse\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Intel Corporation) C:\Windows\System32\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [776240 2018-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\Run: [BitTorrent] => C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe [1744064 2019-01-26] (BitTorrent Inc -> BitTorrent Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat [2018-01-07] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 91.103.164.5 91.103.164.10
Tcpip\..\Interfaces\{02033c52-972b-4f80-9a9f-d4ce0a20c0d2}: [DhcpNameServer] 91.103.164.5 91.103.164.10
Tcpip\..\Interfaces\{4bc72028-14fa-4c7b-ae3b-78b4832286d5}: [DhcpNameServer] 150.212.1.2
Internet Explorer:
==================
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__181122
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-2104316510-2255408751-1019769746-1002 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181122&q={searchTerms}
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [414720 2017-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602544 2018-09-27] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [286656 2018-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71336 2019-01-07] (Lenovo -> Lenovo Group Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\iCLS\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\TXE Components\iCLS\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\WINDOWS\System32\jhi_service.exe [576560 2018-06-05] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [776240 2018-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [352808 2018-04-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-11-21] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [65472 2017-12-06] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [115864 2017-10-14] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2329480 2017-12-22] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1026896 2018-01-25] (Realtek Semiconductor Corp. -> Realtek )
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [48168 2018-04-12] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [61480 2018-04-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-24 09:48 - 2019-02-24 09:49 - 000012009 _____ C:\Users\gosse\Desktop\FRST.txt
2019-02-24 09:47 - 2019-02-24 09:48 - 000000000 ____D C:\FRST
2019-02-24 09:45 - 2019-02-24 09:46 - 002435072 _____ (Farbar) C:\Users\gosse\Desktop\FRST64.exe
2019-02-23 15:44 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-02-23 15:39 - 2019-02-23 16:16 - 3964550681 _____ C:\Users\gosse\Downloads\The.Grand.Tour.S03E02.Colombia.Special.Part.1.1080p.AMZN.WEB-DL.DD+5.1.H.264-QOQ.mkv
2019-02-23 15:36 - 2019-02-23 20:04 - 000000000 ____D C:\Users\gosse\AppData\LocalLow\BitTorrent
2019-02-23 13:55 - 2019-02-23 13:55 - 000074582 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E05(0000308804).srt
2019-02-23 13:53 - 2019-02-23 13:53 - 000084418 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E04(0000308454).srt
2019-02-23 13:52 - 2019-02-23 13:52 - 000076561 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E03(0000308646).srt
2019-02-23 13:51 - 2019-02-23 13:51 - 000070081 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E02(0000308084).srt
2019-02-23 13:45 - 2019-02-23 13:45 - 000086081 _____ C:\Users\gosse\Downloads\The.Grand.Tour.S03E01.cz.srt
2019-02-23 13:24 - 2019-02-23 14:04 - 3814270826 _____ C:\Users\gosse\Downloads\SapphicErotica.18.10.26.Lady.Dee.And.Luna.Corazon.XXX.1080p.MP4-KTR.mp4
2019-02-21 19:52 - 2019-02-21 20:22 - 2866933491 _____ C:\Users\gosse\Downloads\20100311_4621_btaw_kortney_kane.wmv
2019-02-21 19:07 - 2019-02-21 19:39 - 3482281046 _____ C:\Users\gosse\Downloads\lubed.17.02.21.lena.anderson.all.oiled.up.mp4
2019-02-21 18:29 - 2019-02-21 18:29 - 000036577 _____ C:\Users\gosse\Downloads\t1421864.torrent
2019-02-20 20:31 - 2019-02-20 20:45 - 1388806365 _____ C:\Users\gosse\Downloads\JENNA HAZE - Just Jenna 2 - Scene 9 (couple, anal, very nice) 720p.mp4
2019-02-17 18:40 - 2019-02-17 18:57 - 1460974395 _____ C:\Users\gosse\Downloads\Abella Anderson - ap9706-1080p.mp4
2019-02-16 08:15 - 2019-02-16 08:54 - 4050731941 _____ C:\Users\gosse\Downloads\Megan Rain - anal.mp4
2019-02-16 07:08 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-16 07:08 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-16 07:07 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-16 07:07 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-16 07:07 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-16 07:07 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-16 07:07 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-16 07:07 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-16 07:07 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-16 07:07 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-16 07:07 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-16 07:07 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-16 07:07 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-16 07:07 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-16 07:07 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-16 07:07 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-16 07:07 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-16 07:07 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-16 07:07 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-16 07:07 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-16 07:07 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-16 07:07 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-16 07:07 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-16 07:07 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-16 07:07 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-16 07:07 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-16 07:07 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-16 07:07 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-16 07:07 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-16 07:07 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-16 07:07 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-16 07:07 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-16 07:07 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-16 07:07 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-16 07:07 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-16 07:07 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-16 07:07 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-16 07:07 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-16 07:07 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-16 07:07 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-16 07:07 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-16 07:07 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-16 07:07 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-16 07:07 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-16 07:07 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-16 07:07 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-16 07:07 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-16 07:07 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-16 07:07 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-16 07:07 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-16 07:07 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-16 07:07 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-16 07:07 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-16 07:07 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-16 07:07 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-16 07:07 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-16 07:07 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-16 07:07 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-16 07:07 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-16 07:07 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-16 07:07 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-16 07:07 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-16 07:07 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-16 07:07 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-16 07:07 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-16 07:07 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-16 07:07 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-16 07:07 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-16 07:07 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-16 07:07 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-16 07:07 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-16 07:07 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-16 07:07 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-16 07:07 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-16 07:07 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-16 07:07 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-16 07:07 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-16 07:07 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-16 07:07 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-16 07:07 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-16 07:07 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-16 07:07 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-16 07:07 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-16 07:07 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-16 07:07 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-16 07:07 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-16 07:07 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-16 07:07 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-16 07:07 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-16 07:07 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-16 07:07 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-16 07:07 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-16 07:07 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-16 07:07 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-16 07:07 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-16 07:07 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-16 07:07 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-16 07:06 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-16 07:06 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-16 07:06 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-16 07:06 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-16 07:06 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-16 07:06 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-16 07:06 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-16 07:06 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-16 07:06 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-16 07:06 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-16 07:06 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-16 07:06 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-16 07:06 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-16 07:06 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-16 07:06 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-16 07:06 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-16 07:06 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-16 07:06 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-16 07:06 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-16 07:06 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-16 07:06 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-16 07:06 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-16 07:06 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-16 07:06 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-14 17:18 - 2019-02-14 18:06 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E04.The.Hour.and.the.Day.1080p.AMZN.WEB-DL.DDP5.1.H.264-NTb
2019-02-14 17:18 - 2019-02-14 17:18 - 000093670 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E04_The_Hour_and_the_Day_WebRip_1080p_.torrent
2019-02-13 14:49 - 2019-02-13 14:49 - 000249672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-02-10 18:38 - 2019-02-10 19:32 - 436428966 _____ C:\Users\gosse\Downloads\NHL-2019.01.04_NSH@DET_FS-D_720pier.mkv
2019-02-10 08:41 - 2018-12-21 08:33 - 000000000 ____D C:\Users\gosse\Desktop\Young Scooter - The Recipe
2019-02-10 08:41 - 2018-11-29 17:13 - 000000000 ____D C:\Users\gosse\Desktop\Nicki Minaj - Essentials (Mp3 320kbps Quality Songs) [PMEDIA]
2019-02-10 08:39 - 2019-02-10 08:41 - 000000000 ____D C:\Users\gosse\Desktop\Dreezy - Big Dreez (2019)
2019-02-10 08:24 - 2019-02-10 08:41 - 1724306892 _____ C:\Users\gosse\Downloads\24 hodin Le Mans 2016 - part 5%2F20.mp4
2019-02-10 07:30 - 2019-02-10 07:30 - 000011468 _____ C:\Users\gosse\Downloads\t1017411.torrent
2019-02-10 06:13 - 2019-02-10 06:34 - 2175642015 _____ C:\Users\gosse\Downloads\ktr.nubilef.12.09.14.celeste.star.elle.alexandra.and.malena.morgan.wake.with.me.mp4
2019-02-08 17:35 - 2019-02-08 17:35 - 000017450 _____ C:\Users\gosse\Downloads\t1711105.torrent
2019-02-08 17:31 - 2019-02-08 17:31 - 000020098 _____ C:\Users\gosse\Downloads\t1607368.torrent
2019-02-08 17:15 - 2019-02-08 17:15 - 000017965 _____ C:\Users\gosse\Downloads\t1779005.torrent
2019-02-07 17:15 - 2019-02-07 17:41 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E03.The.Big.Never.1080p.AMZN.WEB-DL.DDP5.1.H.264-NTb
2019-02-07 17:15 - 2019-02-07 17:15 - 000068041 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E03_The_Big_Never_WebRip_1080p_.torrent
2019-02-07 17:05 - 2019-02-07 17:07 - 000000000 ____D C:\Program Files (x86)\MonitorDriver
2019-02-07 17:05 - 2019-02-07 17:05 - 000001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2019-02-07 17:05 - 2019-02-07 17:05 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-07 16:42 - 2019-02-07 16:42 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-02-07 16:41 - 2019-02-07 16:47 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E02.Kiss.Tomorrow.Goodbye.1080p.AMZN.WEBRip.DDP5.1.x264-NTb
2019-02-07 16:41 - 2019-02-07 16:41 - 000059926 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E02_Kiss_Tomorrow_Goodbye_WebRip_1080p_.torrent
2019-02-06 16:55 - 2019-02-06 17:17 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E01.The.Great.War.and.Modern.Memory.1080p.AMZN.WEBRip.DDP5.1.x264-NTb
2019-02-06 16:54 - 2019-02-06 16:54 - 000067756 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E01_The_Great_War_and_Modern_Memory_WebRip_1080p_.torrent
2019-02-06 16:49 - 2019-02-06 16:49 - 000084909 _____ C:\Users\gosse\Downloads\True.Detective.S03E01.1080p.WEB.H264-METCON[rartv]-[rarbg.to].torrent
2019-02-05 17:11 - 2019-02-05 17:11 - 000011338 _____ C:\Users\gosse\Downloads\t1783248.torrent
2019-01-30 19:32 - 2019-01-18 16:17 - 000000000 ____D C:\Users\gosse\Desktop\Future - Future Hndrxx Presents - The WIZRD (2019) [320]
2019-01-26 17:00 - 2019-01-07 18:38 - 000205992 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2019-01-26 17:00 - 2019-01-07 18:38 - 000130216 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2019-01-26 17:00 - 2019-01-07 18:38 - 000097448 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2019-01-26 17:00 - 2019-01-07 18:38 - 000043688 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-24 09:50 - 2018-11-22 16:48 - 000000000 ____D C:\Users\gosse\AppData\Roaming\BitTorrent
2019-02-24 09:40 - 2018-11-22 16:40 - 000000000 ____D C:\Users\gosse\Downloads\xxx
2019-02-24 09:36 - 2018-11-21 17:38 - 000000000 ____D C:\Users\gosse\AppData\Local\Host App Service
2019-02-24 09:35 - 2018-11-22 15:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-24 09:35 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-23 20:09 - 2018-11-22 15:23 - 001601516 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-23 20:09 - 2018-04-12 16:50 - 000681858 _____ C:\WINDOWS\system32\perfh005.dat
2019-02-23 20:09 - 2018-04-12 16:50 - 000136754 _____ C:\WINDOWS\system32\perfc005.dat
2019-02-23 20:09 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-23 20:02 - 2018-11-22 15:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-23 20:01 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-23 19:09 - 2018-12-15 23:27 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-02-23 19:09 - 2018-12-15 23:27 - 000002238 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-23 19:09 - 2018-12-15 05:52 - 000002310 _____ C:\WINDOWS\System32\Tasks\RtkAudUService64_BG
2019-02-23 19:09 - 2018-11-22 16:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-02-23 19:09 - 2018-11-22 15:27 - 000003514 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1542818868
2019-02-23 19:09 - 2018-11-22 15:27 - 000003492 _____ C:\WINDOWS\System32\Tasks\LenovoUtility Task
2019-02-23 19:09 - 2018-11-22 15:27 - 000003134 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-02-23 19:09 - 2018-11-22 15:27 - 000002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2019-02-23 19:09 - 2018-11-22 15:27 - 000002408 _____ C:\WINDOWS\System32\Tasks\App Explorer
2019-02-23 17:04 - 2018-11-24 10:54 - 000000000 ____D C:\Users\gosse\AppData\Roaming\vlc
2019-02-23 15:44 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-23 15:38 - 2018-11-23 15:36 - 000000000 ____D C:\Users\gosse\Downloads\Ulozto
2019-02-23 15:35 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-23 15:31 - 2018-11-23 15:59 - 000000000 ____D C:\Users\gosse\AppData\Local\CrashDumps
2019-02-23 14:16 - 2018-11-24 10:04 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-02-23 01:51 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-23 01:37 - 2018-11-22 15:13 - 000000000 ____D C:\Users\gosse
2019-02-23 01:35 - 2018-11-22 15:08 - 000234120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-23 01:31 - 2018-12-15 23:26 - 000000000 ____D C:\Program Files\CCleaner
2019-02-23 01:31 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-23 01:31 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Defender
2019-02-22 23:35 - 2018-11-21 17:47 - 000001410 _____ C:\Users\gosse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-02-18 16:28 - 2018-11-22 16:28 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-02-16 00:05 - 2018-11-21 19:27 - 000000000 ____D C:\Program Files\rempl
2019-02-15 14:51 - 2018-11-22 16:27 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-02-14 17:15 - 2018-11-21 19:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-14 16:51 - 2018-11-21 19:21 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-10 18:44 - 2018-11-23 15:28 - 000000000 _____ C:\end
2019-02-10 18:44 - 2018-11-23 15:27 - 000000000 ____D C:\Program Files\GOMPlayer
2019-02-09 22:39 - 2018-11-22 15:33 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 17:06 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-02-07 16:42 - 2018-11-22 16:27 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-02-07 16:42 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-07 16:41 - 2019-01-14 14:49 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-02-07 16:41 - 2018-11-22 16:27 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-02-07 16:41 - 2018-11-22 16:27 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-02-02 23:53 - 2019-01-05 18:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 23:53 - 2019-01-05 18:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-02 00:01 - 2018-11-21 17:42 - 000000000 ____D C:\Users\gosse\AppData\Local\Packages
2019-01-30 19:32 - 2018-12-26 00:59 - 000000000 ____D C:\Users\gosse\Desktop\Waka Flocka Flame - I Can’t Rap Vol. 2 (DatPiff.com)
Some files in TEMP:
====================
2019-02-23 14:14 - 2019-02-23 14:15 - 041846888 _____ () C:\Users\gosse\AppData\Local\Temp\vlc-3.0.6-win64.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-11-22 15:08
==================== End of FRST.txt ============================
Addition :
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.02.2019 02
Ran by gosse (24-02-2019 09:50:28)
Running from C:\Users\gosse\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-11-22 14:28:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2104316510-2255408751-1019769746-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2104316510-2255408751-1019769746-503 - Limited - Disabled)
gosse (S-1-5-21-2104316510-2255408751-1019769746-1002 - Administrator - Enabled) => C:\Users\gosse
Guest (S-1-5-21-2104316510-2255408751-1019769746-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2104316510-2255408751-1019769746-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
BitTorrent (HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.37.5299 - GOM & Company)
Intel(R) Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1743.4.0.1217 - Intel Corporation)
Lenovo App Explorer (HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\Host App Service) (Version: 0.273.2.977 - SweetLabs for Lenovo) <==== ATTENTION
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft 1.12.2 + Titan Launcher 3.7.0 (HKLM-x32\...\Minecraft 1.12.2 + Titan Launcher 3.7.0 1.12.2) (Version: 1.12.2 - Mojang)
Opera Stable 58.0.3135.68 (HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\Opera 58.0.3135.68) (Version: 58.0.3135.68 - Opera Software)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
YTD Video Downloader 5.9.10 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.9.10 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02BA624B-5D0C-49E0-9ED0-C3C63BA2C27F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c39e5215-768a-4a08-a29c-92247b3bbbed => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {15DB5EB0-FC0F-4DF1-8BD3-27290DD8D781} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\system32\RtkAudUService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1F39A1CE-A781-4A3B-BB9C-E127FF604C25} - System32\Tasks\Opera scheduled Autoupdate 1542818868 => C:\Users\gosse\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {23E7A971-068D-403E-B6FE-9DDE17D2FE59} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\gosse\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {2705B5CA-A992-4181-B94A-179FC283F800} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {33DCAB45-BBDC-4348-B824-9AA2F75A73FB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b34e521b-6cfe-4715-96a8-cabcc979109e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {3BE22AEB-273B-4B3E-BD9A-43E6A32B32BC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {45F1D32D-794F-4594-86D7-5626A59B7F31} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\11d33489-66f6-4628-a98b-c5d1169aba3b => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {47EA2C8A-70A3-464A-A12B-D6415A1064BB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\TXE Components\iCLS\IntelPTTEKRecertification.exe (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {6C95CB66-F52A-412A-93D2-B59684B4E482} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A0F2C4E3-9B8E-4D23-92C9-555F91608189} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {A8EEDD32-0028-4834-A4C9-F43F07888967} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B2C929BA-D33B-4FA1-A7BE-87B6CB5D26E7} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {B6E853B8-2AC5-428E-9538-CF75DE15BEF4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B9E08111-3C53-43D1-8365-68CAE855EB55} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1af74093-d91e-4312-b42b-26d488d2f1b5 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {BF4E7A68-0825-4D0C-B6FC-08C6DF7F76CE} - System32\Tasks\App Explorer => C:\Users\gosse\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {F94A9A2A-FC4F-462C-817B-B458E558140E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-03-06 09:53 - 2018-09-27 19:36 - 000602544 _____ () C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe
2018-03-06 09:53 - 2018-09-27 19:36 - 000309680 _____ () C:\WINDOWS\system32\dolbyaposvc\TuningFileParser.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-01-03 18:59 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-02-16 07:07 - 2019-02-06 03:25 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-02-07 19:27 - 2019-02-07 19:28 - 028028416 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-02-07 19:27 - 2019-02-07 19:28 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-11-21 19:01 - 2018-11-21 19:02 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-01 09:32 - 2018-12-01 09:33 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-07 19:27 - 2019-02-07 19:28 - 006033408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-07 19:27 - 2019-02-07 19:28 - 009338368 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-05 07:10 - 2019-01-05 07:10 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-02-07 16:42 - 2019-02-07 16:42 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll
2019-02-07 16:42 - 2019-02-07 16:42 - 000654216 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-22 23:35 - 2019-02-22 23:35 - 000701016 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera_elf.dll
2019-02-22 23:35 - 2019-02-22 23:35 - 109944408 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera_browser.dll
2019-02-22 23:35 - 2019-02-22 23:34 - 005212760 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\libglesv2.dll
2019-02-22 23:35 - 2019-02-22 23:34 - 000117336 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\libegl.dll
2018-09-29 05:15 - 2018-09-29 05:15 - 000152104 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_adfc895a03788015\igdinfo64.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-02-01 21:04 - 2019-02-01 21:05 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-11-21 19:26 - 2018-11-21 19:45 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-17 17:12 - 2019-01-17 17:13 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-11-21 19:26 - 2018-11-21 19:45 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-11-21 19:26 - 2018-11-21 19:45 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\SKU.dll
2019-01-30 18:38 - 2019-01-30 18:38 - 000282624 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-21 19:22 - 2018-11-21 19:23 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-30 18:38 - 2019-01-30 18:38 - 001757696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-01-04 22:41 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\gosse\Desktop\Pattaya_at_night_-_panoramio.jpg
DNS Servers: 91.103.164.5 - 91.103.164.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: wuauserv => 3
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B24BC641-EFFF-47C3-8129-A0B753B44260}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{134B8A5C-E4E8-4BBE-AEBD-69486E317BFF}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{0E4B9220-8A04-4047-83F5-8052BF4069EC}] => (Allow) C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4A981853-FBC4-4C6C-BB0D-DD15C4F56A45}] => (Allow) C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5734DCA0-7D67-4740-964E-B70F5DDEC0D2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{899F0518-4975-4CF0-84D6-DA109C3DBCE6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C5DF4365-CF5C-438F-9108-8020DD88F26B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{5F78F13A-F05E-40B4-9C8E-46251072D018}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
13-02-2019 17:05:10 Naplánovaný kontrolní bod
21-02-2019 15:43:16 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/23/2019 03:31:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ufm.exe, verze: 2.7.1.1122, časové razítko: 0x5c34b500
Název chybujícího modulu: libeay32.dll_unloaded, verze: 1.0.2.16, časové razítko: 0x5ba26205
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000bad53
ID chybujícího procesu: 0x2514
Čas spuštění chybující aplikace: 0x01d4cb8454043053
Cesta k chybující aplikaci: C:\Program Files\Ulozto File Manager\ufm.exe
Cesta k chybujícímu modulu: libeay32.dll
ID zprávy: acaedeb0-2d12-4841-b280-5a477f39c44c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 03:30:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ufm.exe, verze: 2.7.1.1122, časové razítko: 0x5c34b500
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0x0eedfade
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0xf20
Čas spuštění chybující aplikace: 0x01d4cb76588216a7
Cesta k chybující aplikaci: C:\Program Files\Ulozto File Manager\ufm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 942e98d7-86ab-4c4d-9586-be91947dfff4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 02:50:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007a24d
ID chybujícího procesu: 0x22e4
Čas spuštění chybující aplikace: 0x01d4cb7a2c3b4781
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: bfad894b-3315-4789-b585-9f83ffb51ecf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 02:29:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RtkUWP.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 2270
Čas spuštění: 01d4cb7a5356f42c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj\RtkUWP.exe
ID hlášení: cffe3be0-d158-4fe0-9c75-8d79a144e247
Úplný název balíčku s chybou: RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj
ID aplikace související s balíčkem s chybou: App
Error: (02/23/2019 02:17:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x27bc
Čas spuštění chybující aplikace: 0x01d4cb74eacd02d2
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 51aecf1b-4f03-46be-ab32-9faeea70ff49
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 01:25:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x1e64
Čas spuštění chybující aplikace: 0x01d4cb6f771b0f61
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 005cf525-f199-4d4a-a275-3d3ef7fcc3e2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/22/2019 10:38:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkUWP.exe, verze: 0.0.0.0, časové razítko: 0x5c4fe30c
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17134.137, časové razítko: 0xb5d50228
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000009cad5
ID chybujícího procesu: 0x210c
Čas spuštění chybující aplikace: 0x01d4ca9259fd5e06
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj\RtkUWP.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: 64e5f154-5cf0-413f-af3c-1251b5a365bb
Úplný název chybujícího balíčku: RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj
ID aplikace související s chybujícím balíčkem: App
Error: (02/18/2019 04:37:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkUWP.exe, verze: 0.0.0.0, časové razítko: 0x5c4fe30c
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17134.137, časové razítko: 0xb5d50228
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000009cad5
ID chybujícího procesu: 0x2fdc
Čas spuštění chybující aplikace: 0x01d4c79feaf87442
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj\RtkUWP.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: a42c8446-7c58-4767-9941-dec0968fdb87
Úplný název chybujícího balíčku: RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (02/24/2019 04:20:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/23/2019 08:22:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/23/2019 08:12:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/23/2019 08:08:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/23/2019 08:04:24 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-BDPBB4VM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-BDPBB4VM\gosse (SID: S-1-5-21-2104316510-2255408751-1019769746-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/23/2019 08:04:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/23/2019 08:01:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Update Orchestrator Service byla ukončena s následující chybou:
Daná operace se vrátila, protože vypršel časový limit.
Error: (02/23/2019 07:50:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) N4000 CPU @ 1.10GHz
Percentage of memory in use: 83%
Total physical RAM: 3918.57 MB
Available physical RAM: 657.55 MB
Total Virtual: 4686.57 MB
Available Virtual: 2147.48 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:464.51 GB) (Free:282.75 GB) NTFS
\\?\Volume{05e8e859-b28d-4a2f-b602-39a2f2c2844e}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.58 GB) NTFS
\\?\Volume{33eac80b-25d8-4eea-aac4-09555b743362}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka NTB
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Polska Pasha
- Vzorný návštěvník
- Příspěvky: 113
- Registrován: 29 čer 2014 09:06
Re: Preventivka NTB
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-24-2019
# Duration: 00:00:07
# OS: Windows 10 Home
# Cleaned: 23
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Host App Service
Deleted C:\Users\gosse\AppData\Local\Host App Service
Deleted C:\ProgramData\ytd video downloader
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\Program Files (x86)\GreenTree Applications
***** [ Files ] *****
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
Deleted C:\END
Deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\App Explorer
Deleted C:\Windows\System32\Tasks\RtkAudUService64_BG
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF4E7A68-0825-4D0C-B6FC-08C6DF7F76CE}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RtkAudUService64_BG
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3275 octets] - [24/02/2019 12:36:06]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-24-2019
# Duration: 00:00:07
# OS: Windows 10 Home
# Cleaned: 23
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Host App Service
Deleted C:\Users\gosse\AppData\Local\Host App Service
Deleted C:\ProgramData\ytd video downloader
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\Program Files (x86)\GreenTree Applications
***** [ Files ] *****
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
Deleted C:\END
Deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\App Explorer
Deleted C:\Windows\System32\Tasks\RtkAudUService64_BG
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF4E7A68-0825-4D0C-B6FC-08C6DF7F76CE}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RtkAudUService64_BG
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3275 octets] - [24/02/2019 12:36:06]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Preventivka NTB
Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Polska Pasha
- Vzorný návštěvník
- Příspěvky: 113
- Registrován: 29 čer 2014 09:06
Re: Preventivka NTB
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.02.2019 02
Ran by gosse (administrator) on LAPTOP-BDPBB4VM (24-02-2019 15:05:07)
Running from C:\Users\gosse\Desktop
Loaded Profiles: gosse (Available Profiles: gosse)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_adfc895a03788015\IntelCpHDCPSvc.exe
() C:\Windows\System32\dolbyaposvc\DAX3API.exe
(Fortemedia) C:\Windows\System32\FMService64.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_adfc895a03788015\IntelCpHeciSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(BitTorrent Inc.) C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe
(Lenovo(beijing) Limited) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.50.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(BitTorrent Inc.) C:\Users\gosse\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(BitTorrent Inc.) C:\Users\gosse\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(Intel Corporation) C:\Windows\System32\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(AVAST Software) C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera_crashreporter.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [776240 2018-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\Run: [BitTorrent] => C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe [1744064 2019-01-26] (BitTorrent Inc -> BitTorrent Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat [2018-01-07] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 91.103.164.5 91.103.164.10
Tcpip\..\Interfaces\{02033c52-972b-4f80-9a9f-d4ce0a20c0d2}: [DhcpNameServer] 91.103.164.5 91.103.164.10
Tcpip\..\Interfaces\{4bc72028-14fa-4c7b-ae3b-78b4832286d5}: [DhcpNameServer] 150.212.1.2
Internet Explorer:
==================
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [414720 2017-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602544 2018-09-27] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [286656 2018-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71336 2019-01-07] (Lenovo -> Lenovo Group Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\iCLS\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\TXE Components\iCLS\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\WINDOWS\System32\jhi_service.exe [576560 2018-06-05] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [776240 2018-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [352808 2018-04-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-11-21] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [65472 2017-12-06] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [115864 2017-10-14] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2329480 2017-12-22] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1026896 2018-01-25] (Realtek Semiconductor Corp. -> Realtek )
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [48168 2018-04-12] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [61480 2018-04-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-24 12:37 - 2019-02-24 12:37 - 000003224 _____ C:\WINDOWS\System32\Tasks\RtkAudUService64_BG
2019-02-24 12:35 - 2019-02-24 12:36 - 000000000 ____D C:\AdwCleaner
2019-02-24 12:33 - 2019-02-24 12:33 - 007316688 _____ (Malwarebytes) C:\Users\gosse\Desktop\adwcleaner_7.2.7.0.exe
2019-02-24 09:50 - 2019-02-24 09:51 - 000030593 _____ C:\Users\gosse\Desktop\Addition.txt
2019-02-24 09:48 - 2019-02-24 15:06 - 000011491 _____ C:\Users\gosse\Desktop\FRST.txt
2019-02-24 09:47 - 2019-02-24 15:05 - 000000000 ____D C:\FRST
2019-02-24 09:45 - 2019-02-24 09:46 - 002435072 _____ (Farbar) C:\Users\gosse\Desktop\FRST64.exe
2019-02-23 15:44 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-02-23 15:39 - 2019-02-23 16:16 - 3964550681 _____ C:\Users\gosse\Downloads\The.Grand.Tour.S03E02.Colombia.Special.Part.1.1080p.AMZN.WEB-DL.DD+5.1.H.264-QOQ.mkv
2019-02-23 13:55 - 2019-02-23 13:55 - 000074582 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E05(0000308804).srt
2019-02-23 13:53 - 2019-02-23 13:53 - 000084418 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E04(0000308454).srt
2019-02-23 13:52 - 2019-02-23 13:52 - 000076561 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E03(0000308646).srt
2019-02-23 13:51 - 2019-02-23 13:51 - 000070081 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E02(0000308084).srt
2019-02-23 13:45 - 2019-02-23 13:45 - 000086081 _____ C:\Users\gosse\Downloads\The.Grand.Tour.S03E01.cz.srt
2019-02-23 13:24 - 2019-02-23 14:04 - 3814270826 _____ C:\Users\gosse\Downloads\SapphicErotica.18.10.26.Lady.Dee.And.Luna.Corazon.XXX.1080p.MP4-KTR.mp4
2019-02-21 19:52 - 2019-02-21 20:22 - 2866933491 _____ C:\Users\gosse\Downloads\20100311_4621_btaw_kortney_kane.wmv
2019-02-21 19:07 - 2019-02-21 19:39 - 3482281046 _____ C:\Users\gosse\Downloads\lubed.17.02.21.lena.anderson.all.oiled.up.mp4
2019-02-21 18:29 - 2019-02-21 18:29 - 000036577 _____ C:\Users\gosse\Downloads\t1421864.torrent
2019-02-20 20:31 - 2019-02-20 20:45 - 1388806365 _____ C:\Users\gosse\Downloads\JENNA HAZE - Just Jenna 2 - Scene 9 (couple, anal, very nice) 720p.mp4
2019-02-17 18:40 - 2019-02-17 18:57 - 1460974395 _____ C:\Users\gosse\Downloads\Abella Anderson - ap9706-1080p.mp4
2019-02-16 08:15 - 2019-02-16 08:54 - 4050731941 _____ C:\Users\gosse\Downloads\Megan Rain - anal.mp4
2019-02-16 07:08 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-16 07:08 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-16 07:07 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-16 07:07 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-16 07:07 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-16 07:07 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-16 07:07 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-16 07:07 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-16 07:07 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-16 07:07 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-16 07:07 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-16 07:07 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-16 07:07 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-16 07:07 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-16 07:07 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-16 07:07 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-16 07:07 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-16 07:07 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-16 07:07 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-16 07:07 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-16 07:07 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-16 07:07 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-16 07:07 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-16 07:07 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-16 07:07 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-16 07:07 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-16 07:07 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-16 07:07 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-16 07:07 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-16 07:07 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-16 07:07 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-16 07:07 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-16 07:07 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-16 07:07 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-16 07:07 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-16 07:07 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-16 07:07 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-16 07:07 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-16 07:07 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-16 07:07 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-16 07:07 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-16 07:07 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-16 07:07 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-16 07:07 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-16 07:07 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-16 07:07 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-16 07:07 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-16 07:07 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-16 07:07 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-16 07:07 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-16 07:07 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-16 07:07 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-16 07:07 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-16 07:07 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-16 07:07 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-16 07:07 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-16 07:07 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-16 07:07 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-16 07:07 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-16 07:07 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-16 07:07 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-16 07:07 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-16 07:07 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-16 07:07 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-16 07:07 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-16 07:07 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-16 07:07 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-16 07:07 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-16 07:07 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-16 07:07 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-16 07:07 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-16 07:07 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-16 07:07 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-16 07:07 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-16 07:07 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-16 07:07 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-16 07:07 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-16 07:07 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-16 07:07 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-16 07:07 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-16 07:07 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-16 07:07 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-16 07:07 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-16 07:07 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-16 07:07 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-16 07:07 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-16 07:07 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-16 07:07 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-16 07:07 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-16 07:07 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-16 07:07 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-16 07:07 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-16 07:07 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-16 07:07 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-16 07:07 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-16 07:07 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-16 07:07 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-16 07:06 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-16 07:06 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-16 07:06 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-16 07:06 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-16 07:06 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-16 07:06 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-16 07:06 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-16 07:06 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-16 07:06 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-16 07:06 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-16 07:06 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-16 07:06 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-16 07:06 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-16 07:06 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-16 07:06 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-16 07:06 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-16 07:06 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-16 07:06 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-16 07:06 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-16 07:06 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-16 07:06 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-16 07:06 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-16 07:06 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-16 07:06 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-14 17:18 - 2019-02-14 18:06 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E04.The.Hour.and.the.Day.1080p.AMZN.WEB-DL.DDP5.1.H.264-NTb
2019-02-14 17:18 - 2019-02-14 17:18 - 000093670 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E04_The_Hour_and_the_Day_WebRip_1080p_.torrent
2019-02-13 14:49 - 2019-02-13 14:49 - 000249672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-02-10 18:38 - 2019-02-10 19:32 - 436428966 _____ C:\Users\gosse\Downloads\NHL-2019.01.04_NSH@DET_FS-D_720pier.mkv
2019-02-10 08:41 - 2018-12-21 08:33 - 000000000 ____D C:\Users\gosse\Desktop\Young Scooter - The Recipe
2019-02-10 08:41 - 2018-11-29 17:13 - 000000000 ____D C:\Users\gosse\Desktop\Nicki Minaj - Essentials (Mp3 320kbps Quality Songs) [PMEDIA]
2019-02-10 08:39 - 2019-02-10 08:41 - 000000000 ____D C:\Users\gosse\Desktop\Dreezy - Big Dreez (2019)
2019-02-10 08:24 - 2019-02-10 08:41 - 1724306892 _____ C:\Users\gosse\Downloads\24 hodin Le Mans 2016 - part 5%2F20.mp4
2019-02-10 07:30 - 2019-02-10 07:30 - 000011468 _____ C:\Users\gosse\Downloads\t1017411.torrent
2019-02-10 06:13 - 2019-02-10 06:34 - 2175642015 _____ C:\Users\gosse\Downloads\ktr.nubilef.12.09.14.celeste.star.elle.alexandra.and.malena.morgan.wake.with.me.mp4
2019-02-08 17:35 - 2019-02-08 17:35 - 000017450 _____ C:\Users\gosse\Downloads\t1711105.torrent
2019-02-08 17:31 - 2019-02-08 17:31 - 000020098 _____ C:\Users\gosse\Downloads\t1607368.torrent
2019-02-08 17:15 - 2019-02-08 17:15 - 000017965 _____ C:\Users\gosse\Downloads\t1779005.torrent
2019-02-07 17:15 - 2019-02-07 17:41 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E03.The.Big.Never.1080p.AMZN.WEB-DL.DDP5.1.H.264-NTb
2019-02-07 17:15 - 2019-02-07 17:15 - 000068041 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E03_The_Big_Never_WebRip_1080p_.torrent
2019-02-07 17:05 - 2019-02-07 17:07 - 000000000 ____D C:\Program Files (x86)\MonitorDriver
2019-02-07 17:05 - 2019-02-07 17:05 - 000001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2019-02-07 17:05 - 2019-02-07 17:05 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-07 16:42 - 2019-02-07 16:42 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-02-07 16:41 - 2019-02-07 16:47 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E02.Kiss.Tomorrow.Goodbye.1080p.AMZN.WEBRip.DDP5.1.x264-NTb
2019-02-07 16:41 - 2019-02-07 16:41 - 000059926 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E02_Kiss_Tomorrow_Goodbye_WebRip_1080p_.torrent
2019-02-06 16:55 - 2019-02-06 17:17 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E01.The.Great.War.and.Modern.Memory.1080p.AMZN.WEBRip.DDP5.1.x264-NTb
2019-02-06 16:54 - 2019-02-06 16:54 - 000067756 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E01_The_Great_War_and_Modern_Memory_WebRip_1080p_.torrent
2019-02-06 16:49 - 2019-02-06 16:49 - 000084909 _____ C:\Users\gosse\Downloads\True.Detective.S03E01.1080p.WEB.H264-METCON[rartv]-[rarbg.to].torrent
2019-02-05 17:11 - 2019-02-05 17:11 - 000011338 _____ C:\Users\gosse\Downloads\t1783248.torrent
2019-01-30 19:32 - 2019-01-18 16:17 - 000000000 ____D C:\Users\gosse\Desktop\Future - Future Hndrxx Presents - The WIZRD (2019) [320]
2019-01-26 17:00 - 2019-01-07 18:38 - 000205992 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2019-01-26 17:00 - 2019-01-07 18:38 - 000130216 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2019-01-26 17:00 - 2019-01-07 18:38 - 000097448 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2019-01-26 17:00 - 2019-01-07 18:38 - 000043688 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-24 15:06 - 2018-11-22 16:48 - 000000000 ____D C:\Users\gosse\AppData\Roaming\BitTorrent
2019-02-24 15:03 - 2018-11-22 15:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-24 13:35 - 2018-11-22 15:23 - 001601516 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-24 13:35 - 2018-04-12 16:50 - 000681858 _____ C:\WINDOWS\system32\perfh005.dat
2019-02-24 13:35 - 2018-04-12 16:50 - 000136754 _____ C:\WINDOWS\system32\perfc005.dat
2019-02-24 13:35 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-24 12:38 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-24 12:37 - 2018-11-22 15:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-24 12:37 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-24 12:36 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-02-24 09:40 - 2018-11-22 16:40 - 000000000 ____D C:\Users\gosse\Downloads\xxx
2019-02-23 19:09 - 2018-12-15 23:27 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-02-23 19:09 - 2018-12-15 23:27 - 000002238 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-23 19:09 - 2018-11-22 16:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-02-23 19:09 - 2018-11-22 15:27 - 000003514 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1542818868
2019-02-23 19:09 - 2018-11-22 15:27 - 000003492 _____ C:\WINDOWS\System32\Tasks\LenovoUtility Task
2019-02-23 19:09 - 2018-11-22 15:27 - 000003134 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-02-23 19:09 - 2018-11-22 15:27 - 000002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2019-02-23 17:04 - 2018-11-24 10:54 - 000000000 ____D C:\Users\gosse\AppData\Roaming\vlc
2019-02-23 15:44 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-23 15:38 - 2018-11-23 15:36 - 000000000 ____D C:\Users\gosse\Downloads\Ulozto
2019-02-23 15:35 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-23 15:31 - 2018-11-23 15:59 - 000000000 ____D C:\Users\gosse\AppData\Local\CrashDumps
2019-02-23 14:16 - 2018-11-24 10:04 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-02-23 01:51 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-23 01:37 - 2018-11-22 15:13 - 000000000 ____D C:\Users\gosse
2019-02-23 01:35 - 2018-11-22 15:08 - 000234120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-23 01:31 - 2018-12-15 23:26 - 000000000 ____D C:\Program Files\CCleaner
2019-02-23 01:31 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-23 01:31 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Defender
2019-02-22 23:35 - 2018-11-21 17:47 - 000001410 _____ C:\Users\gosse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-02-18 16:28 - 2018-11-22 16:28 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-02-16 00:05 - 2018-11-21 19:27 - 000000000 ____D C:\Program Files\rempl
2019-02-15 14:51 - 2018-11-22 16:27 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-02-14 17:15 - 2018-11-21 19:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-14 16:51 - 2018-11-21 19:21 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-10 18:44 - 2018-11-23 15:27 - 000000000 ____D C:\Program Files\GOMPlayer
2019-02-09 22:39 - 2018-11-22 15:33 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 17:06 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-02-07 16:42 - 2018-11-22 16:27 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-02-07 16:42 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-07 16:41 - 2019-01-14 14:49 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-02-07 16:41 - 2018-11-22 16:27 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-02-07 16:41 - 2018-11-22 16:27 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-02-02 23:53 - 2019-01-05 18:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 23:53 - 2019-01-05 18:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-02 00:01 - 2018-11-21 17:42 - 000000000 ____D C:\Users\gosse\AppData\Local\Packages
2019-01-30 19:32 - 2018-12-26 00:59 - 000000000 ____D C:\Users\gosse\Desktop\Waka Flocka Flame - I Can’t Rap Vol. 2 (DatPiff.com)
Some files in TEMP:
====================
2019-02-23 14:14 - 2019-02-23 14:15 - 041846888 _____ () C:\Users\gosse\AppData\Local\Temp\vlc-3.0.6-win64.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-11-22 15:08
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.02.2019 02
Ran by gosse (24-02-2019 15:06:54)
Running from C:\Users\gosse\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-11-22 14:28:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2104316510-2255408751-1019769746-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2104316510-2255408751-1019769746-503 - Limited - Disabled)
gosse (S-1-5-21-2104316510-2255408751-1019769746-1002 - Administrator - Enabled) => C:\Users\gosse
Guest (S-1-5-21-2104316510-2255408751-1019769746-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2104316510-2255408751-1019769746-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
BitTorrent (HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.37.5299 - GOM & Company)
Intel(R) Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1743.4.0.1217 - Intel Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft 1.12.2 + Titan Launcher 3.7.0 (HKLM-x32\...\Minecraft 1.12.2 + Titan Launcher 3.7.0 1.12.2) (Version: 1.12.2 - Mojang)
Opera Stable 58.0.3135.68 (HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\Opera 58.0.3135.68) (Version: 58.0.3135.68 - Opera Software)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {015B4193-F0D5-4DB3-A145-3A25CAC02A8C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\67017db8-078f-4f0b-9d24-7903d64d1b74 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {15DB5EB0-FC0F-4DF1-8BD3-27290DD8D781} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\system32\RtkAudUService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1F39A1CE-A781-4A3B-BB9C-E127FF604C25} - System32\Tasks\Opera scheduled Autoupdate 1542818868 => C:\Users\gosse\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {23E7A971-068D-403E-B6FE-9DDE17D2FE59} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\gosse\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {2705B5CA-A992-4181-B94A-179FC283F800} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {3BE22AEB-273B-4B3E-BD9A-43E6A32B32BC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {47EA2C8A-70A3-464A-A12B-D6415A1064BB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\TXE Components\iCLS\IntelPTTEKRecertification.exe (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {5DFC4683-F460-46F6-A324-F1A398ACB3FF} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\system32\RtkAudUService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6C95CB66-F52A-412A-93D2-B59684B4E482} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {7DBBAA49-C032-4D18-8C98-2FD80397C4F7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\288fefab-5fa3-4524-8119-e35c9b2676bc => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {A0F2C4E3-9B8E-4D23-92C9-555F91608189} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {A8EEDD32-0028-4834-A4C9-F43F07888967} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B2C929BA-D33B-4FA1-A7BE-87B6CB5D26E7} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {B6E853B8-2AC5-428E-9538-CF75DE15BEF4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C1EA309A-3ADC-4CDB-A3E6-180A1EB5EF60} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dd2d54b6-862a-43b6-abf3-b9932b2d038f => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {F8856340-1A43-4108-A0B6-632BE7C0E4F0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1eb27159-08c3-4ff3-9360-85c97c682584 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {F94A9A2A-FC4F-462C-817B-B458E558140E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-03-06 09:53 - 2018-09-27 19:36 - 000602544 _____ () C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe
2018-03-06 09:53 - 2018-09-27 19:36 - 000309680 _____ () C:\WINDOWS\system32\dolbyaposvc\TuningFileParser.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-01-03 18:59 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-02-16 07:07 - 2019-02-06 03:25 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-02-07 19:27 - 2019-02-07 19:28 - 028028416 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-02-07 19:27 - 2019-02-07 19:28 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-11-21 19:01 - 2018-11-21 19:02 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-01 09:32 - 2018-12-01 09:33 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-07 19:27 - 2019-02-07 19:28 - 006033408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-07 19:27 - 2019-02-07 19:28 - 009338368 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-05 07:10 - 2019-01-05 07:10 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-02-07 16:42 - 2019-02-07 16:42 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll
2019-02-07 16:42 - 2019-02-07 16:42 - 000654216 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-02-01 21:04 - 2019-02-01 21:05 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-11-21 19:26 - 2018-11-21 19:45 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-17 17:12 - 2019-01-17 17:13 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-11-21 19:26 - 2018-11-21 19:45 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-11-21 19:26 - 2018-11-21 19:45 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-22 23:35 - 2019-02-22 23:35 - 000701016 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera_elf.dll
2019-02-22 23:35 - 2019-02-22 23:35 - 109944408 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera_browser.dll
2019-02-22 23:35 - 2019-02-22 23:34 - 005212760 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\libglesv2.dll
2019-02-22 23:35 - 2019-02-22 23:34 - 000117336 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\libegl.dll
2018-09-29 05:15 - 2018-09-29 05:15 - 000152104 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_adfc895a03788015\igdinfo64.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-01-04 22:41 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\gosse\Desktop\Pattaya_at_night_-_panoramio.jpg
DNS Servers: 91.103.164.5 - 91.103.164.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: wuauserv => 3
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B24BC641-EFFF-47C3-8129-A0B753B44260}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{134B8A5C-E4E8-4BBE-AEBD-69486E317BFF}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{0E4B9220-8A04-4047-83F5-8052BF4069EC}] => (Allow) C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4A981853-FBC4-4C6C-BB0D-DD15C4F56A45}] => (Allow) C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5734DCA0-7D67-4740-964E-B70F5DDEC0D2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{899F0518-4975-4CF0-84D6-DA109C3DBCE6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C5DF4365-CF5C-438F-9108-8020DD88F26B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{5F78F13A-F05E-40B4-9C8E-46251072D018}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
13-02-2019 17:05:10 Naplánovaný kontrolní bod
21-02-2019 15:43:16 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/23/2019 03:31:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ufm.exe, verze: 2.7.1.1122, časové razítko: 0x5c34b500
Název chybujícího modulu: libeay32.dll_unloaded, verze: 1.0.2.16, časové razítko: 0x5ba26205
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000bad53
ID chybujícího procesu: 0x2514
Čas spuštění chybující aplikace: 0x01d4cb8454043053
Cesta k chybující aplikaci: C:\Program Files\Ulozto File Manager\ufm.exe
Cesta k chybujícímu modulu: libeay32.dll
ID zprávy: acaedeb0-2d12-4841-b280-5a477f39c44c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 03:30:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ufm.exe, verze: 2.7.1.1122, časové razítko: 0x5c34b500
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0x0eedfade
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0xf20
Čas spuštění chybující aplikace: 0x01d4cb76588216a7
Cesta k chybující aplikaci: C:\Program Files\Ulozto File Manager\ufm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 942e98d7-86ab-4c4d-9586-be91947dfff4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 02:50:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007a24d
ID chybujícího procesu: 0x22e4
Čas spuštění chybující aplikace: 0x01d4cb7a2c3b4781
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: bfad894b-3315-4789-b585-9f83ffb51ecf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 02:29:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RtkUWP.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 2270
Čas spuštění: 01d4cb7a5356f42c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj\RtkUWP.exe
ID hlášení: cffe3be0-d158-4fe0-9c75-8d79a144e247
Úplný název balíčku s chybou: RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj
ID aplikace související s balíčkem s chybou: App
Error: (02/23/2019 02:17:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x27bc
Čas spuštění chybující aplikace: 0x01d4cb74eacd02d2
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 51aecf1b-4f03-46be-ab32-9faeea70ff49
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 01:25:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x1e64
Čas spuštění chybující aplikace: 0x01d4cb6f771b0f61
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 005cf525-f199-4d4a-a275-3d3ef7fcc3e2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/22/2019 10:38:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkUWP.exe, verze: 0.0.0.0, časové razítko: 0x5c4fe30c
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17134.137, časové razítko: 0xb5d50228
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000009cad5
ID chybujícího procesu: 0x210c
Čas spuštění chybující aplikace: 0x01d4ca9259fd5e06
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj\RtkUWP.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: 64e5f154-5cf0-413f-af3c-1251b5a365bb
Úplný název chybujícího balíčku: RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj
ID aplikace související s chybujícím balíčkem: App
Error: (02/18/2019 04:37:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkUWP.exe, verze: 0.0.0.0, časové razítko: 0x5c4fe30c
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17134.137, časové razítko: 0xb5d50228
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000009cad5
ID chybujícího procesu: 0x2fdc
Čas spuštění chybující aplikace: 0x01d4c79feaf87442
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj\RtkUWP.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: a42c8446-7c58-4767-9941-dec0968fdb87
Úplný název chybujícího balíčku: RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (02/24/2019 03:04:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/24/2019 03:04:22 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-BDPBB4VM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-BDPBB4VM\gosse (SID: S-1-5-21-2104316510-2255408751-1019769746-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/24/2019 03:03:50 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti PCI (0x10). Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error: (02/24/2019 01:49:04 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti PCI (0x10). Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error: (02/24/2019 01:34:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/24/2019 01:34:15 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-BDPBB4VM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-BDPBB4VM\gosse (SID: S-1-5-21-2104316510-2255408751-1019769746-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/24/2019 01:33:58 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti PCI (0x10). Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error: (02/24/2019 01:06:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) N4000 CPU @ 1.10GHz
Percentage of memory in use: 59%
Total physical RAM: 3918.57 MB
Available physical RAM: 1581.52 MB
Total Virtual: 4686.57 MB
Available Virtual: 2385.32 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:464.51 GB) (Free:282.74 GB) NTFS
\\?\Volume{05e8e859-b28d-4a2f-b602-39a2f2c2844e}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.58 GB) NTFS
\\?\Volume{33eac80b-25d8-4eea-aac4-09555b743362}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================
Ran by gosse (administrator) on LAPTOP-BDPBB4VM (24-02-2019 15:05:07)
Running from C:\Users\gosse\Desktop
Loaded Profiles: gosse (Available Profiles: gosse)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_adfc895a03788015\IntelCpHDCPSvc.exe
() C:\Windows\System32\dolbyaposvc\DAX3API.exe
(Fortemedia) C:\Windows\System32\FMService64.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_adfc895a03788015\IntelCpHeciSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(BitTorrent Inc.) C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe
(Lenovo(beijing) Limited) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.50.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(BitTorrent Inc.) C:\Users\gosse\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(BitTorrent Inc.) C:\Users\gosse\AppData\Roaming\BitTorrent\updates\7.10.5_44995\bittorrentie.exe
(Intel Corporation) C:\Windows\System32\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(AVAST Software) C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera_crashreporter.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
(Opera Software) C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [776240 2018-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\Run: [BitTorrent] => C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe [1744064 2019-01-26] (BitTorrent Inc -> BitTorrent Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat [2018-01-07] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 91.103.164.5 91.103.164.10
Tcpip\..\Interfaces\{02033c52-972b-4f80-9a9f-d4ce0a20c0d2}: [DhcpNameServer] 91.103.164.5 91.103.164.10
Tcpip\..\Interfaces\{4bc72028-14fa-4c7b-ae3b-78b4832286d5}: [DhcpNameServer] 150.212.1.2
Internet Explorer:
==================
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [414720 2017-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602544 2018-09-27] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [286656 2018-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71336 2019-01-07] (Lenovo -> Lenovo Group Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\iCLS\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\TXE Components\iCLS\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\WINDOWS\System32\jhi_service.exe [576560 2018-06-05] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [776240 2018-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [352808 2018-04-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-11-21] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [65472 2017-12-06] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [115864 2017-10-14] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2329480 2017-12-22] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1026896 2018-01-25] (Realtek Semiconductor Corp. -> Realtek )
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [48168 2018-04-12] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [61480 2018-04-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-24 12:37 - 2019-02-24 12:37 - 000003224 _____ C:\WINDOWS\System32\Tasks\RtkAudUService64_BG
2019-02-24 12:35 - 2019-02-24 12:36 - 000000000 ____D C:\AdwCleaner
2019-02-24 12:33 - 2019-02-24 12:33 - 007316688 _____ (Malwarebytes) C:\Users\gosse\Desktop\adwcleaner_7.2.7.0.exe
2019-02-24 09:50 - 2019-02-24 09:51 - 000030593 _____ C:\Users\gosse\Desktop\Addition.txt
2019-02-24 09:48 - 2019-02-24 15:06 - 000011491 _____ C:\Users\gosse\Desktop\FRST.txt
2019-02-24 09:47 - 2019-02-24 15:05 - 000000000 ____D C:\FRST
2019-02-24 09:45 - 2019-02-24 09:46 - 002435072 _____ (Farbar) C:\Users\gosse\Desktop\FRST64.exe
2019-02-23 15:44 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-02-23 15:39 - 2019-02-23 16:16 - 3964550681 _____ C:\Users\gosse\Downloads\The.Grand.Tour.S03E02.Colombia.Special.Part.1.1080p.AMZN.WEB-DL.DD+5.1.H.264-QOQ.mkv
2019-02-23 13:55 - 2019-02-23 13:55 - 000074582 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E05(0000308804).srt
2019-02-23 13:53 - 2019-02-23 13:53 - 000084418 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E04(0000308454).srt
2019-02-23 13:52 - 2019-02-23 13:52 - 000076561 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E03(0000308646).srt
2019-02-23 13:51 - 2019-02-23 13:51 - 000070081 _____ C:\Users\gosse\Downloads\The-Grand-Tour-S03E02(0000308084).srt
2019-02-23 13:45 - 2019-02-23 13:45 - 000086081 _____ C:\Users\gosse\Downloads\The.Grand.Tour.S03E01.cz.srt
2019-02-23 13:24 - 2019-02-23 14:04 - 3814270826 _____ C:\Users\gosse\Downloads\SapphicErotica.18.10.26.Lady.Dee.And.Luna.Corazon.XXX.1080p.MP4-KTR.mp4
2019-02-21 19:52 - 2019-02-21 20:22 - 2866933491 _____ C:\Users\gosse\Downloads\20100311_4621_btaw_kortney_kane.wmv
2019-02-21 19:07 - 2019-02-21 19:39 - 3482281046 _____ C:\Users\gosse\Downloads\lubed.17.02.21.lena.anderson.all.oiled.up.mp4
2019-02-21 18:29 - 2019-02-21 18:29 - 000036577 _____ C:\Users\gosse\Downloads\t1421864.torrent
2019-02-20 20:31 - 2019-02-20 20:45 - 1388806365 _____ C:\Users\gosse\Downloads\JENNA HAZE - Just Jenna 2 - Scene 9 (couple, anal, very nice) 720p.mp4
2019-02-17 18:40 - 2019-02-17 18:57 - 1460974395 _____ C:\Users\gosse\Downloads\Abella Anderson - ap9706-1080p.mp4
2019-02-16 08:15 - 2019-02-16 08:54 - 4050731941 _____ C:\Users\gosse\Downloads\Megan Rain - anal.mp4
2019-02-16 07:08 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-16 07:08 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-16 07:07 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-16 07:07 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-16 07:07 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-16 07:07 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-16 07:07 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-16 07:07 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-16 07:07 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-16 07:07 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-16 07:07 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-16 07:07 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-16 07:07 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-16 07:07 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-16 07:07 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-16 07:07 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-16 07:07 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-16 07:07 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-16 07:07 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-16 07:07 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-16 07:07 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-16 07:07 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-16 07:07 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-16 07:07 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-16 07:07 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-16 07:07 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-16 07:07 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-16 07:07 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-16 07:07 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-16 07:07 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-16 07:07 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-16 07:07 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-16 07:07 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-16 07:07 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-16 07:07 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-16 07:07 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-16 07:07 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-16 07:07 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-16 07:07 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-16 07:07 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-16 07:07 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-16 07:07 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-16 07:07 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-16 07:07 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-16 07:07 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-16 07:07 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-16 07:07 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-16 07:07 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-16 07:07 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-16 07:07 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-16 07:07 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-16 07:07 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-16 07:07 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-16 07:07 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-16 07:07 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-16 07:07 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-16 07:07 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-16 07:07 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-16 07:07 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-16 07:07 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-16 07:07 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-16 07:07 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-16 07:07 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-16 07:07 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-16 07:07 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-16 07:07 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-16 07:07 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-16 07:07 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-16 07:07 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-16 07:07 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-16 07:07 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-16 07:07 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-16 07:07 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-16 07:07 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-16 07:07 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-16 07:07 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-16 07:07 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-16 07:07 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-16 07:07 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-16 07:07 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-16 07:07 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-16 07:07 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-16 07:07 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-16 07:07 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-16 07:07 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-16 07:07 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-16 07:07 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-16 07:07 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-16 07:07 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-16 07:07 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-16 07:07 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-16 07:07 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-16 07:07 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-16 07:07 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-16 07:07 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-16 07:07 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-16 07:07 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-16 07:07 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-16 07:07 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-16 07:07 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-16 07:07 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-16 07:07 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-16 07:07 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-16 07:06 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-16 07:06 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-16 07:06 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-16 07:06 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-16 07:06 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-16 07:06 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-16 07:06 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-16 07:06 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-16 07:06 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-16 07:06 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-16 07:06 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-16 07:06 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-16 07:06 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-16 07:06 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-16 07:06 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-16 07:06 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-16 07:06 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-16 07:06 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-16 07:06 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-16 07:06 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-16 07:06 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-16 07:06 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-16 07:06 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-16 07:06 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-16 07:06 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-14 17:18 - 2019-02-14 18:06 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E04.The.Hour.and.the.Day.1080p.AMZN.WEB-DL.DDP5.1.H.264-NTb
2019-02-14 17:18 - 2019-02-14 17:18 - 000093670 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E04_The_Hour_and_the_Day_WebRip_1080p_.torrent
2019-02-13 14:49 - 2019-02-13 14:49 - 000249672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-02-10 18:38 - 2019-02-10 19:32 - 436428966 _____ C:\Users\gosse\Downloads\NHL-2019.01.04_NSH@DET_FS-D_720pier.mkv
2019-02-10 08:41 - 2018-12-21 08:33 - 000000000 ____D C:\Users\gosse\Desktop\Young Scooter - The Recipe
2019-02-10 08:41 - 2018-11-29 17:13 - 000000000 ____D C:\Users\gosse\Desktop\Nicki Minaj - Essentials (Mp3 320kbps Quality Songs) [PMEDIA]
2019-02-10 08:39 - 2019-02-10 08:41 - 000000000 ____D C:\Users\gosse\Desktop\Dreezy - Big Dreez (2019)
2019-02-10 08:24 - 2019-02-10 08:41 - 1724306892 _____ C:\Users\gosse\Downloads\24 hodin Le Mans 2016 - part 5%2F20.mp4
2019-02-10 07:30 - 2019-02-10 07:30 - 000011468 _____ C:\Users\gosse\Downloads\t1017411.torrent
2019-02-10 06:13 - 2019-02-10 06:34 - 2175642015 _____ C:\Users\gosse\Downloads\ktr.nubilef.12.09.14.celeste.star.elle.alexandra.and.malena.morgan.wake.with.me.mp4
2019-02-08 17:35 - 2019-02-08 17:35 - 000017450 _____ C:\Users\gosse\Downloads\t1711105.torrent
2019-02-08 17:31 - 2019-02-08 17:31 - 000020098 _____ C:\Users\gosse\Downloads\t1607368.torrent
2019-02-08 17:15 - 2019-02-08 17:15 - 000017965 _____ C:\Users\gosse\Downloads\t1779005.torrent
2019-02-07 17:15 - 2019-02-07 17:41 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E03.The.Big.Never.1080p.AMZN.WEB-DL.DDP5.1.H.264-NTb
2019-02-07 17:15 - 2019-02-07 17:15 - 000068041 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E03_The_Big_Never_WebRip_1080p_.torrent
2019-02-07 17:05 - 2019-02-07 17:07 - 000000000 ____D C:\Program Files (x86)\MonitorDriver
2019-02-07 17:05 - 2019-02-07 17:05 - 000001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2019-02-07 17:05 - 2019-02-07 17:05 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-07 16:42 - 2019-02-07 16:42 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-02-07 16:41 - 2019-02-07 16:47 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E02.Kiss.Tomorrow.Goodbye.1080p.AMZN.WEBRip.DDP5.1.x264-NTb
2019-02-07 16:41 - 2019-02-07 16:41 - 000059926 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E02_Kiss_Tomorrow_Goodbye_WebRip_1080p_.torrent
2019-02-06 16:55 - 2019-02-06 17:17 - 000000000 ____D C:\Users\gosse\Downloads\True.Detective.S03E01.The.Great.War.and.Modern.Memory.1080p.AMZN.WEBRip.DDP5.1.x264-NTb
2019-02-06 16:54 - 2019-02-06 16:54 - 000067756 _____ C:\Users\gosse\Downloads\[CzT]Temny_pripad_True_Detective_S03E01_The_Great_War_and_Modern_Memory_WebRip_1080p_.torrent
2019-02-06 16:49 - 2019-02-06 16:49 - 000084909 _____ C:\Users\gosse\Downloads\True.Detective.S03E01.1080p.WEB.H264-METCON[rartv]-[rarbg.to].torrent
2019-02-05 17:11 - 2019-02-05 17:11 - 000011338 _____ C:\Users\gosse\Downloads\t1783248.torrent
2019-01-30 19:32 - 2019-01-18 16:17 - 000000000 ____D C:\Users\gosse\Desktop\Future - Future Hndrxx Presents - The WIZRD (2019) [320]
2019-01-26 17:00 - 2019-01-07 18:38 - 000205992 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2019-01-26 17:00 - 2019-01-07 18:38 - 000130216 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2019-01-26 17:00 - 2019-01-07 18:38 - 000097448 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2019-01-26 17:00 - 2019-01-07 18:38 - 000043688 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-24 15:06 - 2018-11-22 16:48 - 000000000 ____D C:\Users\gosse\AppData\Roaming\BitTorrent
2019-02-24 15:03 - 2018-11-22 15:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-24 13:35 - 2018-11-22 15:23 - 001601516 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-24 13:35 - 2018-04-12 16:50 - 000681858 _____ C:\WINDOWS\system32\perfh005.dat
2019-02-24 13:35 - 2018-04-12 16:50 - 000136754 _____ C:\WINDOWS\system32\perfc005.dat
2019-02-24 13:35 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-24 12:38 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-24 12:37 - 2018-11-22 15:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-24 12:37 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-02-24 12:36 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-02-24 09:40 - 2018-11-22 16:40 - 000000000 ____D C:\Users\gosse\Downloads\xxx
2019-02-23 19:09 - 2018-12-15 23:27 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-02-23 19:09 - 2018-12-15 23:27 - 000002238 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-02-23 19:09 - 2018-11-22 16:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-02-23 19:09 - 2018-11-22 15:27 - 000003514 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1542818868
2019-02-23 19:09 - 2018-11-22 15:27 - 000003492 _____ C:\WINDOWS\System32\Tasks\LenovoUtility Task
2019-02-23 19:09 - 2018-11-22 15:27 - 000003134 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-02-23 19:09 - 2018-11-22 15:27 - 000002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2019-02-23 17:04 - 2018-11-24 10:54 - 000000000 ____D C:\Users\gosse\AppData\Roaming\vlc
2019-02-23 15:44 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-23 15:38 - 2018-11-23 15:36 - 000000000 ____D C:\Users\gosse\Downloads\Ulozto
2019-02-23 15:35 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-23 15:31 - 2018-11-23 15:59 - 000000000 ____D C:\Users\gosse\AppData\Local\CrashDumps
2019-02-23 14:16 - 2018-11-24 10:04 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-02-23 01:51 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-23 01:37 - 2018-11-22 15:13 - 000000000 ____D C:\Users\gosse
2019-02-23 01:35 - 2018-11-22 15:08 - 000234120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-23 01:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-23 01:31 - 2018-12-15 23:26 - 000000000 ____D C:\Program Files\CCleaner
2019-02-23 01:31 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-23 01:31 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Defender
2019-02-22 23:35 - 2018-11-21 17:47 - 000001410 _____ C:\Users\gosse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-02-18 16:28 - 2018-11-22 16:28 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-02-16 00:05 - 2018-11-21 19:27 - 000000000 ____D C:\Program Files\rempl
2019-02-15 14:51 - 2018-11-22 16:27 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-02-14 17:15 - 2018-11-21 19:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-14 16:51 - 2018-11-21 19:21 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-10 18:44 - 2018-11-23 15:27 - 000000000 ____D C:\Program Files\GOMPlayer
2019-02-09 22:39 - 2018-11-22 15:33 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 17:06 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-02-07 16:42 - 2018-11-22 16:27 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-02-07 16:42 - 2018-11-22 16:27 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-02-07 16:42 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-07 16:41 - 2019-01-14 14:49 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-02-07 16:41 - 2019-01-05 07:11 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-02-07 16:41 - 2018-11-22 16:27 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-02-07 16:41 - 2018-11-22 16:27 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-02-02 23:53 - 2019-01-05 18:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 23:53 - 2019-01-05 18:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-02 00:01 - 2018-11-21 17:42 - 000000000 ____D C:\Users\gosse\AppData\Local\Packages
2019-01-30 19:32 - 2018-12-26 00:59 - 000000000 ____D C:\Users\gosse\Desktop\Waka Flocka Flame - I Can’t Rap Vol. 2 (DatPiff.com)
Some files in TEMP:
====================
2019-02-23 14:14 - 2019-02-23 14:15 - 041846888 _____ () C:\Users\gosse\AppData\Local\Temp\vlc-3.0.6-win64.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-11-22 15:08
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.02.2019 02
Ran by gosse (24-02-2019 15:06:54)
Running from C:\Users\gosse\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-11-22 14:28:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2104316510-2255408751-1019769746-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2104316510-2255408751-1019769746-503 - Limited - Disabled)
gosse (S-1-5-21-2104316510-2255408751-1019769746-1002 - Administrator - Enabled) => C:\Users\gosse
Guest (S-1-5-21-2104316510-2255408751-1019769746-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2104316510-2255408751-1019769746-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
BitTorrent (HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.37.5299 - GOM & Company)
Intel(R) Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1743.4.0.1217 - Intel Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft 1.12.2 + Titan Launcher 3.7.0 (HKLM-x32\...\Minecraft 1.12.2 + Titan Launcher 3.7.0 1.12.2) (Version: 1.12.2 - Mojang)
Opera Stable 58.0.3135.68 (HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\Opera 58.0.3135.68) (Version: 58.0.3135.68 - Opera Software)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {015B4193-F0D5-4DB3-A145-3A25CAC02A8C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\67017db8-078f-4f0b-9d24-7903d64d1b74 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {15DB5EB0-FC0F-4DF1-8BD3-27290DD8D781} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\system32\RtkAudUService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1F39A1CE-A781-4A3B-BB9C-E127FF604C25} - System32\Tasks\Opera scheduled Autoupdate 1542818868 => C:\Users\gosse\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {23E7A971-068D-403E-B6FE-9DDE17D2FE59} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\gosse\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {2705B5CA-A992-4181-B94A-179FC283F800} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {3BE22AEB-273B-4B3E-BD9A-43E6A32B32BC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {47EA2C8A-70A3-464A-A12B-D6415A1064BB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\TXE Components\iCLS\IntelPTTEKRecertification.exe (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {5DFC4683-F460-46F6-A324-F1A398ACB3FF} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\system32\RtkAudUService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6C95CB66-F52A-412A-93D2-B59684B4E482} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {7DBBAA49-C032-4D18-8C98-2FD80397C4F7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\288fefab-5fa3-4524-8119-e35c9b2676bc => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {A0F2C4E3-9B8E-4D23-92C9-555F91608189} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {A8EEDD32-0028-4834-A4C9-F43F07888967} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B2C929BA-D33B-4FA1-A7BE-87B6CB5D26E7} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {B6E853B8-2AC5-428E-9538-CF75DE15BEF4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C1EA309A-3ADC-4CDB-A3E6-180A1EB5EF60} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dd2d54b6-862a-43b6-abf3-b9932b2d038f => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {F8856340-1A43-4108-A0B6-632BE7C0E4F0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1eb27159-08c3-4ff3-9360-85c97c682584 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {F94A9A2A-FC4F-462C-817B-B458E558140E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-03-06 09:53 - 2018-09-27 19:36 - 000602544 _____ () C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe
2018-03-06 09:53 - 2018-09-27 19:36 - 000309680 _____ () C:\WINDOWS\system32\dolbyaposvc\TuningFileParser.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-01-03 18:59 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-02-16 07:07 - 2019-02-06 03:25 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-02-07 19:27 - 2019-02-07 19:28 - 028028416 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-02-07 19:27 - 2019-02-07 19:28 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-11-21 19:01 - 2018-11-21 19:02 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-01 09:32 - 2018-12-01 09:33 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-07 19:27 - 2019-02-07 19:28 - 006033408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-07 19:27 - 2019-02-07 19:28 - 009338368 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-05 07:10 - 2019-01-05 07:10 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-02-07 16:42 - 2019-02-07 16:42 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll
2019-02-07 16:42 - 2019-02-07 16:42 - 000654216 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-02-01 21:04 - 2019-02-01 21:05 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-11-21 19:26 - 2018-11-21 19:45 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-17 17:12 - 2019-01-17 17:13 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-02-01 21:04 - 2019-02-01 21:05 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-11-21 19:26 - 2018-11-21 19:45 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-11-21 19:26 - 2018-11-21 19:45 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-22 23:35 - 2019-02-22 23:35 - 000701016 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera_elf.dll
2019-02-22 23:35 - 2019-02-22 23:35 - 109944408 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\opera_browser.dll
2019-02-22 23:35 - 2019-02-22 23:34 - 005212760 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\libglesv2.dll
2019-02-22 23:35 - 2019-02-22 23:34 - 000117336 _____ () C:\Users\gosse\AppData\Local\Programs\Opera\58.0.3135.68\libegl.dll
2018-09-29 05:15 - 2018-09-29 05:15 - 000152104 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_adfc895a03788015\igdinfo64.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-01-04 22:41 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2104316510-2255408751-1019769746-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\gosse\Desktop\Pattaya_at_night_-_panoramio.jpg
DNS Servers: 91.103.164.5 - 91.103.164.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: wuauserv => 3
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B24BC641-EFFF-47C3-8129-A0B753B44260}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{134B8A5C-E4E8-4BBE-AEBD-69486E317BFF}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{0E4B9220-8A04-4047-83F5-8052BF4069EC}] => (Allow) C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4A981853-FBC4-4C6C-BB0D-DD15C4F56A45}] => (Allow) C:\Users\gosse\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5734DCA0-7D67-4740-964E-B70F5DDEC0D2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{899F0518-4975-4CF0-84D6-DA109C3DBCE6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C5DF4365-CF5C-438F-9108-8020DD88F26B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{5F78F13A-F05E-40B4-9C8E-46251072D018}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
13-02-2019 17:05:10 Naplánovaný kontrolní bod
21-02-2019 15:43:16 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/23/2019 03:31:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ufm.exe, verze: 2.7.1.1122, časové razítko: 0x5c34b500
Název chybujícího modulu: libeay32.dll_unloaded, verze: 1.0.2.16, časové razítko: 0x5ba26205
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000bad53
ID chybujícího procesu: 0x2514
Čas spuštění chybující aplikace: 0x01d4cb8454043053
Cesta k chybující aplikaci: C:\Program Files\Ulozto File Manager\ufm.exe
Cesta k chybujícímu modulu: libeay32.dll
ID zprávy: acaedeb0-2d12-4841-b280-5a477f39c44c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 03:30:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ufm.exe, verze: 2.7.1.1122, časové razítko: 0x5c34b500
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0x0eedfade
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0xf20
Čas spuštění chybující aplikace: 0x01d4cb76588216a7
Cesta k chybující aplikaci: C:\Program Files\Ulozto File Manager\ufm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 942e98d7-86ab-4c4d-9586-be91947dfff4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 02:50:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007a24d
ID chybujícího procesu: 0x22e4
Čas spuštění chybující aplikace: 0x01d4cb7a2c3b4781
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: bfad894b-3315-4789-b585-9f83ffb51ecf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 02:29:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RtkUWP.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 2270
Čas spuštění: 01d4cb7a5356f42c
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj\RtkUWP.exe
ID hlášení: cffe3be0-d158-4fe0-9c75-8d79a144e247
Úplný název balíčku s chybou: RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj
ID aplikace související s balíčkem s chybou: App
Error: (02/23/2019 02:17:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x27bc
Čas spuštění chybující aplikace: 0x01d4cb74eacd02d2
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 51aecf1b-4f03-46be-ab32-9faeea70ff49
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2019 01:25:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x1e64
Čas spuštění chybující aplikace: 0x01d4cb6f771b0f61
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 005cf525-f199-4d4a-a275-3d3ef7fcc3e2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/22/2019 10:38:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkUWP.exe, verze: 0.0.0.0, časové razítko: 0x5c4fe30c
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17134.137, časové razítko: 0xb5d50228
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000009cad5
ID chybujícího procesu: 0x210c
Čas spuštění chybující aplikace: 0x01d4ca9259fd5e06
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj\RtkUWP.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: 64e5f154-5cf0-413f-af3c-1251b5a365bb
Úplný název chybujícího balíčku: RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj
ID aplikace související s chybujícím balíčkem: App
Error: (02/18/2019 04:37:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkUWP.exe, verze: 0.0.0.0, časové razítko: 0x5c4fe30c
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17134.137, časové razítko: 0xb5d50228
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000009cad5
ID chybujícího procesu: 0x2fdc
Čas spuštění chybující aplikace: 0x01d4c79feaf87442
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj\RtkUWP.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: a42c8446-7c58-4767-9941-dec0968fdb87
Úplný název chybujícího balíčku: RealtekSemiconductorCorp.RealtekAudioControl_1.1.134.0_x64__dt26b99r8h8gj
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (02/24/2019 03:04:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/24/2019 03:04:22 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-BDPBB4VM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-BDPBB4VM\gosse (SID: S-1-5-21-2104316510-2255408751-1019769746-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/24/2019 03:03:50 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti PCI (0x10). Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error: (02/24/2019 01:49:04 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti PCI (0x10). Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error: (02/24/2019 01:34:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/24/2019 01:34:15 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-BDPBB4VM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-BDPBB4VM\gosse (SID: S-1-5-21-2104316510-2255408751-1019769746-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/24/2019 01:33:58 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: Systém ACPI BIOS se pokouší o zápis do neplatné provozní oblasti PCI (0x10). Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error: (02/24/2019 01:06:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) N4000 CPU @ 1.10GHz
Percentage of memory in use: 59%
Total physical RAM: 3918.57 MB
Available physical RAM: 1581.52 MB
Total Virtual: 4686.57 MB
Available Virtual: 2385.32 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:464.51 GB) (Free:282.74 GB) NTFS
\\?\Volume{05e8e859-b28d-4a2f-b602-39a2f2c2844e}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.58 GB) NTFS
\\?\Volume{33eac80b-25d8-4eea-aac4-09555b743362}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================
Re: Preventivka NTB
Otestujte na virustotal.com tento subor:C:\Windows\System32\FMService64.exe
Vysledok testu skopirujte sem.
Do poznamkoveho bloku skopirujte obsah dole:Kód: Vybrat vše
CloseProcesses:
CreateRestorePoint:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat [2018-01-07] ()
Task: {6C95CB66-F52A-412A-93D2-B59684B4E482} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B2C929BA-D33B-4FA1-A7BE-87B6CB5D26E7} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
MSCONFIG\Services: wuauserv => 3
EmptyTemp:
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Polska Pasha
- Vzorný návštěvník
- Příspěvky: 113
- Registrován: 29 čer 2014 09:06
Re: Preventivka NTB
Prosím vás kde to mám na tom virustotalu zkopírovat?
Re: Preventivka NTB
pokracujte tuna : https://www.virustotal.com/#/home/upload
z moznosti vyberte moznost choose file
z moznosti vyberte moznost choose file
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Polska Pasha
- Vzorný návštěvník
- Příspěvky: 113
- Registrován: 29 čer 2014 09:06
Re: Preventivka NTB
Basic Properties
MD5 7426509f9855878125127cecf7a09c56
SHA-1 75e9bc1c4fb079128503a0c207105759068ec386
Authentihash 3f742ff055df6cc27e2561442266779da2d156f24553bbd76c3c57bd3b8360da
Imphash a39f465a44799891c880b85064b6143b
File Type Win32 EXE
Magic PE32+ executable for MS Windows (console) Mono/.Net assembly
SSDeep 6144:u0uJnG4lZnCvm3twoPepXbIxVBw/9ZUglH0w0XohmzafrMAy1S:YXlZnCvYIpoHw/Ew6oLTr
TRiD Win64 Executable (generic) (82%)
OS/2 Executable (generic) (6%)
Generic Win/DOS Executable (5.9%)
DOS Executable Generic (5.9%)
File Size 279.94 KB
Tags
64bitspeexeassemblysignedoverlay
History
Creation Time 2018-02-26 08:26:37
First Seen In The Wild 2018-03-01 23:56:32
First Submission 2018-06-02 00:20:13
Last Submission 2018-06-02 00:20:13
Last Analysis 2018-07-27 09:56:33
Signature Date 2018-03-02 04:56:00
File Names
FMServic.exe
fmservice64.exe
FMService64.exe
.
Signature Info
Signature Verification
Signed file, valid signature
File Version Information
Copyright Copyright (C) 2018
Product Fortemedia APO Control Service
Description Fortemedia Service
Original Name FMServic.exe
Internal Name FMServic.exe
File Version 0.0.9.8
Date Signed 4:56 AM 3/2/2018
Signers
Microsoft Windows Hardware Compatibility Publisher
Microsoft Windows Third Party Component CA 2012
Microsoft Root Certificate Authority 2010
Counter Signers
Microsoft Time-Stamp Service
Microsoft Time-Stamp PCA 2010
Microsoft Root Certificate Authority 2010
Portable Executable Info
Header
Target Machine x64
Compilation Timestamp 2018-02-26 08:26:37
Entry Point 26284
Contained Sections 6
Sections
Name Virtual Address Virtual Size Raw Size Entropy MD5
.text 4096 160076 160256 6.48 a76284cf3b1683436896117cc843c5da
.rdata 167936 97272 97280 5.01 15f4147c0903f9e354455276f886b578
.data 266240 11580 5120 3.04 ac10d9cc8ccaf2948492ad727c28a051
.pdata 278528 9216 9216 5.41 d82444a216d94e9bbee7101804064cfc
.rsrc 290816 1304 1536 3.69 ca68d84347f6ea152263c11a13708c49
.reloc 294912 3388 3584 5.36 c056d4beb81a350d793e35545590bcaf
Imports
ADVAPI32.dll
RPCRT4.dll
WTSAPI32.dll
api-ms-win-core-com-l1-1-0.dll
api-ms-win-core-console-l1-1-0.dll
api-ms-win-core-debug-l1-1-0.dll
api-ms-win-core-errorhandling-l1-1-0.dll
api-ms-win-core-file-l1-1-0.dll
api-ms-win-core-handle-l1-1-0.dll
api-ms-win-core-heap-l1-1-0.dll
Contained Resources By Type
RT VERSION 1
RT MANIFEST 1
Contained Resources By Language
ENGLISH US 2
Contained Resources
SHA-256 File Type Type Language
b1dd5029e5cdfc105539577f34107424b48b9e4213886a6423e7f0361363e1cd data RT_VERSION ENGLISH US
4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df ASCII text RT_MANIFEST ENGLISH US
ExifTool File Metadata
CharacterSet Unicode
CodeSize 160256
CompanyName Fortemedia
EntryPoint 0x66ac
FileDescription Fortemedia Service
FileFlagsMask 0x003f
FileOS Windows NT 32-bit
FileSubtype 0
FileType Win64 EXE
FileTypeExtension exe
FileVersion 0.0.9.8
FileVersionNumber 0.0.9.8
ImageVersion 0.0
InitializedDataSize 123392
InternalName FMServic.exe
LanguageCode English (U.S.)
LegalCopyright Copyright (C) 2018
LinkerVersion 14.11
MIMEType application/octet-stream
MachineType AMD AMD64
OSVersion 6.0
ObjectFileType Executable application
OriginalFileName FMServic.exe
PEType PE32+
ProductName Fortemedia APO Control Service
ProductVersion 0.0.9.8
ProductVersionNumber 0.0.9.8
Subsystem Windows command line
SubsystemVersion 6.0
TimeStamp 2018:02:26 09:26:37+01:00
UninitializedDataSize 0
MD5 7426509f9855878125127cecf7a09c56
SHA-1 75e9bc1c4fb079128503a0c207105759068ec386
Authentihash 3f742ff055df6cc27e2561442266779da2d156f24553bbd76c3c57bd3b8360da
Imphash a39f465a44799891c880b85064b6143b
File Type Win32 EXE
Magic PE32+ executable for MS Windows (console) Mono/.Net assembly
SSDeep 6144:u0uJnG4lZnCvm3twoPepXbIxVBw/9ZUglH0w0XohmzafrMAy1S:YXlZnCvYIpoHw/Ew6oLTr
TRiD Win64 Executable (generic) (82%)
OS/2 Executable (generic) (6%)
Generic Win/DOS Executable (5.9%)
DOS Executable Generic (5.9%)
File Size 279.94 KB
Tags
64bitspeexeassemblysignedoverlay
History
Creation Time 2018-02-26 08:26:37
First Seen In The Wild 2018-03-01 23:56:32
First Submission 2018-06-02 00:20:13
Last Submission 2018-06-02 00:20:13
Last Analysis 2018-07-27 09:56:33
Signature Date 2018-03-02 04:56:00
File Names
FMServic.exe
fmservice64.exe
FMService64.exe
.
Signature Info
Signature Verification
Signed file, valid signature
File Version Information
Copyright Copyright (C) 2018
Product Fortemedia APO Control Service
Description Fortemedia Service
Original Name FMServic.exe
Internal Name FMServic.exe
File Version 0.0.9.8
Date Signed 4:56 AM 3/2/2018
Signers
Microsoft Windows Hardware Compatibility Publisher
Microsoft Windows Third Party Component CA 2012
Microsoft Root Certificate Authority 2010
Counter Signers
Microsoft Time-Stamp Service
Microsoft Time-Stamp PCA 2010
Microsoft Root Certificate Authority 2010
Portable Executable Info
Header
Target Machine x64
Compilation Timestamp 2018-02-26 08:26:37
Entry Point 26284
Contained Sections 6
Sections
Name Virtual Address Virtual Size Raw Size Entropy MD5
.text 4096 160076 160256 6.48 a76284cf3b1683436896117cc843c5da
.rdata 167936 97272 97280 5.01 15f4147c0903f9e354455276f886b578
.data 266240 11580 5120 3.04 ac10d9cc8ccaf2948492ad727c28a051
.pdata 278528 9216 9216 5.41 d82444a216d94e9bbee7101804064cfc
.rsrc 290816 1304 1536 3.69 ca68d84347f6ea152263c11a13708c49
.reloc 294912 3388 3584 5.36 c056d4beb81a350d793e35545590bcaf
Imports
ADVAPI32.dll
RPCRT4.dll
WTSAPI32.dll
api-ms-win-core-com-l1-1-0.dll
api-ms-win-core-console-l1-1-0.dll
api-ms-win-core-debug-l1-1-0.dll
api-ms-win-core-errorhandling-l1-1-0.dll
api-ms-win-core-file-l1-1-0.dll
api-ms-win-core-handle-l1-1-0.dll
api-ms-win-core-heap-l1-1-0.dll
Contained Resources By Type
RT VERSION 1
RT MANIFEST 1
Contained Resources By Language
ENGLISH US 2
Contained Resources
SHA-256 File Type Type Language
b1dd5029e5cdfc105539577f34107424b48b9e4213886a6423e7f0361363e1cd data RT_VERSION ENGLISH US
4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df ASCII text RT_MANIFEST ENGLISH US
ExifTool File Metadata
CharacterSet Unicode
CodeSize 160256
CompanyName Fortemedia
EntryPoint 0x66ac
FileDescription Fortemedia Service
FileFlagsMask 0x003f
FileOS Windows NT 32-bit
FileSubtype 0
FileType Win64 EXE
FileTypeExtension exe
FileVersion 0.0.9.8
FileVersionNumber 0.0.9.8
ImageVersion 0.0
InitializedDataSize 123392
InternalName FMServic.exe
LanguageCode English (U.S.)
LegalCopyright Copyright (C) 2018
LinkerVersion 14.11
MIMEType application/octet-stream
MachineType AMD AMD64
OSVersion 6.0
ObjectFileType Executable application
OriginalFileName FMServic.exe
PEType PE32+
ProductName Fortemedia APO Control Service
ProductVersion 0.0.9.8
ProductVersionNumber 0.0.9.8
Subsystem Windows command line
SubsystemVersion 6.0
TimeStamp 2018:02:26 09:26:37+01:00
UninitializedDataSize 0
-
Polska Pasha
- Vzorný návštěvník
- Příspěvky: 113
- Registrován: 29 čer 2014 09:06
Re: Preventivka NTB
log zde:
Fix result of Farbar Recovery Scan Tool (x64) Version: 28.02.2019 01
Ran by gosse (01-03-2019 15:06:43) Run:1
Running from C:\Users\gosse\Desktop
Loaded Profiles: gosse (Available Profiles: gosse)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat [2018-01-07] ()
Task: {6C95CB66-F52A-412A-93D2-B59684B4E482} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B2C929BA-D33B-4FA1-A7BE-87B6CB5D26E7} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
MSCONFIG\Services: wuauserv => 3
EmptyTemp:
*****************
Processes closed successfully.
Restore point was successfully created.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C95CB66-F52A-412A-93D2-B59684B4E482}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C95CB66-F52A-412A-93D2-B59684B4E482}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2C929BA-D33B-4FA1-A7BE-87B6CB5D26E7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2C929BA-D33B-4FA1-A7BE-87B6CB5D26E7}" => removed successfully
C:\WINDOWS\System32\Tasks\LenovoUtility Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LenovoUtility Task" => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wuauserv => removed successfully
HKLM\System\CurrentControlSet\Services\wuauserv => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 101820247 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 478760 B
Edge => 593326 B
Chrome => 0 B
Firefox => 0 B
Opera => 464718447 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 9924 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
gosse => 256077484 B
RecycleBin => 73749 B
EmptyTemp: => 793.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:07:50 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 28.02.2019 01
Ran by gosse (01-03-2019 15:06:43) Run:1
Running from C:\Users\gosse\Desktop
Loaded Profiles: gosse (Available Profiles: gosse)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat [2018-01-07] ()
Task: {6C95CB66-F52A-412A-93D2-B59684B4E482} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B2C929BA-D33B-4FA1-A7BE-87B6CB5D26E7} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
MSCONFIG\Services: wuauserv => 3
EmptyTemp:
*****************
Processes closed successfully.
Restore point was successfully created.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C95CB66-F52A-412A-93D2-B59684B4E482}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C95CB66-F52A-412A-93D2-B59684B4E482}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2C929BA-D33B-4FA1-A7BE-87B6CB5D26E7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2C929BA-D33B-4FA1-A7BE-87B6CB5D26E7}" => removed successfully
C:\WINDOWS\System32\Tasks\LenovoUtility Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LenovoUtility Task" => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wuauserv => removed successfully
HKLM\System\CurrentControlSet\Services\wuauserv => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 101820247 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 478760 B
Edge => 593326 B
Chrome => 0 B
Firefox => 0 B
Opera => 464718447 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 9924 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
gosse => 256077484 B
RecycleBin => 73749 B
EmptyTemp: => 793.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:07:50 ====
Re: Preventivka NTB
ako je na tom pocitac?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
-
Polska Pasha
- Vzorný návštěvník
- Příspěvky: 113
- Registrován: 29 čer 2014 09:06
Re: Preventivka NTB
Děkuji, pomohlo to. Stačí ty programy odinstalovat smazáním do koše?
-
Polska Pasha
- Vzorný návštěvník
- Příspěvky: 113
- Registrován: 29 čer 2014 09:06
Re: Preventivka NTB
Děkuji, pomohlo to. Stačí ty programy odinstalovat smazáním do koše?
Re: Preventivka NTB
Ano , staci.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Přispějete na provoz fóra?