Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Dobrý den, prosím o kontrolu logu RSIT

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatel
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2019 17:49

Dobrý den, prosím o kontrolu logu RSIT

#1 Příspěvek od Uživatel »

Dobrý den,

při poslechu radia Jazz zčernala obrazovka a ukázal se Bios, na třetí pokus jsem systém spustil. Prosím o preventivní prohlídku logu. Avast mi nic nehlásí.

Předem děkuji za váš čas, ochotu a práci.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Voldemort at 2019-03-02 18:00:52
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 233 GB (76%) free of 305 GB
Total RAM: 3959 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:00:53, on 2.3.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19267)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\Voldemort.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: Avast Cleanup Premium.lnk = C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files (x86)\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files (x86)\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Avast Cleanup Premium (CleanupPSvc) - AVAST Software - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Sierra Wireless QDL Service (GobiQDLService) - Sierra Wireless, Inc. - C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9584 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cb6ae401-af85-4646-bcc2-33bffbfb6b27 -SystemEventPortName:HostProcess-496eca25-37b1-4e23-b893-e8de0370d744 -IoCancelEventPortName:HostProcess-ac06e8b6-8f5e-457c-83b4-425adf67deb8 -NonStateChangingEventPortName:HostProcess-10902265-ab26-48c7-a8a1-0b1210c24c15 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9bd43c4f-3dcd-4294-8eda-80df001bea5e -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e8b39a84-f969-4b23-a392-4359a8a368c9 -SystemEventPortName:HostProcess-d752efde-2ddc-4a55-abce-4cbea70f8249 -IoCancelEventPortName:HostProcess-99136fc7-88fa-4758-9c08-43576bc6c52e -NonStateChangingEventPortName:HostProcess-3621baed-f74c-4519-9204-a34554012f44 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:95c07d4f-86c3-46e2-bac1-0a595a5930bf -DeviceGroupId:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=72.0.3626.119 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fee5805510,0x7fee5805520,0x7fee5805530
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4384 --on-initialized-event-handle=380 --parent-handle=384 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=18399506150450848244 --mojo-platform-channel-handle=1140 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=15602012350778400859 --mojo-platform-channel-handle=1428 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=2526183988688562978 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2526183988688562978 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2620 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=14464541977816069380 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14464541977816069380 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=572434901504115917 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=572434901504115917 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3844 /prefetch:1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=1262073422772086518 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1262073422772086518 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=1458671222874276583 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1458671222874276583 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2224 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=343748517785715030 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=343748517785715030 --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=2521579653841924972 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2521579653841924972 --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=616 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=15049920734457801260 --mojo-platform-channel-handle=2608 /prefetch:4
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Voldemort\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-02-20 211848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-02-20 952936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-02-20 669224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-01-26 382976]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2016-01-26 762880]
"Persistence"=C:\Windows\system32\igfxpers.exe [2016-01-26 761344]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-07 2816240]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-11-12 1664000]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-02-19 259976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [2015-11-16 430304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-02-19 259976]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Avast Cleanup Premium.lnk - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe

C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-08-20 622080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-03-02 17:51:08 ----D---- C:\Program Files\trend micro
2019-03-02 17:51:07 ----D---- C:\rsit
2019-03-02 13:41:37 ----A---- C:\Windows\system32\FNTCACHE.DAT
2019-02-20 11:12:16 ----D---- C:\ProgramData\Oracle
2019-02-19 10:27:04 ----A---- C:\Windows\system32\drivers\aswNetSec.sys
2019-02-19 10:26:26 ----A---- C:\Windows\system32\aswBoot.exe
2019-02-13 08:57:36 ----A---- C:\Windows\system32\mshtml.dll
2019-02-13 08:57:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-02-13 08:57:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-02-13 08:57:33 ----A---- C:\Windows\system32\ieframe.dll
2019-02-13 08:57:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-02-13 08:57:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-02-13 08:57:32 ----A---- C:\Windows\system32\wininet.dll
2019-02-13 08:57:32 ----A---- C:\Windows\system32\jscript9.dll
2019-02-13 08:57:31 ----A---- C:\Windows\system32\win32k.sys
2019-02-13 08:57:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-02-13 08:57:30 ----A---- C:\Windows\SYSWOW64\msi.dll
2019-02-13 08:57:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-02-13 08:57:30 ----A---- C:\Windows\system32\urlmon.dll
2019-02-13 08:57:30 ----A---- C:\Windows\system32\msi.dll
2019-02-13 08:57:29 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-02-13 08:57:29 ----A---- C:\Windows\system32\ucrtbase.dll
2019-02-13 08:57:29 ----A---- C:\Windows\system32\termsrv.dll
2019-02-13 08:57:29 ----A---- C:\Windows\system32\kernel32.dll
2019-02-13 08:57:29 ----A---- C:\Windows\system32\iertutil.dll
2019-02-13 08:57:28 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-02-13 08:57:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-02-13 08:57:28 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2019-02-13 08:57:28 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-02-13 08:57:28 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-02-13 08:57:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-02-13 08:57:28 ----A---- C:\Windows\system32\KernelBase.dll
2019-02-13 08:57:28 ----A---- C:\Windows\system32\itss.dll
2019-02-13 08:57:27 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2019-02-13 08:57:27 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-02-13 08:57:27 ----A---- C:\Windows\SYSWOW64\itss.dll
2019-02-13 08:57:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-02-13 08:57:27 ----A---- C:\Windows\system32\mf3216.dll
2019-02-13 08:57:27 ----A---- C:\Windows\system32\iedkcs32.dll
2019-02-13 08:57:27 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\drivers\hidparse.sys
2019-02-13 08:57:26 ----A---- C:\Windows\system32\consent.exe
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-02-13 08:57:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-02-13 08:57:25 ----A---- C:\Windows\system32\ntdll.dll
2019-02-13 08:57:25 ----A---- C:\Windows\system32\hal.dll
2019-02-13 08:57:24 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-02-13 08:57:24 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-02-13 08:57:24 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-02-13 08:57:24 ----A---- C:\Windows\system32\sscore.dll
2019-02-13 08:57:24 ----A---- C:\Windows\system32\srvsvc.dll
2019-02-13 08:57:24 ----A---- C:\Windows\system32\oleaut32.dll
2019-02-13 08:57:24 ----A---- C:\Windows\system32\jscript.dll
2019-02-13 08:57:24 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-02-13 08:57:24 ----A---- C:\Windows\system32\drivers\srv.sys
2019-02-13 08:57:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-02-13 08:57:24 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-02-13 08:57:24 ----A---- C:\Windows\system32\certcli.dll
2019-02-13 08:57:23 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2019-02-13 08:57:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\vbscript.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\ole32.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\msimg32.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\msfeeds.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\lsasrv.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\itircl.dll
2019-02-13 08:57:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-02-13 08:57:22 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-02-13 08:57:22 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-02-13 08:57:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-02-13 08:57:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-02-13 08:57:22 ----A---- C:\Windows\system32\rpcrt4.dll
2019-02-13 08:57:22 ----A---- C:\Windows\system32\ieui.dll
2019-02-13 08:57:22 ----A---- C:\Windows\system32\ieapfltr.dll
2019-02-13 08:57:22 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-02-13 08:57:22 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-02-13 08:57:22 ----A---- C:\Windows\system32\authui.dll
2019-02-13 08:57:21 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-02-13 08:57:21 ----A---- C:\Windows\system32\smss.exe
2019-02-13 08:57:21 ----A---- C:\Windows\system32\kerberos.dll
2019-02-13 08:57:20 ----A---- C:\Windows\system32\webcheck.dll
2019-02-13 08:57:20 ----A---- C:\Windows\system32\mshtmled.dll
2019-02-13 08:57:20 ----A---- C:\Windows\system32\dxtrans.dll
2019-02-13 08:57:19 ----A---- C:\Windows\system32\dxtmsft.dll
2019-02-13 08:57:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-02-13 08:57:18 ----A---- C:\Windows\system32\rpcss.dll
2019-02-13 08:57:18 ----A---- C:\Windows\system32\msrating.dll
2019-02-13 08:57:18 ----A---- C:\Windows\system32\msiexec.exe
2019-02-13 08:57:18 ----A---- C:\Windows\system32\jscript9diag.dll
2019-02-13 08:57:18 ----A---- C:\Windows\system32\advapi32.dll
2019-02-13 08:57:17 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-02-13 08:57:17 ----A---- C:\Windows\system32\schannel.dll
2019-02-13 08:57:17 ----A---- C:\Windows\system32\occache.dll
2019-02-13 08:57:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-02-13 08:57:17 ----A---- C:\Windows\system32\jsproxy.dll
2019-02-13 08:57:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-02-13 08:57:16 ----A---- C:\Windows\system32\drivers\hidclass.sys
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\wow64win.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\wow64.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\winsrv.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\wdigest.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\TSpkg.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\sspicli.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\srcore.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\rpchttp.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\ncrypt.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\msv1_0.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\msihnd.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\inseng.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\ieUnatt.exe
2019-02-13 08:57:15 ----A---- C:\Windows\system32\iesetup.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\ie4uinit.exe
2019-02-13 08:57:15 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-02-13 08:57:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-02-13 08:57:15 ----A---- C:\Windows\system32\conhost.exe
2019-02-13 08:57:15 ----A---- C:\Windows\system32\bcrypt.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\appinfo.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\appidapi.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-02-13 08:57:14 ----A---- C:\Windows\system32\sspisrv.dll
2019-02-13 08:57:14 ----A---- C:\Windows\system32\lsass.exe
2019-02-13 08:57:14 ----A---- C:\Windows\system32\iernonce.dll
2019-02-13 08:57:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-02-13 08:57:14 ----A---- C:\Windows\system32\drivers\processr.sys
2019-02-13 08:57:14 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-02-13 08:57:14 ----A---- C:\Windows\system32\drivers\appid.sys
2019-02-13 08:57:14 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-02-13 08:57:14 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-02-13 08:57:14 ----A---- C:\Windows\system32\csrsrv.dll
2019-02-13 08:57:14 ----A---- C:\Windows\system32\cryptbase.dll
2019-02-13 08:57:13 ----A---- C:\Windows\SYSWOW64\itircl.dll
2019-02-13 08:57:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-02-13 08:57:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-02-13 08:57:13 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-02-13 08:57:13 ----A---- C:\Windows\system32\wow64cpu.dll
2019-02-13 08:57:13 ----A---- C:\Windows\system32\srclient.dll
2019-02-13 08:57:13 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-02-13 08:57:13 ----A---- C:\Windows\system32\secur32.dll
2019-02-13 08:57:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-02-13 08:57:12 ----A---- C:\Windows\system32\rstrui.exe
2019-02-13 08:57:11 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-02-13 08:57:11 ----A---- C:\Windows\system32\drivers\hidusb.sys
2019-02-13 08:57:10 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-02-13 08:57:10 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-02-13 08:57:10 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-02-13 08:57:10 ----A---- C:\Windows\system32\ntvdm64.dll
2019-02-13 08:57:10 ----A---- C:\Windows\system32\credssp.dll
2019-02-13 08:57:10 ----A---- C:\Windows\system32\comcat.dll
2019-02-13 08:57:10 ----A---- C:\Windows\system32\auditpol.exe
2019-02-13 08:57:10 ----A---- C:\Windows\system32\appidsvc.dll
2019-02-13 08:57:10 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-02-13 08:57:09 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-02-13 08:57:09 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-02-13 08:57:09 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-02-13 08:57:09 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-02-13 08:57:08 ----A---- C:\Windows\SYSWOW64\user.exe
2019-02-13 08:57:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-02-13 08:57:08 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-02-13 08:57:08 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-02-13 08:57:08 ----A---- C:\Windows\system32\apisetschema.dll
2019-02-13 08:57:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-02-13 08:57:07 ----A---- C:\Windows\system32\adtschema.dll
2019-02-13 08:57:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-02-13 08:57:05 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-02-13 08:57:05 ----A---- C:\Windows\system32\msobjs.dll
2019-02-13 08:57:05 ----A---- C:\Windows\system32\msaudite.dll
2019-02-13 08:57:04 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-02-13 08:57:04 ----A---- C:\Windows\system32\oleres.dll
2019-02-13 08:57:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-02-13 08:56:59 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2019-02-13 08:56:59 ----A---- C:\Windows\system32\msimsg.dll
2019-02-04 20:11:31 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2019-02-04 20:11:31 ----A---- C:\Windows\system32\xactengine2_9.dll
2019-02-04 20:11:28 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2019-02-04 20:11:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2019-02-04 20:11:28 ----A---- C:\Windows\system32\d3dx10_35.dll
2019-02-04 20:11:28 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2019-02-04 20:11:16 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2019-02-04 20:11:16 ----A---- C:\Windows\system32\d3dx9_35.dll
2019-02-04 20:11:14 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2019-02-04 20:11:14 ----A---- C:\Windows\system32\xactengine2_8.dll
2019-02-04 20:11:09 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2019-02-04 20:11:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2019-02-04 20:11:09 ----A---- C:\Windows\system32\d3dx10_34.dll
2019-02-04 20:11:09 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2019-02-04 20:10:57 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2019-02-04 20:10:57 ----A---- C:\Windows\system32\d3dx9_34.dll
2019-02-04 20:10:56 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2019-02-04 20:10:56 ----A---- C:\Windows\system32\xinput1_3.dll
2019-02-04 20:10:55 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2019-02-04 20:10:55 ----A---- C:\Windows\system32\xactengine2_7.dll
2019-02-04 20:10:53 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2019-02-04 20:10:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2019-02-04 20:10:53 ----A---- C:\Windows\system32\d3dx10_33.dll
2019-02-04 20:10:53 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2019-02-04 20:10:46 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2019-02-04 20:10:46 ----A---- C:\Windows\system32\d3dx9_33.dll
2019-02-04 20:10:43 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2019-02-04 20:10:43 ----A---- C:\Windows\system32\xactengine2_6.dll
2019-02-04 20:10:42 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2019-02-04 20:10:42 ----A---- C:\Windows\system32\xactengine2_5.dll
2019-02-04 20:10:40 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2019-02-04 20:10:40 ----A---- C:\Windows\system32\d3dx10.dll
2019-02-04 20:10:30 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2019-02-04 20:10:30 ----A---- C:\Windows\system32\d3dx9_32.dll
2019-02-04 20:10:28 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2019-02-04 20:10:28 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2019-02-04 20:10:28 ----A---- C:\Windows\system32\xactengine2_4.dll
2019-02-04 20:10:28 ----A---- C:\Windows\system32\x3daudio1_1.dll
2019-02-04 20:10:21 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2019-02-04 20:10:21 ----A---- C:\Windows\system32\d3dx9_31.dll
2019-02-04 20:10:17 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2019-02-04 20:10:17 ----A---- C:\Windows\system32\xactengine2_3.dll
2019-02-04 20:10:16 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2019-02-04 20:10:16 ----A---- C:\Windows\system32\xinput1_2.dll
2019-02-04 20:10:15 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2019-02-04 20:10:15 ----A---- C:\Windows\system32\xactengine2_2.dll
2019-02-04 20:10:13 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2019-02-04 20:10:13 ----A---- C:\Windows\system32\xinput1_1.dll
2019-02-04 20:10:09 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2019-02-04 20:10:09 ----A---- C:\Windows\system32\xactengine2_1.dll
2019-02-04 20:09:42 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2019-02-04 20:09:42 ----A---- C:\Windows\system32\d3dx9_30.dll
2019-02-04 20:09:29 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2019-02-04 20:09:29 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2019-02-04 20:09:29 ----A---- C:\Windows\system32\xactengine2_0.dll
2019-02-04 20:09:29 ----A---- C:\Windows\system32\x3daudio1_0.dll
2019-02-04 20:09:21 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2019-02-04 20:09:21 ----A---- C:\Windows\system32\d3dx9_29.dll
2019-02-04 20:09:08 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2019-02-04 20:09:08 ----A---- C:\Windows\system32\d3dx9_28.dll
2019-02-04 20:09:00 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2019-02-04 20:09:00 ----A---- C:\Windows\system32\d3dx9_27.dll
2019-02-04 20:08:35 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2019-02-04 20:08:35 ----A---- C:\Windows\system32\d3dx9_26.dll
2019-02-04 20:08:17 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2019-02-04 20:08:17 ----A---- C:\Windows\system32\d3dx9_25.dll
2019-02-04 20:08:05 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2019-02-04 20:08:05 ----A---- C:\Windows\system32\d3dx9_24.dll
2019-02-03 11:23:21 ----D---- C:\Program Files (x86)\Cinemax

======List of files/folders modified in the last 1 month======

2019-03-02 17:57:06 ----D---- C:\Windows\Temp
2019-03-02 17:51:14 ----D---- C:\Windows\Prefetch
2019-03-02 17:51:08 ----RD---- C:\Program Files
2019-03-02 17:47:32 ----D---- C:\Windows\System32
2019-03-02 17:47:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-03-02 17:47:31 ----D---- C:\Windows\inf
2019-03-02 16:05:10 ----D---- C:\Windows\system32\config
2019-03-02 13:42:02 ----D---- C:\Windows
2019-03-02 13:41:53 ----D---- C:\Windows\debug
2019-03-02 11:24:15 ----D---- C:\Hry
2019-03-02 11:23:01 ----D---- C:\Users\Voldemort\AppData\Roaming\uTorrent
2019-03-02 11:20:35 ----D---- C:\Users\Voldemort\AppData\Roaming\DAEMON Tools Lite
2019-03-01 12:40:57 ----SHD---- C:\System Volume Information
2019-03-01 10:24:30 ----D---- C:\Windows\system32\Tasks
2019-02-25 18:08:10 ----SD---- C:\Users\Voldemort\AppData\Roaming\Microsoft
2019-02-23 11:50:03 ----SHD---- C:\Windows\Installer
2019-02-23 11:49:39 ----D---- C:\Windows\SysWOW64
2019-02-20 21:19:57 ----D---- C:\Windows\Microsoft.NET
2019-02-20 21:07:32 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-02-20 21:03:02 ----D---- C:\Program Files (x86)\Microsoft Office
2019-02-20 20:45:29 ----D---- C:\Windows\system32\catroot2
2019-02-20 11:12:16 ----HD---- C:\ProgramData
2019-02-20 11:02:14 ----D---- C:\Windows\winsxs
2019-02-20 11:02:12 ----D---- C:\Windows\system32\drivers
2019-02-14 15:30:09 ----D---- C:\Windows\rescache
2019-02-14 12:47:03 ----RSD---- C:\Windows\assembly
2019-02-14 08:55:45 ----D---- C:\Program Files\Internet Explorer
2019-02-14 08:55:40 ----D---- C:\Program Files (x86)\Internet Explorer
2019-02-14 08:55:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2019-02-14 08:55:37 ----D---- C:\Windows\SYSWOW64\en-US
2019-02-14 08:55:26 ----D---- C:\Windows\system32\drivers\en-US
2019-02-14 08:55:26 ----D---- C:\Windows\system32\cs-CZ
2019-02-14 08:55:24 ----D---- C:\Windows\system32\en-US
2019-02-14 08:55:00 ----D---- C:\Windows\AppPatch
2019-02-14 08:54:55 ----D---- C:\Windows\system32\Boot
2019-02-14 08:54:34 ----D---- C:\Windows\system32\DriverStore
2019-02-14 00:58:35 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2019-02-13 09:01:00 ----D---- C:\Windows\system32\MRT
2019-02-13 08:53:52 ----AC---- C:\Windows\system32\MRT.exe
2019-02-04 21:23:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2019-02-03 18:57:55 ----D---- C:\GOG Games
2019-02-03 11:23:21 ----RD---- C:\Program Files (x86)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-02-19 196072]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblog.sys [2019-02-19 320696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-02-19 57960]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-02-19 87944]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-02-19 379952]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-09-07 31040]
R0 IaNVMeF;IaNVMeF; C:\Windows\system32\drivers\IaNVMeF.sys [2016-01-26 27120]
R0 IaRNVMeF;IaRNVMeF; C:\Windows\system32\drivers\IaRNVMeF.sys [2016-01-22 36888]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2016-03-17 23536]
R0 nvmeF;nvmeF; C:\Windows\system32\drivers\nvmeF.sys [2015-12-16 30776]
R0 ocztrimfilter;SSD Device Filter; C:\Windows\system32\drivers\ocztrimfilter.sys [2016-04-06 29056]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-02-19 205400]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-02-19 225680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-02-19 42288]
R1 aswNetSec;aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [2019-02-19 519872]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-02-19 112312]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-02-19 1034432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-02-19 474456]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 516096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2018-11-09 283200]
R1 HWiNFO;HWiNFO Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2018-11-24 55960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-17 60416]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-02-19 167304]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-02-19 216784]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-09-07 43328]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2018-09-30 38152]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-06-15 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2016-08-17 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2016-08-17 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-06-15 360624]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-08-20 4165120]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-10-14 454416]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2016-03-17 396784]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2016-03-17 806896]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2013-04-26 176880]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NETwNs64;___ Ovladaè adaptéru øady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-15 11471872]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-11-12 543744]
R3 swg3kmbb02;Sierra Wireless QMI USB-NDIS 6.20 miniport for HP; C:\Windows\system32\DRIVERS\swg3kmbb02.sys [2012-04-13 458240]
R3 swg3knmea02;Sierra Wireless QMI NMEA Communication - HP; C:\Windows\system32\DRIVERS\swg3knmea02.sys [2012-04-13 259584]
R3 swg3kser02;Sierra Wireless QMI USB Device for Legacy Serial Communication - HP; C:\Windows\system32\DRIVERS\swg3kser02.sys [2012-04-13 259584]
R3 swibus02;Sierra Wireless Bus Enumerator 02; C:\Windows\system32\DRIVERS\swibus02.sys [2012-04-13 79360]
R3 swibusflt02;Sierra Wireless Bus Enumerator Filter 02; C:\Windows\system32\DRIVERS\swibusflt02.sys [2012-04-13 79360]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-07 555760]
R3 Tpm;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-08-17 147688]
S3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\drivers\amdhub30.sys [2016-01-14 108768]
S3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\amdxhc.sys [2016-01-14 229088]
S3 asmthub3;ASMedia USB3.1 Hub Service; C:\Windows\system32\drivers\asmthub3.sys [2016-04-14 150272]
S3 asmtxhci;ASMedia XHCI Service; C:\Windows\system32\drivers\asmtxhci.sys [2016-04-14 453880]
S3 ausb3hub;Ovladač rozbočovače Intel(R) USB 3.1; C:\Windows\system32\drivers\ausb3hub.sys [2016-04-12 403520]
S3 ausb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.1; C:\Windows\system32\drivers\ausb3xhc.sys [2016-04-12 816712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2016-08-17 552448]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2018-09-18 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2018-09-18 47672]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2014-02-12 65408]
S3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver; C:\Windows\System32\Drivers\EtronSTOR.sys [2014-02-12 39296]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2014-02-12 94208]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\drivers\FLxHCIc.sys [2015-07-30 252536]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\drivers\FLxHCIh.sys [2015-07-30 77944]
S3 IaNVMe;IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [2016-01-26 101872]
S3 IaRNVMe;IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [2016-01-22 592408]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2011-04-04 20480]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2012-08-27 107912]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2012-08-27 226696]
S3 nvme;nvme; C:\Windows\system32\drivers\nvme.sys [2015-12-16 83784]
S3 ocznvme;ocznvme; C:\Windows\system32\drivers\ocznvme.sys [2016-04-06 99584]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2016-08-17 12520]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2016-08-17 166400]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2016-08-17 19456]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0); C:\Windows\system32\drivers\rusb3hub.sys [2012-08-27 114568]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0); C:\Windows\system32\drivers\rusb3xhc.sys [2012-08-27 230280]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SMARTMouseFilterx64;HID-compliant mouse; C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys [2018-06-01 18952]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device; C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [2018-06-01 28168]
S3 stornvme;stornvme; C:\Windows\system32\drivers\stornvme.sys [2016-08-17 50408]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2016-08-17 29696]
S3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2016-05-12 145904]
S3 tilfilter;TI xHCI Lower Filter Driver Service; C:\Windows\system32\drivers\TIxHCIlfilter.sys [2015-02-11 17672]
S3 tiufilter;TI xHCI Upper Filter Driver Service; C:\Windows\system32\drivers\TIxHCIufilter.sys [2015-02-11 23304]
S3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2016-05-12 422392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2016-08-17 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2016-08-17 29696]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2016-08-17 199400]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 VUSB3HUB;VIA USB 3 Root Hub Service; C:\Windows\system32\drivers\ViaHub3.sys [2014-10-31 227840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-02-19 357304]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2019-02-19 369264]
R2 CleanupPSvc;Avast Cleanup Premium; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [2019-01-17 9874528]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2016-08-17 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2016-08-17 27136]
R2 GobiQDLService;Sierra Wireless QDL Service; C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe [2011-11-25 312688]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-11 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-09-07 33600]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-02-19 6758976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-07-14 107192]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-07-14 128696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-17 153168]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2016-08-17 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-01-26 270848]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\elevation_service.exe [2019-02-20 1271280]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-17 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-01-26 116224]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2019-01-28 223216]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-07-04 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2016-08-17 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2016-08-17 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2016-08-17 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-08-17 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-14 52920]
S4 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-02-11 11135560]
S4 HP Hotkey Service;HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [2015-11-16 782048]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-12-16 92216]
S4 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-10-19 1102560]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-11-12 327680]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o kontrolu logu RSIT

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatel
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2019 17:49

Re: Dobrý den, prosím o kontrolu logu RSIT

#3 Příspěvek od Uživatel »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-04-2019
# Duration: 00:00:04
# OS: Windows 7 Professional
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1727 octets] - [04/03/2019 10:05:35]
AdwCleaner[S01].txt - [1788 octets] - [04/03/2019 10:06:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o kontrolu logu RSIT

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva nove logy z FRST podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatel
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2019 17:49

Re: Dobrý den, prosím o kontrolu logu RSIT

#5 Příspěvek od Uživatel »

Dobré odpoledne,

zde FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by Voldemort (administrator) on Voldemort-PC (05-03-2019 16:21:09)
Running from C:\Users\Voldemort\Desktop
Loaded Profiles: Voldemort (Available Profiles: Voldemort)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Intel Corporation) [File not signed] C:\Windows\System32\igfxtray.exe
(Intel Corporation) [File not signed] C:\Windows\System32\hkcmd.exe
(Intel Corporation) [File not signed] C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) [File not signed] C:\Windows\System32\igfxpers.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Sierra Wireless Inc. -> Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [382976 2016-01-26] (Intel Corporation) [File not signed]
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [762880 2016-01-26] (Intel Corporation) [File not signed]
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [761344 2016-01-26] (Intel Corporation) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-04-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [430304 2015-11-16] (Hewlett-Packard -> HP)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (Disc Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\MountPoints2: {470bdfdd-fba3-11e8-9a81-f4b7e2dda5c1} - F:\SISetup.exe
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-26] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.92\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-09-30]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2019-02-03]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{888E9D26-05B4-4113-908C-93C93975564C}: [DhcpNameServer] 192.168.135.1 8.8.8.8
Tcpip\..\Interfaces\{A9FA56BB-5AA0-4CD3-83BF-C0FDDF35F29C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1912340780-4118999615-3692102144-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default [2019-03-05]
CHR Extension: (Prezentace) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-17]
CHR Extension: (Dokumenty) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-17]
CHR Extension: (Disk Google) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-17]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Tabulky) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-17]
CHR Extension: (AdBlock) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-17]
CHR Extension: (Gmail) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-17]
CHR Extension: (Chrome Media Router) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [369264 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9874528 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11135560 2019-02-11] (Microsoft Corporation -> Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [270848 2016-01-26] (Intel Corporation) [File not signed]
R2 GobiQDLService; C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe [312688 2011-11-25] (Sierra Wireless Inc. -> Sierra Wireless, Inc.)
S4 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [782048 2015-11-16] (Hewlett-Packard -> HP)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126520 2011-05-11] (Hewlett-Packard Company -> HP)
S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-08-17] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43328 2012-09-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
S3 amdhub30; C:\Windows\system32\drivers\amdhub30.sys [108768 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdxhc; C:\Windows\system32\drivers\amdxhc.sys [229088 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225680 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196072 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320696 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57960 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167304 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2018-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [519872 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034432 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474456 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216784 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [379952 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
S3 ausb3hub; C:\Windows\system32\drivers\ausb3hub.sys [403520 2016-04-12] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
S3 ausb3xhc; C:\Windows\system32\drivers\ausb3xhc.sys [816712 2016-04-12] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-06-15] (Broadcom Corporation -> Broadcom Corporation.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-09-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-09-18] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2018-11-09] (DT Soft Ltd -> DT Soft Ltd)
S3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77944 2015-07-30] (Fresco Logic Inc -> Fresco Logic)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-11-24] (Martin Malik - REALiX -> REALiX(tm))
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [101872 2016-01-26] (Intel(R) NVMe Windows Driver -> Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [27120 2016-01-26] (Intel(R) NVMe Windows Driver -> Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [4165120 2013-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2011-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11471872 2012-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 nvme; C:\Windows\system32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
R0 nvmeF; C:\Windows\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99584 2016-04-06] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29056 2016-04-06] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [18952 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [28168 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [543744 2012-11-12] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 swg3kmbb02; C:\Windows\System32\DRIVERS\swg3kmbb02.sys [458240 2012-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Incorporated)
R3 swg3knmea02; C:\Windows\System32\DRIVERS\swg3knmea02.sys [259584 2012-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Incorporated)
R3 swg3kser02; C:\Windows\System32\DRIVERS\swg3kser02.sys [259584 2012-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Incorporated)
R3 swibus02; C:\Windows\System32\DRIVERS\swibus02.sys [79360 2012-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Inc.)
R3 swibusflt02; C:\Windows\System32\DRIVERS\swibusflt02.sys [79360 2012-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Inc.)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [227840 2014-10-31] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [305664 2014-10-31] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-05 16:12 - 2019-03-05 16:22 - 000020567 _____ C:\Users\Voldemort\Desktop\FRST.txt
2019-03-05 16:12 - 2019-03-05 16:21 - 000000000 ____D C:\FRST
2019-03-05 16:10 - 2019-03-05 16:11 - 002434560 _____ (Farbar) C:\Users\Voldemort\Desktop\FRST64.exe
2019-03-05 16:08 - 2019-03-05 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-03-04 15:52 - 2019-03-01 10:40 - 000000000 ____D C:\Users\Voldemort\Desktop\Mark Manson - Důmyslné umění, jak mít všechno u prdele
2019-03-04 10:05 - 2019-03-04 10:07 - 000000000 ____D C:\AdwCleaner
2019-03-04 10:02 - 2019-03-04 10:02 - 007316688 _____ (Malwarebytes) C:\Users\Voldemort\Desktop\adwcleaner_7.2.7.0.exe
2019-03-02 17:51 - 2019-03-02 18:00 - 000000000 ____D C:\Program Files\trend micro
2019-03-02 17:51 - 2019-03-02 17:51 - 000000000 ____D C:\rsit
2019-03-02 17:46 - 2019-03-02 17:46 - 001222144 _____ C:\Users\Voldemort\Desktop\RSITx64.exe
2019-03-02 13:41 - 2019-03-02 13:42 - 000456280 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-24 10:34 - 2019-02-24 10:34 - 001547197 _____ C:\Users\Voldemort\Downloads\Darknet-fikce-ci-realita-anonymity-skrytych-sluzeb-Tor-a-systemu-bitcoin.pdf
2019-02-20 11:12 - 2019-02-20 11:12 - 000001104 _____ C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chess 2020.lnk
2019-02-20 11:12 - 2019-02-20 11:12 - 000001096 _____ C:\Users\Voldemort\Desktop\Chess 2020.lnk
2019-02-20 11:12 - 2019-02-20 11:12 - 000000000 ____D C:\ProgramData\Oracle
2019-02-20 11:11 - 2019-02-20 11:13 - 000000000 ____D C:\Users\Voldemort\AppData\Local\Chess 2020
2019-02-19 10:27 - 2019-02-19 10:27 - 000519872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-02-19 10:26 - 2019-02-19 10:24 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-02-13 23:10 - 2019-03-05 16:08 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-02-13 08:57 - 2019-01-27 16:23 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-02-13 08:57 - 2019-01-27 15:32 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-02-13 08:57 - 2019-01-26 02:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-13 08:57 - 2019-01-26 01:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-02-13 08:57 - 2019-01-26 01:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-02-13 08:57 - 2019-01-26 01:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-13 08:57 - 2019-01-26 01:37 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-02-13 08:57 - 2019-01-26 01:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-02-13 08:57 - 2019-01-26 01:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-02-13 08:57 - 2019-01-26 01:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-02-13 08:57 - 2019-01-26 01:35 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-02-13 08:57 - 2019-01-26 01:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-13 08:57 - 2019-01-26 01:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-02-13 08:57 - 2019-01-26 01:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-02-13 08:57 - 2019-01-26 01:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-13 08:57 - 2019-01-26 01:25 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-02-13 08:57 - 2019-01-26 01:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-02-13 08:57 - 2019-01-26 01:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-02-13 08:57 - 2019-01-26 01:24 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-02-13 08:57 - 2019-01-26 01:24 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-02-13 08:57 - 2019-01-26 01:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-02-13 08:57 - 2019-01-26 01:17 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-02-13 08:57 - 2019-01-26 01:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-02-13 08:57 - 2019-01-26 01:07 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-02-13 08:57 - 2019-01-26 01:07 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-02-13 08:57 - 2019-01-26 01:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-02-13 08:57 - 2019-01-26 01:06 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-02-13 08:57 - 2019-01-26 01:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-02-13 08:57 - 2019-01-26 01:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-02-13 08:57 - 2019-01-26 01:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-02-13 08:57 - 2019-01-26 01:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-02-13 08:57 - 2019-01-26 01:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-13 08:57 - 2019-01-26 01:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-02-13 08:57 - 2019-01-26 01:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-02-13 08:57 - 2019-01-26 01:01 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-02-13 08:57 - 2019-01-26 01:00 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-02-13 08:57 - 2019-01-26 00:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-02-13 08:57 - 2019-01-26 00:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-02-13 08:57 - 2019-01-26 00:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-02-13 08:57 - 2019-01-26 00:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-02-13 08:57 - 2019-01-26 00:56 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-02-13 08:57 - 2019-01-26 00:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-02-13 08:57 - 2019-01-26 00:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-02-13 08:57 - 2019-01-26 00:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-02-13 08:57 - 2019-01-26 00:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-02-13 08:57 - 2019-01-26 00:48 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-02-13 08:57 - 2019-01-26 00:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-02-13 08:57 - 2019-01-26 00:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-02-13 08:57 - 2019-01-26 00:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-02-13 08:57 - 2019-01-26 00:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-02-13 08:57 - 2019-01-26 00:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-02-13 08:57 - 2019-01-26 00:43 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-02-13 08:57 - 2019-01-26 00:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-02-13 08:57 - 2019-01-26 00:40 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-02-13 08:57 - 2019-01-26 00:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-02-13 08:57 - 2019-01-26 00:37 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-02-13 08:57 - 2019-01-26 00:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-13 08:57 - 2019-01-26 00:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-13 08:57 - 2019-01-26 00:32 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-02-13 08:57 - 2019-01-26 00:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-02-13 08:57 - 2019-01-26 00:30 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-02-13 08:57 - 2019-01-26 00:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-02-13 08:57 - 2019-01-26 00:29 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-02-13 08:57 - 2019-01-26 00:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-02-13 08:57 - 2019-01-26 00:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-02-13 08:57 - 2019-01-26 00:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-13 08:57 - 2019-01-26 00:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-02-13 08:57 - 2019-01-26 00:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-02-13 08:57 - 2019-01-15 08:06 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-02-13 08:57 - 2019-01-15 08:06 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-02-13 08:57 - 2019-01-15 08:03 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-02-13 08:57 - 2019-01-15 08:02 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-02-13 08:57 - 2019-01-15 08:02 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-02-13 08:57 - 2019-01-15 08:02 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-02-13 08:57 - 2019-01-15 08:02 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-02-13 08:57 - 2019-01-15 08:02 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-02-13 08:57 - 2019-01-15 07:51 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-02-13 08:57 - 2019-01-15 07:51 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-02-13 08:57 - 2019-01-15 07:38 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-02-13 08:57 - 2019-01-15 07:33 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-02-13 08:57 - 2019-01-15 07:32 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-02-13 08:57 - 2019-01-15 07:32 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-02-13 08:57 - 2019-01-15 07:32 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-02-13 08:57 - 2019-01-15 07:31 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-02-13 08:57 - 2019-01-15 07:29 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-02-13 08:57 - 2019-01-12 04:08 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-13 08:57 - 2019-01-12 04:08 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-02-13 08:57 - 2019-01-12 03:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-13 08:57 - 2019-01-12 03:55 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-02-13 08:57 - 2019-01-12 03:36 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-13 08:57 - 2019-01-12 03:36 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-13 08:57 - 2019-01-12 03:36 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-13 08:57 - 2019-01-09 04:10 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-02-13 08:57 - 2019-01-09 04:09 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-13 08:57 - 2019-01-09 04:09 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-02-13 08:57 - 2019-01-09 04:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-02-13 08:57 - 2019-01-09 04:08 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-02-13 08:57 - 2019-01-09 03:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-02-13 08:57 - 2019-01-09 03:57 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:45 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-02-13 08:57 - 2019-01-09 03:45 - 000033408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-13 08:57 - 2019-01-09 03:45 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-02-13 08:57 - 2019-01-09 03:41 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-02-13 08:57 - 2019-01-09 03:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-02-13 08:57 - 2019-01-09 03:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-02-13 08:57 - 2019-01-09 03:38 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-02-13 08:57 - 2019-01-09 03:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-02-13 08:57 - 2019-01-09 03:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-02-13 08:57 - 2019-01-09 03:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-02-13 08:57 - 2019-01-09 03:35 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-02-13 08:57 - 2019-01-09 03:35 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-13 08:57 - 2019-01-09 03:35 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-13 08:57 - 2019-01-09 03:34 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-02-13 08:57 - 2019-01-09 03:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-02-13 08:57 - 2019-01-09 03:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-02-13 08:57 - 2019-01-09 03:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-02-13 08:57 - 2019-01-09 03:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-02-13 08:57 - 2019-01-09 03:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-02-13 08:57 - 2019-01-09 03:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-02-13 08:57 - 2019-01-09 03:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-02-13 08:57 - 2019-01-09 03:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-02-13 08:57 - 2019-01-09 03:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-02-13 08:57 - 2019-01-07 18:19 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-13 08:57 - 2019-01-01 17:08 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-02-13 08:57 - 2019-01-01 17:05 - 003247104 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-13 08:57 - 2019-01-01 17:05 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-02-13 08:57 - 2019-01-01 17:04 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-02-13 08:57 - 2019-01-01 17:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-02-13 08:57 - 2019-01-01 16:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-13 08:57 - 2019-01-01 16:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-02-13 08:57 - 2019-01-01 16:57 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-02-13 08:57 - 2019-01-01 16:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-02-13 08:57 - 2019-01-01 16:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-02-13 08:57 - 2018-12-28 20:59 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-02-13 08:57 - 2018-12-28 20:59 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-02-13 08:57 - 2018-12-28 20:59 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-02-13 08:57 - 2018-12-28 20:59 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-02-13 08:57 - 2018-12-28 20:59 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-02-13 08:57 - 2018-12-28 20:48 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-02-13 08:57 - 2018-12-28 20:48 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-02-13 08:57 - 2018-12-28 20:48 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-02-13 08:57 - 2018-12-28 20:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-02-13 08:57 - 2018-12-04 17:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2019-02-13 08:57 - 2018-12-04 17:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-02-13 08:57 - 2018-12-04 16:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2019-02-13 08:57 - 2018-12-04 16:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-13 08:57 - 2018-12-02 17:06 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000918408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000066000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000063936 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000021968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000017872 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000017856 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000017360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000016336 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000015824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000015808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000014312 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000014272 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000013768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000013264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012736 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-02-13 08:56 - 2019-01-01 17:05 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-02-13 08:56 - 2019-01-01 16:58 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-02-05 22:36 - 2016-08-22 17:57 - 001276928 _____ (MGApps) C:\Users\Voldemort\Desktop\Automatické vypnutie PC.exe
2019-02-04 20:11 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2019-02-04 20:11 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2019-02-04 20:11 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2019-02-04 20:11 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2019-02-04 20:11 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2019-02-04 20:11 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2019-02-04 20:11 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2019-02-04 20:11 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2019-02-04 20:10 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2019-02-04 20:10 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2019-02-04 20:10 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2019-02-04 20:10 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2019-02-04 20:10 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-02-04 20:10 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2019-02-04 20:10 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2019-02-04 20:10 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2019-02-04 20:10 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2019-02-04 20:10 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2019-02-04 20:10 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2019-02-04 20:10 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2019-02-04 20:10 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2019-02-04 20:10 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2019-02-04 20:10 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2019-02-04 20:10 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2019-02-04 20:10 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2019-02-04 20:10 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2019-02-04 20:10 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2019-02-04 20:10 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2019-02-04 20:10 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2019-02-04 20:10 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2019-02-04 20:10 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2019-02-04 20:10 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2019-02-04 20:10 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2019-02-04 20:10 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2019-02-04 20:10 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2019-02-04 20:10 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2019-02-04 20:10 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2019-02-04 20:10 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2019-02-04 20:10 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2019-02-04 20:10 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2019-02-04 20:10 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2019-02-04 20:10 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2019-02-04 20:10 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2019-02-04 20:10 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2019-02-04 20:09 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2019-02-04 20:09 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-02-04 20:09 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2019-02-04 20:09 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2019-02-04 20:09 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2019-02-04 20:09 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2019-02-04 20:09 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2019-02-04 20:09 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2019-02-04 20:09 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2019-02-04 20:09 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-02-04 20:09 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2019-02-04 20:09 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2019-02-04 20:08 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2019-02-04 20:08 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2019-02-04 20:08 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2019-02-04 20:08 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2019-02-04 20:08 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2019-02-04 20:08 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2019-02-03 18:47 - 2019-02-03 18:47 - 000000031 _____ C:\Windows\progress
2019-02-03 11:29 - 2019-02-20 23:18 - 000000000 ____D C:\Users\Voldemort\Documents\Inquisitor_SaveGames
2019-02-03 11:24 - 2019-02-03 11:24 - 000002168 _____ C:\Users\Voldemort\Desktop\Inquisitor.lnk
2019-02-03 11:24 - 2019-02-03 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinemax
2019-02-03 11:23 - 2019-02-03 11:23 - 000000000 ____D C:\Program Files (x86)\Cinemax
2019-02-03 10:17 - 2019-02-03 10:17 - 000001064 _____ C:\Users\Voldemort\Desktop\Frozen Throne – zástupce.lnk
2019-02-03 10:17 - 2019-02-03 10:17 - 000001059 _____ C:\Users\Voldemort\Desktop\Warcraft III – zástupce.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-05 16:10 - 2018-10-19 13:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-05 16:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-03-05 11:32 - 2009-07-14 05:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-05 11:32 - 2009-07-14 05:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-05 11:26 - 2019-01-13 12:56 - 000003176 _____ C:\Windows\System32\Tasks\{A7AC877B-2182-45CD-A969-BDB5EF46B64E}
2019-03-05 11:26 - 2018-10-19 14:05 - 000003190 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1912340780-4118999615-3692102144-1001
2019-03-05 11:26 - 2018-10-13 23:06 - 000003118 _____ C:\Windows\System32\Tasks\{16417147-0F49-4E56-BA02-FB9A27DB04BE}
2019-03-05 11:26 - 2018-09-17 18:32 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-05 11:26 - 2018-09-17 18:32 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-05 11:26 - 2018-09-17 18:30 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-03-05 09:20 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-04 22:07 - 2018-09-25 20:27 - 000000000 ____D C:\Users\Voldemort\AppData\Roaming\vlc
2019-03-04 09:51 - 2018-09-17 18:30 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-03 19:49 - 2018-09-18 09:35 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-03-02 17:47 - 2016-08-17 16:58 - 001518372 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-02 17:47 - 2011-04-12 09:34 - 000646252 _____ C:\Windows\system32\perfh005.dat
2019-03-02 17:47 - 2011-04-12 09:34 - 000131362 _____ C:\Windows\system32\perfc005.dat
2019-03-02 11:24 - 2018-09-17 20:24 - 000000000 ____D C:\Hry
2019-03-02 11:23 - 2019-02-02 13:41 - 000000000 ____D C:\Users\Voldemort\AppData\Roaming\uTorrent
2019-03-02 11:20 - 2018-09-18 10:27 - 000000000 ____D C:\Users\Voldemort\AppData\Roaming\DAEMON Tools Lite
2019-03-01 17:43 - 2019-01-13 17:49 - 000000000 ____D C:\Users\Voldemort\Documents\Ascaron Entertainment
2019-03-01 10:24 - 2018-10-19 13:39 - 000002174 _____ C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-03-01 10:24 - 2018-10-19 13:39 - 000000000 ___RD C:\Users\Voldemort\OneDrive
2019-02-27 12:53 - 2018-09-30 13:58 - 000004194 _____ C:\Windows\System32\Tasks\Avast Cleanup Update
2019-02-26 09:01 - 2018-09-17 18:34 - 000002234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-26 09:01 - 2018-09-17 18:34 - 000002193 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-23 11:49 - 2018-09-17 18:38 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-20 21:03 - 2018-10-18 18:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-19 10:27 - 2018-09-17 18:30 - 000474456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-02-19 10:25 - 2018-10-22 17:08 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-02-19 10:25 - 2018-09-17 18:30 - 000379952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-02-19 10:25 - 2018-09-17 18:30 - 000216784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-02-19 10:25 - 2018-09-17 18:30 - 000167304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-02-19 10:25 - 2018-09-17 18:30 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-02-19 10:25 - 2018-09-17 18:30 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-02-19 10:23 - 2019-01-16 20:53 - 000225680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-02-19 10:23 - 2019-01-16 20:14 - 000320696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-02-19 10:23 - 2019-01-16 20:14 - 000196072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-02-19 10:23 - 2019-01-16 20:14 - 000057960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-02-19 10:23 - 2018-09-17 18:30 - 001034432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-02-19 10:23 - 2018-09-17 18:30 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-02-14 15:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-02-14 00:58 - 2016-08-17 16:58 - 001494190 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-02-13 09:01 - 2017-03-30 08:27 - 000000000 ____D C:\Windows\system32\MRT
2019-02-13 08:53 - 2017-03-30 08:27 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-11 18:27 - 2009-07-14 06:08 - 000032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-02-04 21:23 - 2018-06-12 05:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-04 20:13 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-02-03 18:57 - 2018-11-08 14:22 - 000000000 ____D C:\GOG Games
2019-02-03 18:57 - 2018-10-13 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-02-03 10:16 - 2019-01-13 13:00 - 000000000 ____D C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

==================== Files in the root of some directories =======

2018-10-04 19:14 - 2019-01-16 20:33 - 000007603 _____ () C:\Users\Voldemort\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-04 00:54

==================== End of FRST.txt ============================

a zde Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by Voldemort (05-03-2019 16:22:46)
Running from C:\Users\Voldemort\Desktop
Windows 7 Professional Service Pack 1 (X64) (2018-09-17 16:46:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1912340780-4118999615-3692102144-500 - Administrator - Disabled)
Guest (S-1-5-21-1912340780-4118999615-3692102144-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1912340780-4118999615-3692102144-1003 - Limited - Enabled)
Voldemort (S-1-5-21-1912340780-4118999615-3692102144-1001 - Administrator - Enabled) => C:\Users\Voldemort

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.3.6507 - AVAST Software)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
BechMan (HKLM-x32\...\BechMan_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
GameRanger (HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GUN (HKLM-x32\...\1460036036_is1) (Version: 2.0.0.3 - GOG.com)
HP Hotkey Support (HKLM-x32\...\{384737A1-509C-46EA-A1EC-C1B6DD3BDC2D}) (Version: 6.2.17.1 - HP)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HP Software Framework (HKLM-x32\...\{6CFAFC70-7191-4E07-AD9C-E7E0E564D6E1}) (Version: 4.0.96.1 - Hewlett-Packard Company)
HWiNFO64 Version 5.92 (HKLM\...\HWiNFO64_is1) (Version: 5.92 - Martin Malík - REALiX)
Chess 2020 (HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\Chess2020) (Version: 2020.12 - Filip Hofer)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Inquisitor v1.0 (HKLM-x32\...\Inquisitor_is1) (Version: - CINEMAX, s.r.o.)
Johanka z Arku (HKLM-x32\...\{F2AFB780-FF87-4E4B-8097-451152CDD321}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11328.20070 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11328.20070 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\OneDriveSetup.exe) (Version: 19.022.0203.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NecroVisioN (HKLM-x32\...\1624457803_is1) (Version: 1.2 - GOG.com)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11328.20070 - Microsoft Corporation) Hidden
Sierra Wireless (HP un2430) Mobile Broadband Driver Package (HKLM-x32\...\SWIHPDrvInstaller) (Version: 1.0.45.0 - Sierra Wireless Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.23 - Synaptics Incorporated)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09E76858-CA50-4E1E-B76D-09DEBA17AFBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {0D01508F-1476-4B07-A47D-90DF076292F2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {0E2BA504-0D23-418A-81DD-21C033FFCF42} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4C4DC150-024F-41D1-9CB2-3CBC4B779BA5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6D455DDE-781C-45F0-8E95-8EA28FCCC763} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7045AA83-1865-4F5E-B544-EF1DEBBAE9CF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {71DEAAD2-6D5A-4F17-95D1-765917D3FBB5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {74971CFC-D680-4BCD-9E90-50D1448774E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {932093C4-34DD-41B0-AC29-DADF41CA9A52} - System32\Tasks\{A7AC877B-2182-45CD-A969-BDB5EF46B64E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Johanka z Arku\VSetting.exe" -d "C:\Program Files\Johanka z Arku"
Task: {9DE5FD5C-7C01-4545-B00B-7A156F519293} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {9F9AC729-CFFF-4464-A5CB-86ED4A6B224D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {AB1E6433-D67B-44B1-947B-F3A6B7D99271} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {AE72355E-F8AC-4CE5-B8C9-EFAEE5550AE7} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AFB27B55-9799-42D6-A6D1-BFC3204CC2E6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F3BCBB0C-6E62-4DA1-94D2-99CCBFCE1716} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FC1D03CE-01F2-41B5-92F6-A02E95221024} - System32\Tasks\{16417147-0F49-4E56-BA02-FB9A27DB04BE} => C:\Windows\system32\pcalua.exe -a "E:\čeština\Planescape Torment - CZ.exe" -d E:\čeština

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2017-12-20 15:26 - 2016-01-26 04:55 - 000382976 _____ (Intel Corporation) [File not signed] C:\Windows\System32\igfxtray.exe
2017-12-20 15:26 - 2016-01-26 04:55 - 000762880 _____ (Intel Corporation) [File not signed] C:\Windows\System32\hkcmd.exe
2017-12-20 15:26 - 2016-01-26 04:55 - 000835072 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxsrvc.exe
2017-12-20 15:26 - 2016-01-26 04:55 - 000761344 _____ (Intel Corporation) [File not signed] C:\Windows\System32\igfxpers.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-16 19:59 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{12665638-835A-47BD-B7A7-F805B8E625A4}C:\users\voldemort\desktop\vampire the masquerade - redemption\vampire.exe] => (Allow) C:\users\voldemort\desktop\vampire the masquerade - redemption\vampire.exe No File
FirewallRules: [UDP Query User{ACE3C0A0-4357-41A7-936D-573EC97044E3}C:\users\voldemort\desktop\vampire the masquerade - redemption\vampire.exe] => (Allow) C:\users\voldemort\desktop\vampire the masquerade - redemption\vampire.exe No File
FirewallRules: [TCP Query User{DA0934BC-F782-42C9-A32E-19BA247413A3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{AB582B62-9BD3-418A-A47F-B6821F249B76}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B5539551-510E-48CC-A66A-41ABF959E5D5}] => (Allow) C:\Users\Voldemort\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{598F0C12-D033-46E3-A19F-505E29D90D47}] => (Allow) C:\Users\Voldemort\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{9B81AA8E-391D-4F8F-98E5-27BA7D24A0C7}C:\program files (x86)\bsgo\launcher\launcher.exe] => (Allow) C:\program files (x86)\bsgo\launcher\launcher.exe No File
FirewallRules: [UDP Query User{0E92AAD5-0F2B-498E-8BB5-BF6E2F689E84}C:\program files (x86)\bsgo\launcher\launcher.exe] => (Allow) C:\program files (x86)\bsgo\launcher\launcher.exe No File
FirewallRules: [{BE56759F-9DFA-49B9-BFED-EB95C98EDA7F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [{C8A5F5F7-55BD-4EC2-8A21-C050EE754B92}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [TCP Query User{BC464C92-69F3-4AAC-B947-ECEB2BC76949}C:\users\voldemort\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\voldemort\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{73D8585F-982C-4A99-9CAD-B0EB5D91B5D4}C:\users\voldemort\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\voldemort\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [TCP Query User{D66B6EA0-2C2D-4F75-AA3C-047221E73961}C:\hry\quake\quake3.exe] => (Block) C:\hry\quake\quake3.exe () [File not signed]
FirewallRules: [UDP Query User{1F0C14D9-E0FD-4567-9F50-5581A472DF36}C:\hry\quake\quake3.exe] => (Block) C:\hry\quake\quake3.exe () [File not signed]
FirewallRules: [{B91C8E76-4AE8-4001-A4C1-E4568FF5D963}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{4BAF77F3-00FF-4CE5-9A37-302ECE289256}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{509C54BA-6FA3-4528-B29B-8E175C57E2C4}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{6D6A0CD7-AC04-43AE-8FDA-EB0E95AFCCF0}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{EF83CEA2-6F48-4573-A8B1-26BFC424544D}] => (Allow) C:\Users\Voldemort\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54E9ACCD-38B0-436C-B5A7-DC952A05E6E2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CCCAAD6-1A52-43F0-AD6C-BA512DE2AB21}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F54D1597-24C4-4C51-BE59-128B3A9D8ECA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{D23B1D6A-42FF-4C63-94F0-309FA0B06792}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

21-02-2019 17:13:43 Naplánovaný kontrolní bod
01-03-2019 12:40:39 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2019 04:10:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/05/2019 09:21:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/04/2019 10:10:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/03/2019 11:06:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/03/2019 12:04:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2019 05:42:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2019 05:37:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2019 01:43:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1996) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Voldemort\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).


System errors:
=============
Error: (03/04/2019 10:07:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (03/04/2019 10:07:51 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (03/04/2019 10:07:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Cleanup Premium byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/04/2019 10:07:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/04/2019 10:07:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Sierra Wireless QDL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/04/2019 10:07:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP SI Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/04/2019 10:07:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/03/2019 11:22:20 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.101.
Počítač s IP adresou 192.168.0.100 nepovolil získání názvu
tímto počítačem.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz
Percentage of memory in use: 64%
Total physical RAM: 3959.49 MB
Available physical RAM: 1407.69 MB
Total Virtual: 7917.12 MB
Available Virtual: 5163.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:223.77 GB) NTFS ==>[drive with boot components (obtained from BCD)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 5281FCD9)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o kontrolu logu RSIT

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Windows\SysWow64\IntelCpHeciSvc.exe
    File: C:\Program Files\IDT\WDM\STacSV64.exe
    File: C:\tools\kernrate
    File: C:\Windows\progress
    CMD: type "C:\Windows\progress"
    
    HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\MountPoints2: {470bdfdd-fba3-11e8-9a81-f4b7e2dda5c1} - F:\SISetup.exe
    HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
    Toolbar: HKU\S-1-5-21-1912340780-4118999615-3692102144-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
    CHR DefaultSearchKeyword: Default -> Adaware Secure
    CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
    2019-03-02 17:51 - 2019-03-02 18:00 - 000000000 ____D C:\Program Files\trend micro
    2019-03-02 17:51 - 2019-03-02 17:51 - 000000000 ____D C:\rsit
    2019-03-02 17:46 - 2019-03-02 17:46 - 001222144 _____ C:\Users\Voldemort\Desktop\RSITx64.exe
    Task: {932093C4-34DD-41B0-AC29-DADF41CA9A52} - System32\Tasks\{A7AC877B-2182-45CD-A969-BDB5EF46B64E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Johanka z Arku\VSetting.exe" -d "C:\Program Files\Johanka z Arku"
    Task: {FC1D03CE-01F2-41B5-92F6-A02E95221024} - System32\Tasks\{16417147-0F49-4E56-BA02-FB9A27DB04BE} => C:\Windows\system32\pcalua.exe -a "E:\čeština\Planescape Torment - CZ.exe" -d E:\čeština
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatel
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2019 17:49

Re: Dobrý den, prosím o kontrolu logu RSIT

#7 Příspěvek od Uživatel »

Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019
Ran by Voldemort (07-03-2019 10:33:48) Run:1
Running from C:\Users\Voldemort\Desktop
Loaded Profiles: Voldemort (Available Profiles: Voldemort)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\SysWow64\IntelCpHeciSvc.exe
File: C:\Program Files\IDT\WDM\STacSV64.exe
File: C:\tools\kernrate
File: C:\Windows\progress
CMD: type "C:\Windows\progress"

HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\MountPoints2: {470bdfdd-fba3-11e8-9a81-f4b7e2dda5c1} - F:\SISetup.exe
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
Toolbar: HKU\S-1-5-21-1912340780-4118999615-3692102144-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
2019-03-02 17:51 - 2019-03-02 18:00 - 000000000 ____D C:\Program Files\trend micro
2019-03-02 17:51 - 2019-03-02 17:51 - 000000000 ____D C:\rsit
2019-03-02 17:46 - 2019-03-02 17:46 - 001222144 _____ C:\Users\Voldemort\Desktop\RSITx64.exe
Task: {932093C4-34DD-41B0-AC29-DADF41CA9A52} - System32\Tasks\{A7AC877B-2182-45CD-A969-BDB5EF46B64E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Johanka z Arku\VSetting.exe" -d "C:\Program Files\Johanka z Arku"
Task: {FC1D03CE-01F2-41B5-92F6-A02E95221024} - System32\Tasks\{16417147-0F49-4E56-BA02-FB9A27DB04BE} => C:\Windows\system32\pcalua.exe -a "E:\�e�tina\Planescape Torment - CZ.exe" -d E:\�e�tina

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 57
Average :
Sum : 438256942
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Windows\SysWow64\IntelCpHeciSvc.exe ========================

C:\Windows\SysWow64\IntelCpHeciSvc.exe
File not signed
MD5: BC81F7CF9A310E8B6B5AE4964E717C3C
Creation and modification date: 2017-12-20 15:26 - 2016-01-26 04:55
Size: 000270848
Attributes: ----A
Company Name: Intel Corporation
Internal Name: IntelCpHeciSvc
Original Name: IntelCpHeciSvc.exe
Product: IntelCpHeciSvc Executable
Description: IntelCpHeciSvc Executable
File Version:
Product Version: 9.0.20.9000
Copyright: Copyright (C) 2011 Intel Corporation
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files\IDT\WDM\STacSV64.exe ========================

C:\Program Files\IDT\WDM\STacSV64.exe
File not signed
MD5: 634C0CDC3F63AED52982A15C21FA9939
Creation and modification date: 2018-06-12 05:14 - 2012-11-12 20:04
Size: 000327680
Attributes: ----N
Company Name: IDT, Inc.
Internal Name: IDT PCA
Original Name: stacsv64.exe
Product: IDT PC Audio
Description: IDT PC Audio
File Version: 1.0.6435.0
Product Version: 1.0.6435.0
Copyright: Copyright © 2004 - 2009 IDT, Inc.
VirusTotal: https://www.virustotal.com/file/9163a56 ... 547071270/

====== End of File: ======


========================= File: C:\tools\kernrate ========================

"C:\tools\kernrate" => not found
====== End of File: ======


========================= File: C:\Windows\progress ========================

C:\Windows\progress
File not signed
MD5: D19D1B80379B9ABFE23D27B71A546497
Creation and modification date: 2019-02-03 18:47 - 2019-02-03 18:47
Size: 000000031
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/c4aa192 ... 359467451/

====== End of File: ======


========= type "C:\Windows\progress" =========

[progress]
progress=progress

========= End of CMD: =========

HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{470bdfdd-fba3-11e8-9a81-f4b7e2dda5c1} => removed successfully
HKLM\Software\Classes\CLSID\{470bdfdd-fba3-11e8-9a81-f4b7e2dda5c1} => not found
"HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
"HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nladljmabboanhihfkjacnnkgjhnokhj => removed successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Voldemort\Desktop\RSITx64.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{932093C4-34DD-41B0-AC29-DADF41CA9A52}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{932093C4-34DD-41B0-AC29-DADF41CA9A52}" => removed successfully
C:\Windows\System32\Tasks\{A7AC877B-2182-45CD-A969-BDB5EF46B64E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A7AC877B-2182-45CD-A969-BDB5EF46B64E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC1D03CE-01F2-41B5-92F6-A02E95221024}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC1D03CE-01F2-41B5-92F6-A02E95221024}" => removed successfully
C:\Windows\System32\Tasks\{16417147-0F49-4E56-BA02-FB9A27DB04BE} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{16417147-0F49-4E56-BA02-FB9A27DB04BE}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8112144 B
Java, Flash, Steam htmlcache => 434 B
Windows/system/drivers => 14755191 B
Edge => 0 B
Chrome => 713575302 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 0 B
giga => 0 B
Voldemort => 162458455 B

RecycleBin => 0 B
EmptyTemp: => 865.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:35:11 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o kontrolu logu RSIT

#8 Příspěvek od Conder »

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
:arrow: Tiez skontroluj, ci existuje zlozka "C:\Windows\Minidump" a v pripade, ze sa v nej nachadzaju nejake subory, skopiruj ich niekde inde (napr. na plochu, do dokumentov), zabal do archivu RAR alebo ZIP, a vloz do prilohy k dalsiemu prispevku. Ak to nepojde do prilohy, tak ho nahraj na niektore webove ulozisko (napr. leteckaposta.cz) a posli odkaz na stiahnutie.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatel
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2019 17:49

Re: Dobrý den, prosím o kontrolu logu RSIT

#9 Příspěvek od Uživatel »

V příloze posílám tu kontrolu integrity systémových souborů a soubor Minidump ve Windows nemám.
Počítač reaguje normálně, bez komplikací, načítání při spuštění je rychlejší.
Přílohy
sfcdetails.rar
Kontrola integrity
(1.93 KiB) Staženo 63 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o kontrolu logu RSIT

#10 Příspěvek od Conder »

:arrow: Vyzera to OK. Ak uz teda nie su ziadne problemy s PC, tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatel
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 02 bře 2019 17:49

Re: Dobrý den, prosím o kontrolu logu RSIT

#11 Příspěvek od Uživatel »

Děkuji za pomoc s notebookem, vše je již v pořádku.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o kontrolu logu RSIT

#12 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno