Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Preacher
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 25 led 2018 11:40

Prosím o kontrolu logu

#1 Příspěvek od Preacher »

Dobrý den,
prosím o kontrolu logu, až si najdete chvilku, nemá to příliš velkou prioritu :)
Jedná se o levný kancelářský notebook, který využívám převážně kvůli škole, kde pracujeme s různými programy.
Notebook je delší dobu pomalý, protože ho nevypínám a ani pravidelně neudržuji, jak by se správně mělo.
zde log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Paulie at 2019-03-20 20:53:31
Microsoft Windows 10 Home
System drive C: has 12 GB (10%) free of 121 GB
Total RAM: 4002 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:53:36, on 20.03.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
C:\Users\Paulie\Downloads\adwcleaner_7.2.6.0.exe
C:\CCP\CCP.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Programy\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
C:\Program Files\trend micro\Paulie.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programy\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Paulie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Paulie\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [BackgroundSwitcher] "C:\Programy\John's Background Switcher\BackgroundSwitcher.exe"
O4 - HKCU\..\Run: [CCP Start] C:\CCP\CCP.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = vse.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = vse.cz
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: VMware Horizon Client (client_service) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem29.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: VMware Netlink Supervisor Service (ftnlsv3hv) - Unknown owner - C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
O23 - Service: VMware Scanner Redirection Client (ftscanmgrhv) - Unknown owner - C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - HP Inc. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: @oem40.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\System32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware Serial Com Redirection Client service (vmwsprrdpwks) - VMware - C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @oem38.inf,%WirelessKB850NotificationSvcDisplayName%;Wireless Keyboard 850 Notification Service (WirelessKB850NotificationService) - Unknown owner - C:\WINDOWS\system32\WirelessKB850NotificationService.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 14946 bytes

======Listing Processes======








winlogon.exe


c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e22964be-e8c2-4bb3-9ddd-36b8574d19fa -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-497edb1e-48d9-4486-9bda-49794746c05b -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-17a0e4d8-3b2a-43f5-99e9-85aec28a7965 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-56d34c6e-9275-4b6c-a68e-7b4de39466f1 -LifetimeId:cc0dbf76-0c0a-4888-9905-d0fed280c867 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k networkservice -s TermService
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ec10aac7-fab6-4453-a19d-0f935ee39272 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-942638f9-d02f-402b-8462-0a769ebb5863 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-bbdfbcb5-f252-42d5-aea1-9136b2da8d42 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b351a8cc-2525-4c40-9a5e-514d751dc9aa -LifetimeId:bd5a1831-50d0-4bab-bda9-eaeb82c0afa9 -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
dashost.exe {0ec1aa17-5045-4a5c-88803604c841fd19}

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SessionEnv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository

"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\AUDIODG.EXE 0x408
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:/Users/Paulie/Downloads/adwcleaner_7.2.6.0.exe /r
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
igfxEM.exe
igfxHK.exe
C:\WINDOWS\Explorer.EXE

c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\WLANExt.exe 1766083660656
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe" -SCMStartup mfwStartFlags=2
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\SysWOW64\esif_uf.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe"
C:\WINDOWS\System32\ibtsiva
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe"

C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\WirelessKB850NotificationService.exe
"C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
c:\windows\system32\svchost.exe -k netsvcs
"c:\program files\avast software\avast\aswEngSrv.exe" /pipename="CEC99EB1-0E87-6EEC-1F66-9708DBB27BF4" /binpath="c:\program files\avast software\avast"
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Eaphost
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe" /lateupdate apply
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Paulie\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Paulie\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=72.0.3626.121 --initial-client-data=0x1e0,0x1e4,0x1e8,0x1dc,0x1ec,0x7ff9f0515510,0x7ff9f0515520,0x7ff9f0515530
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8260 --on-initialized-event-handle=692 --parent-handle=700 /prefetch:6
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=7514701622683017474 --mojo-platform-channel-handle=1784 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=10206550815987521882 --mojo-platform-channel-handle=1896 /prefetch:8
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --service-pipe-token=3365274718346701009 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3365274718346701009 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2564 /prefetch:1
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --service-pipe-token=4123173908871572548 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4123173908871572548 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --service-pipe-token=2461890839266509664 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2461890839266509664 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3676 /prefetch:1
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\CCP\CCP.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{53362C64-A296-4F2D-A2F8-FD984D08340B}
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
"C:\Programy\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
AvastUI.exe /nogui
-BootProc
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"
-BootProc
"C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --service-pipe-token=9231740323523643680 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9231740323523643680 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6368 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --service-pipe-token=959300971523300734 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=959300971523300734 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --service-pipe-token=10743475325696238409 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10743475325696238409 --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4412 /prefetch:1
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
"C:\Program Files\HPCommRecovery\HPCommRecovery.exe"
"C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe"
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
"C:\Program Files\rempl\sedsvc.exe"

c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --lang=en-US --no-sandbox --lang=en-US --log-file="C:\Users\Paulie\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.3.2987.1601 Safari/537.36 Avastium (19.3.2369)" --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --service-request-channel-token=F1C077F67F7E38C6D47049BDB7F374CB --mojo-platform-channel-handle=6800 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --service-pipe-token=744422491911020260 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=744422491911020260 --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7804 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --service-pipe-token=10123556303799557189 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10123556303799557189 --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1816,2419133336591550238,11967825144710987252,131072 --service-pipe-token=1044175350858829917 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1044175350858829917 --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8112 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 748 752 760 8192 756
"C:\Users\Paulie\Downloads\RSITx64 (1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Connect.job - C:\Program Files (x86)\MAGIX\Connect\connect.exe
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForPaulie.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPaulie (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-10 211848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06 440680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-10 158696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-24 474688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-24 188992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06 416104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-09-27 9279328]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-03-18 260488]
"VMware Netlink 3 HV Install Utility"=C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [2017-07-12 75680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Paulie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-03-06 1507144]
"uTorrent"=C:\Users\Paulie\AppData\Roaming\uTorrent\uTorrent.exe [2019-03-03 1815736]
"BackgroundSwitcher"=C:\Programy\John's Background Switcher\BackgroundSwitcher.exe [2013-05-20 120424]
"CCP Start"=C:\CCP\CCP.exe [2015-11-01 2749952]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-09-06 18630056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2016-06-20 705784]
"PWRISOVM.EXE"=C:\Programy\PowerISO\PWRISOVM.EXE [2016-05-25 406664]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2014-05-22 139776]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-03-18 260488]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"ConsentPromptBehaviorAdmin"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-03-20 16:54:41 ----D---- C:\ProgramData\Mozilla
2019-03-18 16:20:27 ----A---- C:\WINDOWS\system32\aswBoot.exe
2019-03-16 13:06:57 ----RDC---- C:\Users\Paulie\AppData\Roaming\Brother
2019-03-13 12:02:02 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2019-03-13 12:02:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2019-03-13 12:02:01 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-03-13 12:02:01 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-03-13 12:02:01 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2019-03-13 12:02:01 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-03-13 12:01:59 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2019-03-13 12:01:59 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-13 12:01:59 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 12:01:59 ----A---- C:\WINDOWS\system32\domgmt.dll
2019-03-13 12:01:59 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2019-03-13 12:01:58 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-03-13 12:01:58 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-03-13 12:01:57 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-03-13 12:01:57 ----A---- C:\WINDOWS\system32\AppResolver.dll
2019-03-13 12:01:56 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-13 12:01:56 ----A---- C:\WINDOWS\system32\dosvc.dll
2019-03-13 12:01:56 ----A---- C:\WINDOWS\system32\cdprt.dll
2019-03-13 12:01:56 ----A---- C:\WINDOWS\system32\cdp.dll
2019-03-13 12:01:55 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2019-03-13 12:01:55 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-03-13 12:01:55 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-13 12:01:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 12:01:54 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-03-13 12:01:53 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-03-13 12:01:51 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2019-03-13 12:01:51 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-03-13 12:01:50 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-03-13 12:01:49 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-03-13 12:01:49 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 12:01:48 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2019-03-13 12:01:47 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-03-13 12:01:47 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2019-03-13 12:01:47 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-03-13 12:01:47 ----A---- C:\WINDOWS\system32\srpapi.dll
2019-03-13 12:01:47 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 12:01:47 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-03-13 12:01:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2019-03-13 12:01:46 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-03-13 12:01:45 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-03-13 12:01:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-03-13 12:01:45 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-03-13 12:01:44 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2019-03-13 12:01:44 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2019-03-13 12:01:44 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2019-03-13 12:01:44 ----A---- C:\WINDOWS\SYSWOW64\BingOnlineServices.dll
2019-03-13 12:01:44 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-03-13 12:01:43 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2019-03-13 12:01:43 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-03-13 12:01:43 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-03-13 12:01:43 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 12:01:42 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 12:01:42 ----A---- C:\WINDOWS\system32\OpcServices.dll
2019-03-13 12:01:40 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-03-13 12:01:39 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-03-13 12:01:39 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-03-13 12:01:39 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2019-03-13 12:01:39 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-03-13 12:01:38 ----A---- C:\WINDOWS\system32\hal.dll
2019-03-13 12:01:38 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-03-13 12:01:38 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2019-03-13 12:01:37 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-03-13 12:01:37 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-03-13 12:01:37 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-03-13 12:01:37 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-03-13 12:01:36 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2019-03-13 12:01:36 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-03-13 12:01:36 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-03-13 12:01:35 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2019-03-13 12:01:35 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-03-13 12:01:35 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-03-13 12:01:35 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2019-03-13 12:01:35 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2019-03-13 12:01:35 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-03-13 12:01:35 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-03-13 12:01:35 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-13 12:01:35 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-03-13 12:01:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-03-13 12:01:34 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2019-03-13 12:01:34 ----A---- C:\WINDOWS\system32\NMAA.dll
2019-03-13 12:01:34 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-13 12:01:33 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-03-13 12:01:33 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-03-13 12:01:33 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2019-03-13 12:01:33 ----A---- C:\WINDOWS\system32\msxml3.dll
2019-03-13 12:01:32 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2019-03-13 12:01:32 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2019-03-13 12:01:32 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-03-13 12:01:32 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2019-03-13 12:01:32 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-03-13 12:01:32 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 12:01:31 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-03-13 12:01:31 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-03-13 12:01:30 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-03-13 12:01:30 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-03-13 12:01:30 ----A---- C:\WINDOWS\system32\rascustom.dll
2019-03-13 12:01:30 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 12:01:29 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 12:01:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-03-13 12:01:28 ----A---- C:\WINDOWS\system32\jscript.dll
2019-03-13 12:01:28 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-03-13 12:01:27 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-03-13 12:01:27 ----A---- C:\WINDOWS\system32\policymanager.dll
2019-03-13 12:01:27 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-03-13 12:01:26 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2019-03-13 12:01:26 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-13 12:01:25 ----A---- C:\WINDOWS\system32\propsys.dll
2019-03-13 12:01:25 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-03-13 12:01:25 ----A---- C:\WINDOWS\system32\drivers\http.sys
2019-03-13 12:01:25 ----A---- C:\WINDOWS\system32\combase.dll
2019-03-13 12:01:24 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-13 12:01:24 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-03-13 12:01:24 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-03-13 12:01:23 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-03-13 12:01:23 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-13 12:01:23 ----A---- C:\WINDOWS\system32\mos.dll
2019-03-13 12:01:22 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-03-13 12:01:22 ----A---- C:\WINDOWS\system32\msi.dll
2019-03-13 12:01:22 ----A---- C:\WINDOWS\system32\msctf.dll
2019-03-13 12:01:22 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 12:01:21 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-03-13 12:01:21 ----A---- C:\WINDOWS\system32\aitstatic.exe
2019-03-13 12:01:21 ----A---- C:\WINDOWS\system32\AcLayers.dll
2019-03-13 12:01:20 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 12:01:20 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 12:01:20 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-03-13 12:01:20 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-03-13 12:01:19 ----A---- C:\WINDOWS\system32\wininet.dll
2019-03-13 12:01:19 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-03-13 12:01:19 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-03-13 12:01:18 ----A---- C:\WINDOWS\system32\wlansvc.dll
2019-03-13 12:01:18 ----A---- C:\WINDOWS\system32\localspl.dll
2019-03-13 12:01:17 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 12:01:17 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-03-13 12:01:13 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-03-13 12:01:12 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-03-13 12:01:10 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2019-03-13 12:01:10 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2019-03-13 12:01:10 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2019-03-13 12:01:10 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2019-03-13 12:01:10 ----A---- C:\WINDOWS\system32\MapsStore.dll
2019-03-13 12:01:10 ----A---- C:\WINDOWS\system32\MapRouter.dll
2019-03-13 12:01:10 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2019-03-13 12:01:09 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2019-03-13 12:01:09 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2019-03-13 12:01:08 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2019-03-13 12:01:08 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 12:01:07 ----A---- C:\WINDOWS\system32\BingMaps.dll
2019-03-13 12:01:06 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-03-13 12:01:05 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2019-03-13 12:01:01 ----A---- C:\WINDOWS\system32\fcon.dll
2019-03-13 12:00:59 ----A---- C:\WINDOWS\system32\moshostcore.dll
2019-03-13 12:00:59 ----A---- C:\WINDOWS\system32\lpasvc.dll
2019-03-13 12:00:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-13 12:00:45 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2019-03-13 12:00:45 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-03-13 12:00:45 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-03-13 12:00:44 ----A---- C:\WINDOWS\system32\winresume.exe
2019-03-13 12:00:44 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-03-13 12:00:44 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-03-13 12:00:43 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2019-03-13 12:00:43 ----A---- C:\WINDOWS\system32\winload.exe
2019-03-13 12:00:43 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\system32\wsp_health.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\system32\pcasvc.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\system32\invagent.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\system32\devinv.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\system32\dcntel.dll
2019-03-13 12:00:42 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-13 12:00:42 ----A---- C:\WINDOWS\system32\aepic.dll
2019-03-13 12:00:41 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-03-13 12:00:41 ----A---- C:\WINDOWS\system32\ReAgent.dll
2019-03-13 12:00:41 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-13 12:00:41 ----A---- C:\WINDOWS\system32\generaltel.dll
2019-03-13 12:00:41 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-03-13 12:00:41 ----A---- C:\WINDOWS\system32\aeinv.dll
2019-03-13 12:00:40 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2019-03-13 12:00:40 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-03-13 12:00:40 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2019-03-13 12:00:40 ----A---- C:\WINDOWS\SYSWOW64\dpx.dll
2019-03-13 12:00:40 ----A---- C:\WINDOWS\system32\wimserv.exe
2019-03-13 12:00:40 ----A---- C:\WINDOWS\system32\wimgapi.dll
2019-03-13 12:00:40 ----A---- C:\WINDOWS\system32\wer.dll
2019-03-13 12:00:40 ----A---- C:\WINDOWS\system32\resutils.dll
2019-03-13 12:00:40 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-03-13 12:00:40 ----A---- C:\WINDOWS\system32\dpx.dll
2019-03-13 12:00:39 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2019-03-13 12:00:39 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2019-03-13 12:00:39 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2019-03-13 12:00:38 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-03-13 12:00:38 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-03-13 12:00:38 ----A---- C:\WINDOWS\system32\weretw.dll
2019-03-13 12:00:38 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-13 12:00:38 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2019-03-13 12:00:38 ----A---- C:\WINDOWS\system32\systemreset.exe
2019-03-13 12:00:38 ----A---- C:\WINDOWS\system32\gpsvc.dll
2019-03-13 12:00:38 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 12:00:37 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2019-03-13 12:00:37 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2019-03-13 12:00:37 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-03-13 12:00:37 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-03-13 12:00:37 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-03-13 12:00:37 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2019-03-13 12:00:37 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-03-13 12:00:36 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 12:00:35 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2019-03-13 12:00:35 ----A---- C:\WINDOWS\SYSWOW64\RTWorkQ.dll
2019-03-13 12:00:35 ----A---- C:\WINDOWS\system32\RTWorkQ.dll
2019-03-13 12:00:35 ----A---- C:\WINDOWS\system32\mprddm.dll
2019-03-13 12:00:34 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2019-03-13 12:00:34 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-03-13 12:00:33 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2019-03-13 12:00:33 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2019-03-13 12:00:33 ----A---- C:\WINDOWS\system32\werui.dll
2019-03-13 12:00:33 ----A---- C:\WINDOWS\system32\taskhostw.exe
2019-03-13 12:00:33 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2019-03-13 12:00:33 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2019-03-13 12:00:33 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2019-03-13 12:00:32 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-03-13 12:00:32 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2019-03-13 12:00:31 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2019-03-13 12:00:31 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2019-03-13 12:00:31 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 12:00:30 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2019-03-13 12:00:30 ----A---- C:\WINDOWS\SYSWOW64\CredentialMigrationHandler.dll
2019-03-13 12:00:30 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2019-03-13 12:00:30 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2019-03-13 12:00:30 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2019-03-13 12:00:30 ----A---- C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-13 12:00:28 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2019-03-13 12:00:28 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2019-03-13 12:00:28 ----A---- C:\WINDOWS\system32\tzres.dll
2019-03-13 12:00:28 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2019-03-13 12:00:28 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2019-03-13 12:00:28 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2019-03-13 12:00:28 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2019-03-13 12:00:28 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll

======List of files/folders modified in the last 1 month======

2019-03-20 20:53:34 ----D---- C:\WINDOWS\system32\drivers\etc
2019-03-20 20:53:34 ----D---- C:\Program Files\trend micro
2019-03-20 20:47:52 ----D---- C:\WINDOWS\Temp
2019-03-20 20:45:33 ----D---- C:\WINDOWS\system32\sru
2019-03-20 20:44:28 ----D---- C:\WINDOWS\system32\SleepStudy
2019-03-20 19:57:37 ----D---- C:\WINDOWS\System32
2019-03-20 19:57:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-20 19:57:36 ----D---- C:\WINDOWS\INF
2019-03-20 17:38:32 ----D---- C:\WINDOWS\system32\Tasks
2019-03-20 17:38:30 ----D---- C:\WINDOWS\Prefetch
2019-03-20 17:38:04 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-03-20 17:37:50 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-20 17:37:00 ----RD---- C:\Program Files (x86)
2019-03-20 17:36:49 ----D---- C:\AdwCleaner
2019-03-20 17:36:28 ----DC---- C:\Users\Paulie\AppData\Roaming\uTorrent
2019-03-20 17:28:13 ----HD---- C:\Program Files\WindowsApps
2019-03-20 17:28:03 ----D---- C:\WINDOWS\AppReadiness
2019-03-20 17:27:30 ----SHD---- C:\Config.Msi
2019-03-20 17:27:30 ----D---- C:\WINDOWS\system32\drivers
2019-03-20 17:26:59 ----RD---- C:\Program Files
2019-03-20 17:22:06 ----D---- C:\WINDOWS\system32\Macromed
2019-03-20 17:19:46 ----D---- C:\Windows
2019-03-20 17:16:19 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-03-20 17:13:10 ----SHDC---- C:\WINDOWS\Installer
2019-03-20 17:13:09 ----D---- C:\ProgramData\Cisco
2019-03-20 17:13:09 ----D---- C:\Program Files (x86)\Cisco
2019-03-20 17:09:52 ----D---- C:\Program Files (x86)\MAGIX
2019-03-20 16:58:03 ----D---- C:\Programy
2019-03-20 16:54:41 ----HD---- C:\ProgramData
2019-03-20 16:50:25 ----DC---- C:\WINDOWS\Panther
2019-03-20 16:50:23 ----D---- C:\WINDOWS\debug
2019-03-20 16:48:36 ----DC---- C:\Users\Paulie\AppData\Roaming\vlc
2019-03-20 16:22:39 ----D---- C:\Program Files\rempl
2019-03-20 16:15:49 ----D---- C:\WINDOWS\system32\LogFiles
2019-03-18 22:38:14 ----D---- C:\WINDOWS\Logs
2019-03-18 18:19:36 ----RD---- C:\WINDOWS\Microsoft.NET
2019-03-18 16:25:45 ----D---- C:\WINDOWS\system32\config
2019-03-18 16:20:27 ----HD---- C:\WINDOWS\ELAMBKUP
2019-03-16 05:06:04 ----D---- C:\WINDOWS\WinSxS
2019-03-15 15:39:12 ----D---- C:\WINDOWS\SysWOW64
2019-03-14 03:08:38 ----D---- C:\WINDOWS\system32\DriverStore
2019-03-14 03:07:38 ----D---- C:\WINDOWS\system32\catroot2
2019-03-14 03:06:59 ----D---- C:\WINDOWS\TextInput
2019-03-14 03:06:59 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-03-14 03:06:59 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-03-14 03:06:59 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-03-14 03:06:59 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\migration
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-03-14 03:06:58 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-03-14 03:06:57 ----SD---- C:\WINDOWS\system32\UNP
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\zu-ZA
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\yo-NG
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\xh-ZA
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\wo-SN
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\tn-ZA
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\ti-ET
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\rw-RW
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\oobe
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\nso-ZA
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\migration
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\ig-NG
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\en-US
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\cs-CZ
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-03-14 03:06:57 ----D---- C:\WINDOWS\system32\appraiser
2019-03-14 03:06:55 ----RSD---- C:\WINDOWS\Fonts
2019-03-14 03:06:55 ----RD---- C:\Program Files\Windows Defender
2019-03-14 03:06:55 ----D---- C:\WINDOWS\ShellExperiences
2019-03-14 03:06:55 ----D---- C:\WINDOWS\bcastdvr
2019-03-14 03:06:55 ----D---- C:\WINDOWS\apppatch
2019-03-14 03:06:55 ----D---- C:\Program Files (x86)\Windows Defender
2019-03-14 03:06:53 ----D---- C:\WINDOWS\system32\Boot
2019-03-13 12:09:42 ----D---- C:\WINDOWS\CbsTemp
2019-03-13 11:59:28 ----D---- C:\WINDOWS\system32\MRT
2019-03-13 01:07:00 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-03-11 14:48:18 ----AD---- C:\Program Files (x86)\Microsoft Office
2019-03-10 22:01:59 ----D---- C:\WINDOWS\Tasks
2019-03-08 12:25:46 ----D---- C:\Škola - Magistr
2019-03-03 17:54:40 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-02-27 02:19:55 ----RD---- C:\WINDOWS\assembly
2019-02-23 01:03:51 ----AD---- C:\Program Files\CCleaner
2019-02-23 01:02:46 ----SD---- C:\WINDOWS\SYSWOW64\F12
2019-02-23 01:02:45 ----SD---- C:\WINDOWS\system32\F12
2019-02-23 01:02:45 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-02-23 01:02:43 ----D---- C:\Program Files\internet explorer
2019-02-23 01:02:43 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-03-18 37320]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-03-18 196304]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswblog.sys [2019-03-18 320904]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-03-18 58168]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-01-08 15488]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-03-18 88152]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-03-18 380160]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-03-18 205608]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-03-18 254408]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-03-18 249152]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-03-18 42496]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-03-18 112520]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-03-18 1034640]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-03-18 476256]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2016-05-25 137280]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-03-18 169104]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-03-18 220632]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 hcmon;VMware hcmon; C:\WINDOWS\system32\DRIVERS\hcmon.sys [2017-08-31 82904]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 106496]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2017-03-28 55792]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2017-03-28 52208]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2017-03-28 260080]
R3 ibtusb;@oem37.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2018-05-10 199192]
R3 igfxLP;igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [2017-03-28 7407064]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-09-27 6392672]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-03-28 481768]
R3 Netwtw04;@oem32.inf,%NIC_Service_DispName_WINT_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [2018-04-04 8623128]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
R3 rt640x64;@oem13.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-04-14 954368]
R3 SensorsSimulatorDriver;@oem30.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-04-12 264192]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 AppleLowerFilter;@oem18.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2018-05-10 35560]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-03-06 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RTSUER;@oem11.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2017-04-27 420832]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-03-18 360440]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_2f1a5;CDPUserSvc_2f1a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-03-01 11129928]
R2 client_service;VMware Horizon Client; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [2017-09-27 532456]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 esifsvc;@oem29.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWOW64\esif_uf.exe [2017-03-28 1419424]
R2 ftnlsv3hv;VMware Netlink Supervisor Service; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [2017-07-12 218528]
R2 ftscanmgrhv;VMware Scanner Redirection Client; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe [2017-06-15 2949024]
R2 HP Comm Recover;HP Comm Recovery; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [2016-10-07 1309184]
R2 HPJumpStartBridge;HP JumpStart Bridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [2017-05-23 471040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2018-12-06 347512]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2016-06-20 631800]
R2 ibtsiva;@oem40.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\System32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-03-28 356336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2015-04-21 174368]
R2 OneSyncSvc_2f1a5;OneSyncSvc_2f1a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2018-09-27 268128]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-03-16 325432]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-03-18 6570352]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-24 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-09-28 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-28 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-03-15 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-04-12 52832]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-03-18 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_2f1a5;BcastDVRUserService_2f1a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_2f1a5;BluetoothUserService_2f1a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-03-28 284144]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-09-28 143144]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_2f1a5;DevicePickerUserSvc_2f1a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_2f1a5;DevicesFlowUserSvc_2f1a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe [2019-03-01 1271280]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-28 153168]
S3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2015-09-03 887784]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_2f1a5;MessagingService_2f1a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2019-01-28 223208]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc_2f1a5;PimIndexMaintenanceSvc_2f1a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]A
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_2f1a5;PrintWorkflowUserSvc_2f1a5; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Prosím o kontrolu logu

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Preacher
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 25 led 2018 11:40

Re: Prosím o kontrolu logu

#3 Příspěvek od Preacher »

Zdravím, děkuji za pomoc :)
Posílám log z Adwcleaner:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-21-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2103 octets] - [20/03/2019 17:36:49]
AdwCleaner[C00].txt - [2085 octets] - [20/03/2019 17:37:02]
AdwCleaner[S01].txt - [1445 octets] - [21/03/2019 05:21:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Prosím o kontrolu logu

#4 Příspěvek od Diallix »

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Preacher
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 25 led 2018 11:40

Re: Prosím o kontrolu logu

#5 Příspěvek od Preacher »

Posílám log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Paulie (administrator) on LAPTOP-MGGJ92FO (22-03-2019 13:27:49)
Running from C:\Users\Paulie\Desktop
Loaded Profiles: Paulie (Available Profiles: Paulie)
Platform: Windows 10 Home Version 1803 17134.648 (X64) Language: Čeština (Česko)
Default browser not detected!
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(FabulaTech -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(FabulaTech -> ) C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(FabulaTech -> VMware) C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() [File not signed] C:\CCP\CCP.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Power Software Limited -> Power Software Ltd) C:\Programy\PowerISO\PWRISOVM.EXE
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279328 2018-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [75680 2017-07-12] (FabulaTech -> )
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Programy\PowerISO\PWRISOVM.EXE [406664 2016-05-25] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\Run: [uTorrent] => C:\Users\Paulie\AppData\Roaming\uTorrent\uTorrent.exe [1815736 2019-03-03] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\Run: [BackgroundSwitcher] => C:\Programy\John's Background Switcher\BackgroundSwitcher.exe [120424 2013-05-20] (John Conners -> johnsadventures.com)
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\Run: [CCP Start] => C:\CCP\CCP.exe [2749952 2015-11-01] () [File not signed]
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\MountPoints2: {ccf3ac0b-b40b-11e8-996d-9061ae26b320} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-07] (Google LLC -> Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 view-localhost # view localhost server
Tcpip\Parameters: [DhcpNameServer] 146.102.41.11 146.102.41.12
Tcpip\..\Interfaces\{4871caf0-c49c-4e3f-b145-0e9acb7bd3d0}: [DhcpNameServer] 146.102.41.11 146.102.41.12

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKLM -> {D6905F94-6D2C-475B-8B87-83E0972391AB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {D6905F94-6D2C-475B-8B87-83E0972391AB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {1B265AAC-23DF-4E46-9281-0738EB5EDB22} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {45874B18-1862-4CD0-A55B-7CE51F7F6EF2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {718A4562-BD54-4539-AECA-648053E509E4} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {9A4D53F8-AA8D-4A5B-A591-8D01B01C4A4C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {9C921D4F-2756-4936-9228-B4A89AC8C09B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {A6E6E4DC-C64C-4D57-BB22-C7EDFF79FBD6} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {AE22E9F4-B6D2-4295-A76E-BE92D562FE96} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {B7A2D660-D06E-403D-A186-C991A77291D3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {D6905F94-6D2C-475B-8B87-83E0972391AB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {ED2E8233-80D0-403B-BDB0-53D1FD8E2DD6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-10] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: mnftvyw4.default
FF ProfilePath: C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default [2019-03-20]
FF user.js: detected! => C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\user.js [2018-05-24]
FF Homepage: Mozilla\Firefox\Profiles\mnftvyw4.default -> http://www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\mnftvyw4.default -> is enabled.
FF Extension: (Web Security) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\contact@web-security.com.xpi [2018-05-24]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\sko-extension@firma.seznam.cz [2018-01-11]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-12-09]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\sp@avast.com.xpi [2019-03-03]
FF Extension: (Avast Online Security) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\wrc@avast.com.xpi [2018-06-24]
FF Extension: (No Name) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-03-03]
FF Extension: (Seznam doplněk - Email) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-12-15]
FF Extension: (No Name) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-15] (Adobe Systems Incorporated -> )
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default [2019-03-22]
CHR Extension: (Prezentace) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-28]
CHR Extension: (YouTube) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-28]
CHR Extension: (Flash Player) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2018-11-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Avast Online Security) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-03-21]
CHR Extension: (Social Profile view notification) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pegkceflonohbcefcbflfpficfkmpeod [2018-01-28]
CHR Extension: (Gmail) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-28]
CHR Extension: (Chrome Media Router) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-23]
CHR HKU\S-1-5-21-265973849-1346121208-2514518910-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-265973849-1346121208-2514518910-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-265973849-1346121208-2514518910-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-06] (Microsoft Corporation -> Microsoft Corporation)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [532456 2017-09-27] (VMware, Inc. -> VMware, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1419424 2017-03-28] (Intel(R) Software -> Intel Corporation)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [218528 2017-07-12] (FabulaTech -> )
R2 ftscanmgrhv; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe [2949024 2017-06-15] (FabulaTech -> )
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [541896 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [356336 2017-03-28] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268128 2018-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [276896 2017-06-15] (FabulaTech -> VMware)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205608 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254408 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196304 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320904 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58168 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249152 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42496 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169104 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88152 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034640 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476256 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220632 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380160 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55792 2017-03-28] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2017-03-28] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2017-03-28] (Intel(R) Software -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [199192 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7407064 2017-03-28] (Intel(R) pGFX -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-04-14] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-04-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [264192 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [60504 2017-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP Inc. -> HP)
S3 vpnva; \SystemRoot\System32\drivers\vpnva64-6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-22 13:27 - 2019-03-22 13:29 - 000031534 ____C C:\Users\Paulie\Desktop\FRST.txt
2019-03-22 13:26 - 2019-03-22 13:26 - 002434048 _____ (Farbar) C:\Users\Paulie\Desktop\FRST64.exe
2019-03-21 15:53 - 2019-03-21 15:53 - 000033420 _____ C:\Users\Paulie\Downloads\Bc-Pavel-Jirgal-402969-Zivotopisy.cz.pdf
2019-03-21 14:27 - 2019-03-21 14:27 - 000039424 _____ C:\Users\Paulie\Downloads\TP_ZOO.xls
2019-03-21 05:26 - 2019-03-21 05:26 - 007316688 _____ (Malwarebytes) C:\Users\Paulie\Downloads\adwcleaner_7.2.7.0.exe
2019-03-21 05:22 - 2019-03-21 05:22 - 000002566 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-21 05:22 - 2019-03-21 05:22 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-21 05:22 - 2019-03-21 05:22 - 000002542 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-03-21 05:22 - 2019-03-21 05:22 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-21 05:22 - 2019-03-21 05:22 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-21 05:22 - 2019-03-21 05:22 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-03-21 05:22 - 2019-03-21 05:22 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-21 05:22 - 2019-03-21 05:22 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-21 05:22 - 2019-03-21 05:22 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-21 05:22 - 2019-03-21 05:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-03-21 05:18 - 2019-03-21 05:18 - 007316688 _____ (Malwarebytes) C:\Users\Paulie\Desktop\adwcleaner_7.2.7.0.exe
2019-03-20 20:53 - 2019-03-20 20:53 - 001222144 _____ C:\Users\Paulie\Downloads\RSITx64 (1).exe
2019-03-20 17:38 - 2019-03-20 17:38 - 007320272 _____ (Malwarebytes) C:\Users\Paulie\Downloads\adwcleaner_7.2.6.0 (1).exe
2019-03-20 17:36 - 2019-03-20 17:36 - 007320272 _____ (Malwarebytes) C:\Users\Paulie\Downloads\adwcleaner_7.2.6.0.exe
2019-03-20 17:28 - 2019-03-20 17:28 - 000000000 ___DC C:\Users\Paulie\AppData\LocalLow\uTorrent
2019-03-20 16:54 - 2019-03-20 16:54 - 000000000 ____D C:\ProgramData\Mozilla
2019-03-20 16:40 - 2019-03-20 16:40 - 000001212 ____C C:\Users\Paulie\Desktop\Game of Thrones S07E00 1080p HDTV x265 – zástupce.lnk
2019-03-18 18:48 - 2019-03-18 18:50 - 000000201 ____C C:\Users\Paulie\Desktop\ODKAZY Z CHROMU.txt
2019-03-18 16:20 - 2019-03-18 16:20 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-03-16 13:06 - 2019-03-16 13:06 - 000000000 __RDC C:\Users\Paulie\AppData\Roaming\Brother
2019-03-16 13:06 - 2019-03-16 13:06 - 000000000 ___DC C:\Users\Paulie\AppData\LocalLow\Brother
2019-03-16 12:26 - 2019-03-16 16:25 - 000106046 ____C C:\Game of Thrones S07E00 1080p HDTV x265.srt
2019-03-16 12:26 - 2019-03-15 21:01 - 1472095722 ___RC C:\Game of Thrones S07E00 1080p HDTV x265.mp4
2019-03-15 13:59 - 2019-03-15 13:59 - 006105073 _____ C:\Users\Paulie\Downloads\arthur-1.34-build15-debug.apk
2019-03-13 17:47 - 2019-03-13 17:47 - 000884040 _____ C:\Users\Paulie\Downloads\2. Úspěšná e-commerce firma v7 (1).pdf
2019-03-13 12:02 - 2019-03-06 16:37 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-03-13 12:02 - 2019-03-06 06:51 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-03-13 12:02 - 2019-03-06 06:49 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-03-13 12:02 - 2019-02-16 13:24 - 000444176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-03-13 12:02 - 2019-02-16 13:06 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-03-13 12:02 - 2019-02-16 08:30 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-03-13 12:01 - 2019-03-06 16:39 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-13 12:01 - 2019-03-06 16:17 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-13 12:01 - 2019-03-06 16:14 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-03-13 12:01 - 2019-03-06 16:14 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-03-13 12:01 - 2019-03-06 16:13 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-13 12:01 - 2019-03-06 16:13 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-03-13 12:01 - 2019-03-06 16:13 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 12:01 - 2019-03-06 13:18 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-13 12:01 - 2019-03-06 13:09 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-13 12:01 - 2019-03-06 13:05 - 004054016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-13 12:01 - 2019-03-06 13:05 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-03-13 12:01 - 2019-03-06 13:04 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-03-13 12:01 - 2019-03-06 10:29 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 12:01 - 2019-03-06 10:16 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-03-13 12:01 - 2019-03-06 10:16 - 001188000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 12:01 - 2019-03-06 10:07 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-13 12:01 - 2019-03-06 10:07 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-13 12:01 - 2019-03-06 10:07 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-13 12:01 - 2019-03-06 10:06 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 12:01 - 2019-03-06 10:06 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-03-13 12:01 - 2019-03-06 10:05 - 000436240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-03-13 12:01 - 2019-03-06 10:04 - 002765856 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-13 12:01 - 2019-03-06 10:04 - 000945464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-13 12:01 - 2019-03-06 10:03 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 12:01 - 2019-03-06 10:03 - 002719544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-13 12:01 - 2019-03-06 10:03 - 002465784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-13 12:01 - 2019-03-06 10:03 - 001921848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-13 12:01 - 2019-03-06 10:03 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-03-13 12:01 - 2019-03-06 10:03 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-03-13 12:01 - 2019-03-06 10:03 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-03-13 12:01 - 2019-03-06 10:02 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-13 12:01 - 2019-03-06 09:44 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-13 12:01 - 2019-03-06 09:36 - 022716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-13 12:01 - 2019-03-06 09:36 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 12:01 - 2019-03-06 09:34 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-13 12:01 - 2019-03-06 09:33 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-13 12:01 - 2019-03-06 09:32 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 12:01 - 2019-03-06 09:32 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-13 12:01 - 2019-03-06 09:32 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-03-13 12:01 - 2019-03-06 09:31 - 007598592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-13 12:01 - 2019-03-06 09:31 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 12:01 - 2019-03-06 09:31 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-13 12:01 - 2019-03-06 09:31 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 12:01 - 2019-03-06 09:31 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 12:01 - 2019-03-06 09:31 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 12:01 - 2019-03-06 09:31 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-13 12:01 - 2019-03-06 09:31 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-13 12:01 - 2019-03-06 09:31 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-03-13 12:01 - 2019-03-06 09:29 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-03-13 12:01 - 2019-03-06 09:29 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 12:01 - 2019-03-06 09:29 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 12:01 - 2019-03-06 09:29 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-13 12:01 - 2019-03-06 09:28 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-03-13 12:01 - 2019-03-06 09:28 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-03-13 12:01 - 2019-03-06 09:27 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-03-13 12:01 - 2019-03-06 09:27 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-03-13 12:01 - 2019-03-06 09:27 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-03-13 12:01 - 2019-03-06 09:27 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-03-13 12:01 - 2019-03-06 09:25 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-13 12:01 - 2019-03-06 07:17 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-13 12:01 - 2019-03-06 07:15 - 002253488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-13 12:01 - 2019-03-06 07:14 - 006568528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 12:01 - 2019-03-06 07:14 - 000785568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-03-13 12:01 - 2019-03-06 07:14 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-03-13 12:01 - 2019-03-06 07:05 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-13 12:01 - 2019-03-06 06:56 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-13 12:01 - 2019-03-06 06:53 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-03-13 12:01 - 2019-03-06 06:53 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-13 12:01 - 2019-03-06 06:52 - 005790720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-13 12:01 - 2019-03-06 06:52 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-13 12:01 - 2019-03-06 06:51 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-03-13 12:01 - 2019-03-06 06:50 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-03-13 12:01 - 2019-03-06 06:50 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-03-13 12:01 - 2019-03-06 06:50 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-13 12:01 - 2019-03-06 06:49 - 004516352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-03-13 12:01 - 2019-03-06 06:48 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-03-13 12:01 - 2019-03-06 06:48 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-03-13 12:01 - 2019-02-21 04:26 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-13 12:01 - 2019-02-16 14:02 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-03-13 12:01 - 2019-02-16 13:57 - 001048472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-03-13 12:01 - 2019-02-16 13:56 - 000549520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-03-13 12:01 - 2019-02-16 13:53 - 001516416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-03-13 12:01 - 2019-02-16 13:34 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-13 12:01 - 2019-02-16 13:34 - 001725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-13 12:01 - 2019-02-16 13:34 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-03-13 12:01 - 2019-02-16 13:32 - 003646976 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-13 12:01 - 2019-02-16 13:30 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-03-13 12:01 - 2019-02-16 13:22 - 001322176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-03-13 12:01 - 2019-02-16 13:08 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-03-13 12:01 - 2019-02-16 13:06 - 002890752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-13 12:01 - 2019-02-16 11:24 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-03-13 12:01 - 2019-02-16 11:22 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-03-13 12:01 - 2019-02-16 09:04 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-03-13 12:01 - 2019-02-16 09:03 - 007901392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-03-13 12:01 - 2019-02-16 09:03 - 005625360 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-03-13 12:01 - 2019-02-16 09:03 - 000510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-03-13 12:01 - 2019-02-16 09:02 - 005821440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-03-13 12:01 - 2019-02-16 09:02 - 003291632 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-03-13 12:01 - 2019-02-16 09:02 - 001792712 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-03-13 12:01 - 2019-02-16 09:02 - 000705848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-03-13 12:01 - 2019-02-16 09:02 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-13 12:01 - 2019-02-16 09:01 - 001285424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-03-13 12:01 - 2019-02-16 09:01 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-03-13 12:01 - 2019-02-16 09:01 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-03-13 12:01 - 2019-02-16 09:01 - 001028920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-03-13 12:01 - 2019-02-16 09:01 - 000735464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-13 12:01 - 2019-02-16 09:01 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-03-13 12:01 - 2019-02-16 09:01 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-03-13 12:01 - 2019-02-16 08:53 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-03-13 12:01 - 2019-02-16 08:51 - 002479168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-03-13 12:01 - 2019-02-16 08:51 - 001584536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-03-13 12:01 - 2019-02-16 08:50 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-03-13 12:01 - 2019-02-16 08:50 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-03-13 12:01 - 2019-02-16 08:50 - 000560384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-03-13 12:01 - 2019-02-16 08:37 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-03-13 12:01 - 2019-02-16 08:36 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-03-13 12:01 - 2019-02-16 08:36 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-03-13 12:01 - 2019-02-16 08:35 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-13 12:01 - 2019-02-16 08:35 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-13 12:01 - 2019-02-16 08:34 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-03-13 12:01 - 2019-02-16 08:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-03-13 12:01 - 2019-02-16 08:33 - 006646784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-03-13 12:01 - 2019-02-16 08:33 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-13 12:01 - 2019-02-16 08:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-13 12:01 - 2019-02-16 08:32 - 002969088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-13 12:01 - 2019-02-16 08:31 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-03-13 12:01 - 2019-02-16 08:31 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-03-13 12:01 - 2019-02-16 08:31 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-13 12:01 - 2019-02-16 08:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-03-13 12:01 - 2019-02-16 08:30 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-03-13 12:01 - 2019-02-16 08:30 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-03-13 12:01 - 2019-02-16 08:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-13 12:01 - 2019-02-16 08:29 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-03-13 12:01 - 2019-02-16 08:29 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-03-13 12:01 - 2019-02-16 08:28 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-03-13 12:01 - 2019-02-16 08:28 - 002585600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-03-13 12:01 - 2019-02-16 08:28 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-03-13 12:01 - 2019-02-16 08:28 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-03-13 12:01 - 2019-02-16 08:28 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-03-13 12:01 - 2019-02-16 08:27 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-03-13 12:01 - 2019-02-16 08:27 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-13 12:01 - 2019-02-16 08:26 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-03-13 12:01 - 2019-02-16 08:26 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-03-13 12:01 - 2019-02-16 08:26 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-13 12:01 - 2019-02-16 08:26 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-03-13 12:01 - 2019-02-16 08:25 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-03-13 12:01 - 2019-02-16 08:25 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-03-13 12:00 - 2019-03-06 16:36 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-03-13 12:00 - 2019-03-06 16:20 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-03-13 12:00 - 2019-03-06 16:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-13 12:00 - 2019-03-06 16:17 - 000810496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-13 12:00 - 2019-03-06 16:17 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-03-13 12:00 - 2019-03-06 16:14 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-03-13 12:00 - 2019-03-06 16:13 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 12:00 - 2019-03-06 16:12 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-03-13 12:00 - 2019-03-06 13:18 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-03-13 12:00 - 2019-03-06 13:10 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-13 12:00 - 2019-03-06 13:06 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-03-13 12:00 - 2019-03-06 13:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-13 12:00 - 2019-03-06 12:59 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-03-13 12:00 - 2019-03-06 10:16 - 001457032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-13 12:00 - 2019-03-06 10:16 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-03-13 12:00 - 2019-03-06 10:16 - 000722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-03-13 12:00 - 2019-03-06 10:16 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-03-13 12:00 - 2019-03-06 10:16 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-03-13 12:00 - 2019-03-06 10:11 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-03-13 12:00 - 2019-03-06 10:10 - 000248880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-03-13 12:00 - 2019-03-06 10:06 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-13 12:00 - 2019-03-06 10:05 - 000439224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-03-13 12:00 - 2019-03-06 10:05 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-03-13 12:00 - 2019-03-06 10:04 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2019-03-13 12:00 - 2019-03-06 10:02 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-13 12:00 - 2019-03-06 10:02 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-13 12:00 - 2019-03-06 10:02 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-13 12:00 - 2019-03-06 10:02 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-03-13 12:00 - 2019-03-06 09:31 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-03-13 12:00 - 2019-03-06 09:31 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 12:00 - 2019-03-06 09:31 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 12:00 - 2019-03-06 09:26 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-13 12:00 - 2019-03-06 09:26 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-03-13 12:00 - 2019-03-06 09:26 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-03-13 12:00 - 2019-03-06 08:08 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-03-13 12:00 - 2019-03-06 07:17 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-03-13 12:00 - 2019-03-06 07:15 - 000434488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-03-13 12:00 - 2019-03-06 07:14 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-03-13 12:00 - 2019-03-06 07:14 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2019-03-13 12:00 - 2019-03-06 07:13 - 000607248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-03-13 12:00 - 2019-03-06 06:52 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-03-13 12:00 - 2019-03-06 06:51 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-03-13 12:00 - 2019-03-06 06:49 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-03-13 12:00 - 2019-02-16 14:02 - 001644040 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-13 12:00 - 2019-02-16 14:02 - 000808456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-13 12:00 - 2019-02-16 14:02 - 000735752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-13 12:00 - 2019-02-16 14:02 - 000620040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-13 12:00 - 2019-02-16 14:02 - 000460296 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-13 12:00 - 2019-02-16 14:02 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-13 12:00 - 2019-02-16 14:02 - 000147464 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-13 12:00 - 2019-02-16 14:02 - 000071176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-13 12:00 - 2019-02-16 13:57 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-03-13 12:00 - 2019-02-16 13:56 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-03-13 12:00 - 2019-02-16 13:36 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-03-13 12:00 - 2019-02-16 13:33 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-03-13 12:00 - 2019-02-16 13:32 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-03-13 12:00 - 2019-02-16 13:31 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-03-13 12:00 - 2019-02-16 13:31 - 001003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-03-13 12:00 - 2019-02-16 13:31 - 000861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-03-13 12:00 - 2019-02-16 13:31 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-03-13 12:00 - 2019-02-16 13:30 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-03-13 12:00 - 2019-02-16 13:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-03-13 12:00 - 2019-02-16 13:29 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-03-13 12:00 - 2019-02-16 13:07 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-03-13 12:00 - 2019-02-16 13:07 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-03-13 12:00 - 2019-02-16 13:06 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-03-13 12:00 - 2019-02-16 13:06 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-03-13 12:00 - 2019-02-16 13:06 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-03-13 12:00 - 2019-02-16 13:04 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-03-13 12:00 - 2019-02-16 09:16 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-13 12:00 - 2019-02-16 09:15 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-03-13 12:00 - 2019-02-16 09:15 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-03-13 12:00 - 2019-02-16 09:05 - 000087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-03-13 12:00 - 2019-02-16 09:02 - 001934800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-03-13 12:00 - 2019-02-16 09:02 - 000413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-03-13 12:00 - 2019-02-16 09:01 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-03-13 12:00 - 2019-02-16 09:01 - 000641984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-03-13 12:00 - 2019-02-16 09:01 - 000480840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-13 12:00 - 2019-02-16 09:01 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-03-13 12:00 - 2019-02-16 09:01 - 000161664 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2019-03-13 12:00 - 2019-02-16 08:57 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-03-13 12:00 - 2019-02-16 08:51 - 000170952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2019-03-13 12:00 - 2019-02-16 08:50 - 001805648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-03-13 12:00 - 2019-02-16 08:50 - 001171336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-03-13 12:00 - 2019-02-16 08:50 - 000504072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-03-13 12:00 - 2019-02-16 08:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-03-13 12:00 - 2019-02-16 08:33 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-13 12:00 - 2019-02-16 08:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-03-13 12:00 - 2019-02-16 08:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-03-13 12:00 - 2019-02-16 08:32 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2019-03-13 12:00 - 2019-02-16 08:31 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-03-13 12:00 - 2019-02-16 08:30 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-03-13 12:00 - 2019-02-16 08:30 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2019-03-13 12:00 - 2019-02-16 08:28 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-03-13 12:00 - 2019-02-16 08:27 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-03-13 12:00 - 2019-02-16 08:26 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-03-13 00:32 - 2019-03-13 00:32 - 000009091 _____ C:\Users\Paulie\Downloads\2018_2019_LS.xlsx
2019-03-13 00:13 - 2019-03-13 00:13 - 000329547 _____ C:\Users\Paulie\Downloads\Pripojeni_pro_reporting (1).pdf
2019-03-12 22:31 - 2019-03-13 01:09 - 000040827 _____ C:\Users\Paulie\Downloads\úkolníček.xlsx
2019-03-11 17:48 - 2019-03-11 17:48 - 000909394 _____ C:\Users\Paulie\Downloads\CV_04_-_Run_na_banku.pptx
2019-03-07 07:43 - 2019-03-07 07:43 - 000000000 ____D C:\Users\Paulie\Downloads\02.cv
2019-03-07 07:42 - 2019-03-07 07:42 - 004524108 _____ C:\Users\Paulie\Downloads\4IT436_Zadani_a_data_semestralni_prace.zip
2019-03-07 07:42 - 2019-03-07 07:42 - 004524108 _____ C:\Users\Paulie\Downloads\4IT436_Zadani_a_data_semestralni_prace (1).zip
2019-03-07 07:42 - 2019-03-07 07:42 - 000916765 _____ C:\Users\Paulie\Downloads\01.cv.zip
2019-03-01 11:35 - 2019-03-01 11:35 - 001412122 _____ C:\Users\Paulie\Downloads\Zadani_pripadove_studie_-_MIS_BNS_2019_0228 (1).pdf
2019-03-01 11:34 - 2019-03-01 11:34 - 002081873 _____ C:\Users\Paulie\Downloads\Zaklady_ovladani_BNS-AB_(uzivatelska_dokumentace).pdf
2019-03-01 11:34 - 2019-03-01 11:34 - 001412122 _____ C:\Users\Paulie\Downloads\Zadani_pripadove_studie_-_MIS_BNS_2019_0228.pdf
2019-02-27 11:33 - 2019-02-27 11:33 - 000583942 _____ C:\Users\Paulie\Downloads\KNOWLEDGE_a_CI_V6.pptx
2019-02-21 15:09 - 2019-02-21 15:09 - 000353701 _____ C:\Users\Paulie\Downloads\4IT494_-_Cviceni_01_-_case_study.pdf
2019-02-21 14:53 - 2019-02-21 14:53 - 000353701 _____ C:\Users\Paulie\Downloads\4IT494_-_Cviceni_01_-_case_study (1).pdf
2019-02-20 12:14 - 2019-02-20 12:14 - 002012852 _____ C:\Users\Paulie\Downloads\Informacni__zdroje_CI.pptx

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-22 13:28 - 2018-05-24 16:23 - 000004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{76598262-0A1A-4313-BFFB-AF6DD7275A06}
2019-03-22 13:27 - 2018-03-08 15:21 - 000000000 ____D C:\FRST
2019-03-22 13:24 - 2018-05-24 16:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-22 08:58 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-22 08:48 - 2018-05-24 16:23 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-21 16:31 - 2018-07-28 20:44 - 000000000 ___DC C:\Users\Paulie\AppData\Local\CrashDumps
2019-03-21 16:17 - 2018-02-21 14:19 - 000040982 ____C C:\Users\Paulie\Desktop\úkolníček.xlsx
2019-03-21 12:30 - 2018-09-06 14:42 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-21 12:30 - 2018-05-24 16:23 - 000003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-21 12:30 - 2018-05-24 16:23 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-03-21 12:30 - 2018-05-24 16:23 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-03-21 12:30 - 2018-05-24 16:23 - 000003462 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-03-21 12:30 - 2018-05-24 16:23 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-21 12:30 - 2018-05-24 16:23 - 000003238 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-03-21 12:30 - 2018-05-24 16:23 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-21 12:30 - 2018-05-24 16:23 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-265973849-1346121208-2514518910-1001
2019-03-21 12:30 - 2018-05-24 16:23 - 000002856 _____ C:\WINDOWS\System32\Tasks\HPJumpStartLaunch
2019-03-21 12:30 - 2018-05-24 16:23 - 000002806 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPaulie
2019-03-21 12:30 - 2018-05-24 16:23 - 000002500 _____ C:\WINDOWS\System32\Tasks\HPEA3JOBS
2019-03-21 12:30 - 2018-05-24 16:23 - 000002440 _____ C:\WINDOWS\System32\Tasks\HPAudioSwitch
2019-03-21 12:30 - 2018-05-24 16:23 - 000002388 _____ C:\WINDOWS\System32\Tasks\Connect
2019-03-21 12:30 - 2018-05-24 16:23 - 000002318 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2019-03-21 12:30 - 2018-05-24 16:23 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-03-21 12:30 - 2018-05-24 16:23 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-03-21 12:30 - 2018-03-29 17:11 - 000000378 _____ C:\WINDOWS\Tasks\Connect.job
2019-03-21 12:30 - 2018-02-17 15:32 - 000000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPaulie.job
2019-03-21 12:30 - 2017-05-18 07:56 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-03-21 12:30 - 2017-05-18 07:56 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-03-21 05:41 - 2018-01-25 11:25 - 000000000 ____D C:\Škola - Magistr
2019-03-21 05:28 - 2018-05-24 16:08 - 001878058 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-21 05:28 - 2018-04-12 16:50 - 000780210 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-21 05:28 - 2018-04-12 16:50 - 000177260 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-21 05:28 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-21 05:23 - 2018-05-24 16:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-21 05:23 - 2018-03-09 02:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-21 05:23 - 2017-09-28 20:16 - 000000000 __SHD C:\Users\Paulie\IntelGraphicsProfiles
2019-03-21 05:22 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-21 05:18 - 2017-05-18 07:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-20 20:53 - 2018-01-25 11:45 - 000000000 ____D C:\Program Files\trend micro
2019-03-20 17:36 - 2018-01-26 23:25 - 000000000 ____D C:\AdwCleaner
2019-03-20 17:36 - 2017-11-14 20:07 - 000000000 ___DC C:\Users\Paulie\AppData\Roaming\uTorrent
2019-03-20 17:28 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-20 17:28 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-20 17:27 - 2018-05-24 16:05 - 000575816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-20 17:22 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-03-20 17:22 - 2017-11-29 20:47 - 000000000 ___DC C:\Users\Paulie\AppData\Local\Packages
2019-03-20 17:16 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-03-20 17:13 - 2017-11-17 17:45 - 000000000 ____D C:\ProgramData\Cisco
2019-03-20 17:13 - 2017-11-17 17:45 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-03-20 17:09 - 2018-03-29 17:11 - 000000000 ____D C:\Program Files (x86)\MAGIX
2019-03-20 16:58 - 2017-11-09 19:21 - 000000000 ____D C:\Programy
2019-03-20 16:54 - 2017-11-15 11:48 - 000000000 ___DC C:\Users\Paulie\AppData\LocalLow\Mozilla
2019-03-20 16:50 - 2018-05-22 16:13 - 000000000 ___DC C:\WINDOWS\Panther
2019-03-20 16:48 - 2017-10-31 17:48 - 000000000 ___DC C:\Users\Paulie\AppData\Roaming\vlc
2019-03-20 16:47 - 2018-09-18 11:07 - 000000000 ___DC C:\Users\Paulie\Desktop\2. zimní semestr
2019-03-20 16:29 - 2018-03-19 00:09 - 000000000 ___DC C:\Users\Paulie\Documents\Soubory aplikace Outlook
2019-03-20 16:22 - 2018-11-17 02:03 - 000000000 ____D C:\Program Files\rempl
2019-03-18 16:20 - 2019-02-15 13:29 - 000249152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-03-18 16:20 - 2019-01-18 02:30 - 000254408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-03-18 16:20 - 2019-01-08 14:03 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-03-18 16:20 - 2019-01-08 14:03 - 000196304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-03-18 16:20 - 2019-01-08 14:03 - 000058168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-03-18 16:20 - 2019-01-08 14:03 - 000037320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-03-18 16:20 - 2018-10-13 15:40 - 000042496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-03-18 16:20 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-18 16:20 - 2017-11-09 19:31 - 000205608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-03-18 16:20 - 2017-10-02 21:42 - 001034640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-03-18 16:20 - 2017-10-02 21:42 - 000476256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-03-18 16:20 - 2017-10-02 21:42 - 000380160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-03-18 16:20 - 2017-10-02 21:42 - 000220632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-03-18 16:20 - 2017-10-02 21:42 - 000169104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-03-18 16:20 - 2017-10-02 21:42 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-03-18 16:20 - 2017-10-02 21:42 - 000088152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-03-14 03:06 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-03-14 03:06 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-14 03:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-14 03:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-14 03:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-14 03:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-14 03:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-14 03:06 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-03-13 12:09 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-13 12:05 - 2018-11-15 22:01 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-03-13 12:05 - 2018-11-15 22:01 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-03-13 11:59 - 2017-10-01 10:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 01:07 - 2017-10-01 10:34 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-07 00:13 - 2017-09-28 22:24 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-06 15:30 - 2018-05-24 16:09 - 000002397 ____C C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-06 15:30 - 2017-09-28 20:19 - 000000000 ___RD C:\Users\Paulie\OneDrive
2019-03-03 17:54 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-03 17:54 - 2018-04-12 00:41 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-25 13:01 - 2017-10-30 21:23 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-23 01:03 - 2017-10-02 19:00 - 000000000 ____D C:\Program Files\CCleaner
2019-02-23 01:02 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-23 01:02 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-24 16:05

==================== End of FRST.txt ============================
Přílohy
addition.rar
(12.39 KiB) Staženo 73 x
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Prosím o kontrolu logu

#6 Příspěvek od Diallix »

Bezi vam tam keylogger.

:arrow: Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:

C:\CCP\CCP.exe
C:\CCP
C:\Program Files (x86)\Bonjour
C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.4.2

2015-11-01 19:46 - 2015-11-01 19:46 - 000081408 _____ () [File not signed] C:\CCP\CCP.01
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\MountPoints2: {ccf3ac0b-b40b-11e8-996d-9061ae26b320} - "F:\HiSuiteDownLoader.exe" 
SearchScopes: HKLM -> {D6905F94-6D2C-475B-8B87-83E0972391AB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D6905F94-6D2C-475B-8B87-83E0972391AB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {D6905F94-6D2C-475B-8B87-83E0972391AB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
FF user.js: detected! => C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\user.js [2018-05-24]
2019-03-21 05:23 - 2018-03-09 02:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {24F147E8-01D3-42A6-8415-C236E9A20AB5} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Shortcut: C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.4.2\Аrdаmаx Keylogger 4.4.2.lnk -> C:\CCP\CCP.exe () <==== Cyrillic
Shortcut: C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdamаx Kеylogger 4.4.2\Аrdamаx Kеylogger 4.4.2.lnk -> C:\CCP\CCP.exe () <==== Cyrillic
FirewallRules: [{574F11BB-ABF3-44D7-A761-352D5E5DCA06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08BFDAB8-97F4-43A1-89D1-2D1FAA103DAD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6940648C-1784-422C-BEB0-658477C1FAF2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File

VirusTotal: C:\Program Files (x86)\MAGIX\Connect\connect.exe
VirusTotal: C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Preacher
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 25 led 2018 11:40

Re: Prosím o kontrolu logu

#7 Příspěvek od Preacher »

Dobrý den, úplně dole najdete obsah z toho logu, ale obávám se, že mám jiný problém.
Asi mě někdo sleduje anebo se spíš na mě napojil neznámý hacker (to spíš, nevím o nikom, kdo by měl důvod mě sledovat, nikdo z mého okruhu to nebude a k mému notebooku mám přístup jen já). Vysvětlím:
Když jsem ted zapnul prohlížeč, tak napíšu F a automaticky ENTER, a měl by mi tam skočit facebook. Ale místo http://www.facebook.com mi vyjede dlouhý odkaz: https://www.facebook.com/permalink.php? ... on_generic

a vypadá to jako na obrázku 01.jpg (je přiložen ve winraru). Je velmi zvláštní, že i když jsem odhlášený, tak to ukazuje můj příspěvek, který jsem sdílel nedávno na fb. To by přeci nemělo být viditelné, ne?
Anebo druhý případ:
[vsuvka] tak jsem chtěl akorát udělat screenshot druhého případu, ale najednou to je už v pořádku.... Jednalo se o to, že když jsem se odhlásil z Facebooku, tak vám to dá na výběr se přihlásit na jiný účet.... Byl tam můj, a pak dva nové neznámé účty, které neměly žádnou profilovou fotku. Když jsem na ně najel myší, tak první ukázal "Půjdeš kriminál" nebo něco v tom smyslu, a druhý "Půjdeš sedět do kriminálu".... Ještě nikdy jsem se s něčím takovým nesetkal :D :D jako neděsí mě to, je mi jasný, že to je fake, že jsem natáhl nějaký vir a někdo mě chce nalákat, abych na to klikl, nebo abych se bál nebo nevim, ale každopádně to značí, že mám asi nějakou havěť v PC....
Ale ať je to jakkoli, záhadně to ted zmizelo, nemůžu udělat screen bohužel.
Posílám fixlog a ještě jednou díky :)
obsah z fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Paulie (23-03-2019 21:08:41) Run:1
Running from C:\Users\Paulie\Desktop
Loaded Profiles: Paulie (Available Profiles: Paulie)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:

C:\CCP\CCP.exe
C:\CCP
C:\Program Files (x86)\Bonjour
C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rd?m?x Keylogger 4.4.2

2015-11-01 19:46 - 2015-11-01 19:46 - 000081408 _____ () [File not signed] C:\CCP\CCP.01
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\MountPoints2: {ccf3ac0b-b40b-11e8-996d-9061ae26b320} - "F:\HiSuiteDownLoader.exe"
SearchScopes: HKLM -> {D6905F94-6D2C-475B-8B87-83E0972391AB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D6905F94-6D2C-475B-8B87-83E0972391AB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {D6905F94-6D2C-475B-8B87-83E0972391AB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
FF user.js: detected! => C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\user.js [2018-05-24]
2019-03-21 05:23 - 2018-03-09 02:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {24F147E8-01D3-42A6-8415-C236E9A20AB5} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Shortcut: C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rd?m?x Keylogger 4.4.2\?rd?m?x Keylogger 4.4.2.lnk -> C:\CCP\CCP.exe () <==== Cyrillic
Shortcut: C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rdam?x K?ylogger 4.4.2\?rdam?x K?ylogger 4.4.2.lnk -> C:\CCP\CCP.exe () <==== Cyrillic
FirewallRules: [{574F11BB-ABF3-44D7-A761-352D5E5DCA06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08BFDAB8-97F4-43A1-89D1-2D1FAA103DAD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6940648C-1784-422C-BEB0-658477C1FAF2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File

VirusTotal: C:\Program Files (x86)\MAGIX\Connect\connect.exe
VirusTotal: C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe

EmptyTemp:

*****************

Processes closed successfully.
C:\CCP\CCP.exe => moved successfully
C:\CCP => moved successfully
C:\Program Files (x86)\Bonjour => moved successfully
"C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rd?m?x Keylogger 4.4.2" => not found
"C:\CCP\CCP.01" => not found
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ccf3ac0b-b40b-11e8-996d-9061ae26b320} => removed successfully
HKLM\Software\Classes\CLSID\{ccf3ac0b-b40b-11e8-996d-9061ae26b320} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D6905F94-6D2C-475B-8B87-83E0972391AB} => removed successfully
HKLM\Software\Classes\CLSID\{D6905F94-6D2C-475B-8B87-83E0972391AB} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D6905F94-6D2C-475B-8B87-83E0972391AB} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D6905F94-6D2C-475B-8B87-83E0972391AB} => not found
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D6905F94-6D2C-475B-8B87-83E0972391AB} => removed successfully
HKLM\Software\Classes\CLSID\{D6905F94-6D2C-475B-8B87-83E0972391AB} => not found
C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\user.js => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24F147E8-01D3-42A6-8415-C236E9A20AB5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24F147E8-01D3-42A6-8415-C236E9A20AB5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures" => removed successfully
"C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rd?m?x Keylogger 4.4.2\?rd?m?x Keylogger 4.4.2.lnk" => not found
"C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rdam?x K?ylogger 4.4.2\?rdam?x K?ylogger 4.4.2.lnk" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{574F11BB-ABF3-44D7-A761-352D5E5DCA06}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{08BFDAB8-97F4-43A1-89D1-2D1FAA103DAD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6940648C-1784-422C-BEB0-658477C1FAF2}" => removed successfully
VirusTotal: C:\Program Files (x86)\MAGIX\Connect\connect.exe => https://www.virustotal.com/file/2308f89 ... 540173699/
VirusTotal: C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe => https://www.virustotal.com/file/4a4cb9a ... 550721724/

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 273482560 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 6539301 B
Edge => 12783 B
Chrome => 267540237 B
Firefox => 10822966 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 3838137 B
LocalService => 2708 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Paulie => 15388977 B

RecycleBin => 14376701 B
EmptyTemp: => 574.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:10:22 ====
Přílohy
obrázky.rar
(54.95 KiB) Staženo 71 x
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Prosím o kontrolu logu

#8 Příspěvek od Diallix »

V systeme bol keylogger. Niekto vas naistotu sledoval. Uz by to malo byt v poriadku.. Hodte sem pre istotu este logy z FRST a ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Preacher
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 25 led 2018 11:40

Re: Prosím o kontrolu logu

#9 Příspěvek od Preacher »

tak na to, že se jednalo pouze o preventivní kontrolu, tak docela síla :D
Posílám logy, jsou v příloze, a ještě jednou děkuji :)
Přílohy
frst and addition.rar
(26 KiB) Staženo 55 x
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Prosím o kontrolu logu

#10 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

"C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rd?m?x Keylogger 4.4.2\?rd?m?x Keylogger 4.4.2.lnk"
"C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rdam?x K?ylogger 4.4.2\?rdam?x K?ylogger 4.4.2.lnk"
Shortcut: C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.4.2\Аrdаmаx Keylogger 4.4.2.lnk -> C:\CCP\CCP.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdamаx Kеylogger 4.4.2\Аrdamаx Kеylogger 4.4.2.lnk -> C:\CCP\CCP.exe (No File) <==== Cyrillic

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Preacher
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 25 led 2018 11:40

Re: Prosím o kontrolu logu

#11 Příspěvek od Preacher »

hotovo, jenom nebyl zapotřebí reboot, jelikož se jednalo jen o "prázdné" zástupce :)

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Paulie (24-03-2019 17:12:52) Run:2
Running from C:\Users\Paulie\Desktop
Loaded Profiles: Paulie (Available Profiles: Paulie)
Boot Mode: Normal
==============================================

fixlist content:
*****************
"C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rd?m?x Keylogger 4.4.2\?rd?m?x Keylogger 4.4.2.lnk"
"C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rdam?x K?ylogger 4.4.2\?rdam?x K?ylogger 4.4.2.lnk"
Shortcut: C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.4.2\Аrdаmаx Keylogger 4.4.2.lnk -> C:\CCP\CCP.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdamаx Kеylogger 4.4.2\Аrdamаx Kеylogger 4.4.2.lnk -> C:\CCP\CCP.exe (No File) <==== Cyrillic

*****************

"C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rd?m?x Keylogger 4.4.2\?rd?m?x Keylogger 4.4.2.lnk" => not found
"C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rdam?x K?ylogger 4.4.2\?rdam?x K?ylogger 4.4.2.lnk" => not found
C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.4.2\Аrdаmаx Keylogger 4.4.2.lnk => moved successfully
C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdamаx Kеylogger 4.4.2\Аrdamаx Kеylogger 4.4.2.lnk => moved successfully

==== End of Fixlog 17:12:52 ====
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Prosím o kontrolu logu

#12 Příspěvek od Diallix »

Mohlo by to byt ok :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Preacher
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 25 led 2018 11:40

Re: Prosím o kontrolu logu

#13 Příspěvek od Preacher »

Super, velmi děkuji :)
já už se musim pustit do různých projektů, mám co dohánět :D
Díky za pomoc, zatím :)
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Prosím o kontrolu logu

#14 Příspěvek od Diallix »

Majte sa.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“