Stránka 1 z 1

Prosím o preventivku

Napsal: 08 čer 2019 14:15
od BacilX
Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2019-06-08 14:59:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (36%) free of 105 GB
Total RAM: 8136 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:59:41, on 8.6.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
C:\Program Files\trend micro\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\RazaWebHook64.dll/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{15601C4F-0785-412A-BDC7-0069DA945582}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{15601C4F-0785-412A-BDC7-0069DA945582}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{15601C4F-0785-412A-BDC7-0069DA945582}: NameServer = 156.154.70.25,156.154.71.25
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 5455 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe" -service
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --cistrayUI
"C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe"
AvastUI.exe /nogui
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\wbem\wmiprvse.exe

taskeng.exe {B712F722-97C9-4406-8C4F-E8E50B42EC8A}
"C:\Users\Admin\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\imtd495u.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.192 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.192 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\imtd495u.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-11-04 7204568]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-05-26 262024]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2019-04-16 13065408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IseUI"=C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [2019-01-29 4187856]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2019-06-08 14:59:41 ----D---- C:\rsit
2019-05-26 19:05:16 ----A---- C:\Windows\system32\aswBoot.exe
2019-05-25 09:50:33 ----HD---- C:\$AV_ASW
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-05-14 23:45:34 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-05-14 23:45:34 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-05-14 23:45:34 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-05-14 23:45:34 ----A---- C:\Windows\SYSWOW64\user.exe
2019-05-14 23:45:34 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-05-14 23:45:34 ----A---- C:\Windows\system32\KernelBase.dll
2019-05-14 23:45:34 ----A---- C:\Windows\system32\kernel32.dll
2019-05-14 23:45:34 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-05-14 23:45:34 ----A---- C:\Windows\system32\appidsvc.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-05-14 23:45:33 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\wow64cpu.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\wow64.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\TSpkg.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\sspisrv.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\smss.exe
2019-05-14 23:45:33 ----A---- C:\Windows\system32\secur32.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\rpchttp.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\ntdll.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\msv1_0.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\hal.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-05-14 23:45:33 ----A---- C:\Windows\system32\drivers\processr.sys
2019-05-14 23:45:33 ----A---- C:\Windows\system32\drivers\npfs.sys
2019-05-14 23:45:33 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-05-14 23:45:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-05-14 23:45:33 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-05-14 23:45:33 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-05-14 23:45:33 ----A---- C:\Windows\system32\drivers\appid.sys
2019-05-14 23:45:33 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-05-14 23:45:33 ----A---- C:\Windows\system32\csrsrv.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\appidapi.dll
2019-05-14 23:45:33 ----A---- C:\Windows\system32\apisetschema.dll
2019-05-14 23:45:32 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-05-14 23:45:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-05-14 23:45:32 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-05-14 23:45:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-05-14 23:45:32 ----A---- C:\Windows\system32\sspicli.dll
2019-05-14 23:45:32 ----A---- C:\Windows\system32\rpcss.dll
2019-05-14 23:45:32 ----A---- C:\Windows\system32\rpcrt4.dll
2019-05-14 23:45:32 ----A---- C:\Windows\system32\oleaut32.dll
2019-05-14 23:45:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-05-14 23:45:32 ----A---- C:\Windows\system32\lsass.exe
2019-05-14 23:45:32 ----A---- C:\Windows\system32\lsasrv.dll
2019-05-14 23:45:32 ----A---- C:\Windows\system32\kerberos.dll
2019-05-14 23:45:32 ----A---- C:\Windows\system32\gdi32.dll
2019-05-14 23:45:32 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-05-14 23:45:32 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-05-14 23:45:32 ----A---- C:\Windows\system32\drivers\srv.sys
2019-05-14 23:45:32 ----A---- C:\Windows\system32\advapi32.dll
2019-05-14 23:45:31 ----A---- C:\Windows\system32\ole32.dll
2019-05-14 23:45:31 ----A---- C:\Windows\system32\mshtml.dll
2019-05-14 23:45:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-05-14 23:45:30 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-05-14 23:45:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\winsrv.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\wdigest.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\sscore.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\srcore.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\srclient.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\schannel.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-05-14 23:45:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-05-14 23:45:30 ----A---- C:\Windows\system32\cryptdll.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\cryptbase.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\certcli.dll
2019-05-14 23:45:30 ----A---- C:\Windows\system32\bcrypt.dll
2019-05-14 23:45:29 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-05-14 23:45:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-05-14 23:45:29 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-05-14 23:45:29 ----A---- C:\Windows\system32\wow64win.dll
2019-05-14 23:45:29 ----A---- C:\Windows\system32\srvsvc.dll
2019-05-14 23:45:29 ----A---- C:\Windows\system32\ncrypt.dll
2019-05-14 23:45:29 ----A---- C:\Windows\system32\ieframe.dll
2019-05-14 23:45:29 ----A---- C:\Windows\system32\conhost.exe
2019-05-14 23:45:28 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-05-14 23:45:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-05-14 23:45:28 ----A---- C:\Windows\system32\wininet.dll
2019-05-14 23:45:28 ----A---- C:\Windows\system32\wercplsupport.dll
2019-05-14 23:45:28 ----A---- C:\Windows\system32\werconcpl.dll
2019-05-14 23:45:28 ----A---- C:\Windows\system32\rstrui.exe
2019-05-14 23:45:28 ----A---- C:\Windows\system32\ntvdm64.dll
2019-05-14 23:45:28 ----A---- C:\Windows\system32\jscript9.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\werui.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\wer.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\usp10.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\shell32.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\cryptdll.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-05-14 23:45:27 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-05-14 23:45:27 ----A---- C:\Windows\system32\winload.exe
2019-05-14 23:45:27 ----A---- C:\Windows\system32\werui.dll
2019-05-14 23:45:27 ----A---- C:\Windows\system32\wer.dll
2019-05-14 23:45:27 ----A---- C:\Windows\system32\vbscript.dll
2019-05-14 23:45:27 ----A---- C:\Windows\system32\usp10.dll
2019-05-14 23:45:27 ----A---- C:\Windows\system32\urlmon.dll
2019-05-14 23:45:27 ----A---- C:\Windows\system32\shell32.dll
2019-05-14 23:45:27 ----A---- C:\Windows\system32\nltest.exe
2019-05-14 23:45:27 ----A---- C:\Windows\system32\msaudite.dll
2019-05-14 23:45:27 ----A---- C:\Windows\system32\jscript.dll
2019-05-14 23:45:27 ----A---- C:\Windows\system32\iertutil.dll
2019-05-14 23:45:27 ----A---- C:\Windows\system32\auditpol.exe
2019-05-14 23:45:27 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-05-14 23:45:27 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-05-14 23:45:27 ----A---- C:\Windows\system32\adtschema.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\msscp.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\mf.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2019-05-14 23:45:26 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\wmdrmsdk.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\t2embed.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\streamci.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\oleres.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\msscp.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\msobjs.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\msnetobj.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\msfeeds.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\mf.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\iedkcs32.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\fontsub.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drmv2clt.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drmmgrtn.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\volmgr.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\vdrvroot.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\termdd.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\swenum.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\pci.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\isapnp.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\drivers\AGP440.sys
2019-05-14 23:45:26 ----A---- C:\Windows\system32\credssp.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\comcat.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\blackbox.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2019-05-14 23:45:26 ----A---- C:\Windows\system32\atmfd.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\quartz.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\mfps.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\lpk.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\evr.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2019-05-14 23:45:25 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\wintrust.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\wermgr.exe
2019-05-14 23:45:25 ----A---- C:\Windows\system32\webcheck.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\rrinstaller.exe
2019-05-14 23:45:25 ----A---- C:\Windows\system32\quartz.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\qdvd.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\pcawrk.exe
2019-05-14 23:45:25 ----A---- C:\Windows\system32\pcasvc.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\pcalua.exe
2019-05-14 23:45:25 ----A---- C:\Windows\system32\pcadm.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\occache.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-05-14 23:45:25 ----A---- C:\Windows\system32\msrating.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\mshtmled.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\mfps.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\mfpmp.exe
2019-05-14 23:45:25 ----A---- C:\Windows\system32\mfplat.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\lpk.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\jsproxy.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\jscript9diag.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\inseng.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\ieUnatt.exe
2019-05-14 23:45:25 ----A---- C:\Windows\system32\ieui.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\iesetup.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\iernonce.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-05-14 23:45:25 ----A---- C:\Windows\system32\ieapfltr.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\ie4uinit.exe
2019-05-14 23:45:25 ----A---- C:\Windows\system32\ExplorerFrame.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\evr.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\dxtrans.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\dxtmsft.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\dciman32.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\cryptui.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\cryptsvc.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\cryptnet.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\crypt32.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\audiosrv.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\AudioSes.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\AudioEng.dll
2019-05-14 23:45:25 ----A---- C:\Windows\system32\audiodg.exe
2019-05-14 23:45:24 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2019-05-14 23:45:24 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2019-05-14 23:45:24 ----A---- C:\Windows\SYSWOW64\mssign32.dll
2019-05-14 23:45:24 ----A---- C:\Windows\SYSWOW64\mferror.dll
2019-05-14 23:45:24 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-05-14 23:45:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-05-14 23:45:24 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2019-05-14 23:45:24 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2019-05-14 23:45:24 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2019-05-14 23:45:24 ----A---- C:\Windows\system32\werdiagcontroller.dll
2019-05-14 23:45:24 ----A---- C:\Windows\system32\pcaevts.dll
2019-05-14 23:45:24 ----A---- C:\Windows\system32\mssign32.dll
2019-05-14 23:45:24 ----A---- C:\Windows\system32\msmmsp.dll
2019-05-14 23:45:24 ----A---- C:\Windows\system32\mferror.dll
2019-05-14 23:45:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-05-14 23:45:24 ----A---- C:\Windows\system32\EncDump.dll
2019-05-14 23:45:24 ----A---- C:\Windows\system32\cryptsp.dll
2019-05-14 23:45:24 ----A---- C:\Windows\system32\atmlib.dll

======List of files/folders modified in the last 1 month======

2019-06-08 14:59:41 ----D---- C:\Program Files\trend micro
2019-06-08 14:59:23 ----D---- C:\Windows\Temp
2019-06-08 14:55:08 ----D---- C:\Windows\system32\config
2019-06-08 14:54:01 ----D---- C:\Windows\system32\drivers\etc
2019-06-08 14:49:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-08 14:49:24 ----D---- C:\Program Files (x86)\Mozilla Firefox
2019-06-08 14:46:58 ----D---- C:\Hry
2019-06-08 14:45:25 ----D---- C:\ProgramData\NVIDIA
2019-06-08 10:43:40 ----D---- C:\Windows\System32
2019-06-08 10:43:40 ----D---- C:\Windows\inf
2019-06-08 10:43:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-06-08 10:39:16 ----D---- C:\Windows
2019-06-07 21:00:01 ----D---- C:\Windows\system32\LogFiles
2019-06-07 19:27:55 ----D---- C:\Windows\SoftwareDistribution
2019-06-07 19:25:11 ----D---- C:\Windows\system32\Tasks
2019-06-06 15:03:40 ----D---- C:\Windows\system32\drivers
2019-06-01 18:50:45 ----SHD---- C:\System Volume Information
2019-05-25 09:50:29 ----D---- C:\Users\Admin\AppData\Roaming\FiraxisLive
2019-05-25 00:28:36 ----D---- C:\Program Files (x86)\JDownloader v2.0
2019-05-19 13:49:31 ----D---- C:\Windows\rescache
2019-05-19 08:26:59 ----D---- C:\Windows\Microsoft.NET
2019-05-19 07:51:01 ----D---- C:\Windows\SYSWOW64\LogFiles
2019-05-19 07:51:00 ----D---- C:\Windows\Logs
2019-05-19 07:51:00 ----D---- C:\Windows\debug
2019-05-19 07:47:40 ----D---- C:\Windows\winsxs
2019-05-19 07:47:31 ----D---- C:\Windows\system32\catroot2
2019-05-16 18:28:49 ----RSD---- C:\Windows\assembly
2019-05-15 16:57:00 ----SHD---- C:\Windows\Installer
2019-05-15 16:56:37 ----D---- C:\Windows\SysWOW64
2019-05-15 16:41:41 ----SHD---- C:\Boot
2019-05-15 16:40:28 ----D---- C:\Windows\SYSWOW64\en-US
2019-05-15 16:40:28 ----D---- C:\Windows\SYSWOW64\Dism
2019-05-15 16:40:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2019-05-15 16:40:28 ----D---- C:\Windows\system32\drivers\en-US
2019-05-15 16:40:28 ----D---- C:\Program Files\Internet Explorer
2019-05-15 16:40:28 ----D---- C:\Program Files (x86)\Internet Explorer
2019-05-15 16:40:27 ----RSD---- C:\Windows\Fonts
2019-05-15 16:40:27 ----D---- C:\Windows\system32\en-US
2019-05-15 16:40:27 ----D---- C:\Windows\system32\Dism
2019-05-15 16:40:27 ----D---- C:\Windows\system32\cs-CZ
2019-05-15 16:40:27 ----D---- C:\Windows\AppPatch
2019-05-15 16:40:26 ----D---- C:\Windows\system32\Boot
2019-05-15 16:40:25 ----D---- C:\Windows\system32\DriverStore
2019-05-15 00:23:20 ----D---- C:\Windows\system32\MRT
2019-05-15 00:21:43 ----AC---- C:\Windows\system32\MRT.exe
2019-05-15 00:20:11 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2019-05-15 00:07:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-05-15 00:07:17 ----D---- C:\Windows\system32\Macromed
2019-05-15 00:07:16 ----D---- C:\Windows\SYSWOW64\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2019-05-26 37104]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-05-26 205848]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-05-26 61472]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-05-26 87944]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-05-30 385880]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2013-08-01 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2013-08-01 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2013-04-26 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-06-06 381608]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-05-26 207448]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-05-26 262496]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-05-26 42288]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-05-26 112312]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-05-26 1030784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-05-26 477584]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2019-03-15 34280]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2019-03-15 867864]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2019-03-15 59096]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2019-03-15 126680]
R1 isedrv;Internet Security Essentials; C:\Windows\system32\drivers\isedrv.sys [2019-01-29 51368]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 66304]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 359552]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-06-06 167872]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-06-03 225608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-05 3707864]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-03-12 64624]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2018-04-13 235432]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-10-28 884952]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 187904]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 95232]
R3 XtuAcpiDriver;Intel(R) Extreme Tuning Utility Device Service; C:\Windows\system32\DRIVERS\XtuAcpiDriver.sys [2017-04-18 54168]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2019-02-07 95232]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2018-12-14 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2018-12-14 47672]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-21 109056]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-05-26 409224]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2019-04-16 11401312]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 isesrv;isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [2019-01-29 1044176]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-03-24 464272]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-05-28 6844776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-05-15 335416]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2019-04-11 2651840]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-04-25 116224]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-25 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-06-08 238544]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Re: Prosím o preventivku

Napsal: 08 čer 2019 16:33
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Prosím o preventivku

Napsal: 09 čer 2019 09:07
od BacilX
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-09-2019
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1257 octets] - [09/06/2019 10:05:46]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Prosím o preventivku

Napsal: 09 čer 2019 15:33
od Conder
:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Re: Prosím o preventivku

Napsal: 12 čer 2019 06:30
od BacilX
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-06-2019 01
Ran by Admin (administrator) on TRILINE (ATComputers TRILINE PROFI I108) (12-06-2019 07:28:23)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Robin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2023A75E-B369-4C59-A969-5FFBD0A54E5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {32497A94-DF03-4A04-996E-5FDD5F981B63} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {36A02D00-AF38-4CA6-A009-4908055D499C} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {481DDD29-1126-4F82-A675-A85D9E0CEAF2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {4AF44E30-E709-40E3-84D8-B1CD63C0ABF3} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {665238B0-5734-4583-B5C2-9A9445CB03E3} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {8A45F4D7-DAA6-4F5D-AFDE-6692BE2F0A84} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {9095FB20-3B22-4DFE-9CDB-6DC1BDE9DF91} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {93909114-678F-4B12-9CA1-A3918CDDEB9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-15] (Adobe Inc. -> Adobe)
Task: {9EE0FE29-E88B-42A5-98A9-55DDC1AD7956} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-15] (Adobe Inc. -> Adobe)
Task: {A7FFF6BC-E472-4F42-A199-8395CF0249B5} - System32\Tasks\Norton Security Scan for Admin => C:\Program Files (x86)\NORTON~2\Engine\461~1.175\Nss.exe
Task: {A8218425-C548-40B0-ACB1-48D426220ED6} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D0978751-11B2-4C49-A758-ECBE603F109F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{15601C4F-0785-412A-BDC7-0069DA945582}: [NameServer] 156.154.70.25,156.154.71.25
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,10.40.128.1,-1]

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2485784249-3341709608-829223016-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FireFox:
========
FF DefaultProfile: imtd495u.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\imtd495u.default [2019-06-12]
FF Homepage: Mozilla\Firefox\Profiles\imtd495u.default -> hxxps://www.seznam.cz/
FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\imtd495u.default\Extensions\uBlock0@raymondhill.net.xpi [2019-02-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-15] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-15] (Adobe Inc. -> )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2651840 2019-04-11] (Comodo Security Solutions, Inc. -> COMODO)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-06-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [34280 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [867864 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [59096 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-12-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-12-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-01] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [126680 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [51368 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-06-06] (Disc Soft Ltd -> Duplex Secure Ltd.)
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation -> Intel Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-12 07:28 - 2019-06-12 07:28 - 000014043 _____ C:\Users\Admin\Desktop\FRST.txt
2019-06-12 07:21 - 2019-06-11 08:25 - 002418688 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2019-06-08 14:59 - 2019-06-08 14:59 - 000000000 ____D C:\rsit
2019-06-08 14:52 - 2019-06-08 14:52 - 001222144 _____ C:\Users\Admin\Desktop\RSITx64.exe
2019-05-26 19:05 - 2019-05-26 19:05 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-25 09:50 - 2019-05-25 09:50 - 000000000 ___HD C:\$AV_ASW
2019-05-14 23:45 - 2019-04-30 21:28 - 000397112 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-05-14 23:45 - 2019-04-30 20:37 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-05-14 23:45 - 2019-04-30 02:51 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-14 23:45 - 2019-04-30 02:51 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-05-14 23:45 - 2019-04-25 06:01 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-14 23:45 - 2019-04-25 05:52 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-05-14 23:45 - 2019-04-25 05:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-05-14 23:45 - 2019-04-25 05:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-14 23:45 - 2019-04-25 05:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-05-14 23:45 - 2019-04-25 05:38 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-05-14 23:45 - 2019-04-25 05:38 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-05-14 23:45 - 2019-04-25 05:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-05-14 23:45 - 2019-04-25 05:31 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-05-14 23:45 - 2019-04-25 05:31 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-05-14 23:45 - 2019-04-25 05:30 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-05-14 23:45 - 2019-04-25 05:28 - 005775360 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-14 23:45 - 2019-04-25 05:28 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-05-14 23:45 - 2019-04-25 05:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-05-14 23:45 - 2019-04-25 05:26 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-14 23:45 - 2019-04-25 05:26 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-05-14 23:45 - 2019-04-25 05:26 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-05-14 23:45 - 2019-04-25 05:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-05-14 23:45 - 2019-04-25 05:19 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-05-14 23:45 - 2019-04-25 05:16 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-05-14 23:45 - 2019-04-25 05:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-05-14 23:45 - 2019-04-25 05:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-05-14 23:45 - 2019-04-25 05:11 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-05-14 23:45 - 2019-04-25 05:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-05-14 23:45 - 2019-04-25 05:09 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-05-14 23:45 - 2019-04-25 05:09 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-05-14 23:45 - 2019-04-25 05:09 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-05-14 23:45 - 2019-04-25 05:08 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-05-14 23:45 - 2019-04-25 05:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-05-14 23:45 - 2019-04-25 05:05 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-05-14 23:45 - 2019-04-25 05:05 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-05-14 23:45 - 2019-04-25 05:05 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-05-14 23:45 - 2019-04-25 05:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-05-14 23:45 - 2019-04-25 05:03 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-05-14 23:45 - 2019-04-25 05:03 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-05-14 23:45 - 2019-04-25 05:02 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-05-14 23:45 - 2019-04-25 05:02 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-05-14 23:45 - 2019-04-25 05:01 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-05-14 23:45 - 2019-04-25 04:54 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-05-14 23:45 - 2019-04-25 04:52 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-05-14 23:45 - 2019-04-25 04:50 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-05-14 23:45 - 2019-04-25 04:50 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-05-14 23:45 - 2019-04-25 04:50 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-05-14 23:45 - 2019-04-25 04:49 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-05-14 23:45 - 2019-04-25 04:49 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-05-14 23:45 - 2019-04-25 04:48 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-05-14 23:45 - 2019-04-25 04:47 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-05-14 23:45 - 2019-04-25 04:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-05-14 23:45 - 2019-04-25 04:46 - 015285248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-14 23:45 - 2019-04-25 04:46 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-05-14 23:45 - 2019-04-25 04:45 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-05-14 23:45 - 2019-04-25 04:43 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-05-14 23:45 - 2019-04-25 04:40 - 004493312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-05-14 23:45 - 2019-04-25 04:38 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-05-14 23:45 - 2019-04-25 04:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-05-14 23:45 - 2019-04-25 04:36 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-05-14 23:45 - 2019-04-25 04:35 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-05-14 23:45 - 2019-04-25 04:35 - 005303808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-14 23:45 - 2019-04-25 04:35 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-05-14 23:45 - 2019-04-25 04:24 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-14 23:45 - 2019-04-25 04:18 - 004831232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-05-14 23:45 - 2019-04-25 04:14 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-05-14 23:45 - 2019-04-25 04:14 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-05-14 23:45 - 2019-04-25 04:12 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-05-14 23:45 - 2019-04-19 04:54 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-05-14 23:45 - 2019-04-19 04:53 - 003963624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-05-14 23:45 - 2019-04-19 04:53 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-05-14 23:45 - 2019-04-19 04:51 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:44 - 000185064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-05-14 23:45 - 2019-04-19 04:44 - 000095456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-05-14 23:45 - 2019-04-19 04:43 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-05-14 23:45 - 2019-04-19 04:43 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-05-14 23:45 - 2019-04-19 04:43 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-05-14 23:45 - 2019-04-19 04:43 - 000064232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2019-05-14 23:45 - 2019-04-19 04:43 - 000063208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2019-05-14 23:45 - 2019-04-19 04:43 - 000060648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2019-05-14 23:45 - 2019-04-19 04:43 - 000031976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2019-05-14 23:45 - 2019-04-19 04:43 - 000023784 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2019-05-14 23:45 - 2019-04-19 04:43 - 000020200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2019-05-14 23:45 - 2019-04-19 04:42 - 005552864 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-05-14 23:45 - 2019-04-19 04:42 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-05-14 23:45 - 2019-04-19 04:42 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-05-14 23:45 - 2019-04-19 04:42 - 000122600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2019-05-14 23:45 - 2019-04-19 04:42 - 000068328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2019-05-14 23:45 - 2019-04-19 04:42 - 000036064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2019-05-14 23:45 - 2019-04-19 04:42 - 000015080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2019-05-14 23:45 - 2019-04-19 04:42 - 000012136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2019-05-14 23:45 - 2019-04-19 04:40 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-05-14 23:45 - 2019-04-19 04:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:27 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-05-14 23:45 - 2019-04-19 04:26 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-05-14 23:45 - 2019-04-19 04:20 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-05-14 23:45 - 2019-04-19 04:20 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-05-14 23:45 - 2019-04-19 04:20 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-05-14 23:45 - 2019-04-19 04:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-05-14 23:45 - 2019-04-19 04:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-05-14 23:45 - 2019-04-19 04:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-05-14 23:45 - 2019-04-19 04:15 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-05-14 23:45 - 2019-04-19 04:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-05-14 23:45 - 2019-04-19 04:15 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-05-14 23:45 - 2019-04-19 04:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-05-14 23:45 - 2019-04-19 04:12 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-05-14 23:45 - 2019-04-19 04:11 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-05-14 23:45 - 2019-04-19 04:11 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-05-14 23:45 - 2019-04-19 04:08 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-05-14 23:45 - 2019-04-19 04:08 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-05-14 23:45 - 2019-04-19 04:08 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-05-14 23:45 - 2019-04-19 04:08 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-05-14 23:45 - 2019-04-19 04:08 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-05-14 23:45 - 2019-04-19 04:08 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-05-14 23:45 - 2019-04-19 04:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-05-14 23:45 - 2019-04-19 04:07 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-05-14 23:45 - 2019-04-19 04:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-05-14 23:45 - 2019-04-19 04:07 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-05-14 23:45 - 2019-04-19 04:07 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-05-14 23:45 - 2019-04-19 04:07 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-05-14 23:45 - 2019-04-19 04:07 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-05-14 23:45 - 2019-04-16 17:17 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-05-14 23:45 - 2019-04-16 17:17 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-05-14 23:45 - 2019-04-16 17:17 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-05-14 23:45 - 2019-04-16 17:17 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-05-14 23:45 - 2019-04-16 17:17 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-05-14 23:45 - 2019-04-16 17:17 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-05-14 23:45 - 2019-04-16 17:16 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-05-14 23:45 - 2019-04-16 17:05 - 014184448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-05-14 23:45 - 2019-04-16 17:05 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-05-14 23:45 - 2019-04-16 17:05 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-05-14 23:45 - 2019-04-16 17:05 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-05-14 23:45 - 2019-04-16 17:05 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-05-14 23:45 - 2019-04-16 17:05 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-05-14 23:45 - 2019-04-16 17:05 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-05-14 23:45 - 2019-04-16 17:05 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-05-14 23:45 - 2019-04-16 17:05 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-05-14 23:45 - 2019-04-16 16:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-05-14 23:45 - 2019-04-16 15:15 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2019-05-14 23:45 - 2019-04-16 15:15 - 000419648 _____ C:\Windows\system32\locale.nls
2019-05-14 23:45 - 2019-04-14 07:42 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-05-14 23:45 - 2019-04-14 07:40 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-05-14 23:45 - 2019-04-14 07:40 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-05-14 23:45 - 2019-04-14 07:39 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-05-14 23:45 - 2019-04-14 07:39 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-05-14 23:45 - 2019-04-14 07:28 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-05-14 23:45 - 2019-04-14 07:26 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-05-14 23:45 - 2019-04-14 07:26 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-05-14 23:45 - 2019-04-14 07:26 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-05-14 23:45 - 2019-04-14 07:26 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-05-14 23:45 - 2019-04-14 07:26 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-05-14 23:45 - 2019-04-14 07:12 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-05-14 23:45 - 2019-04-07 17:17 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-05-14 23:45 - 2019-04-07 17:17 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-05-14 23:45 - 2019-04-07 17:17 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-05-14 23:45 - 2019-04-07 17:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-05-14 23:45 - 2019-04-07 17:16 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-05-14 23:45 - 2019-04-07 17:16 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-05-14 23:45 - 2019-04-07 17:16 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-05-14 23:45 - 2019-04-07 17:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-05-14 23:45 - 2019-04-07 17:16 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-05-14 23:45 - 2019-04-07 17:16 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-05-14 23:45 - 2019-04-07 17:16 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-05-14 23:45 - 2019-04-07 17:16 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-05-14 23:45 - 2019-04-07 17:16 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-05-14 23:45 - 2019-04-07 17:16 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-05-14 23:45 - 2019-04-07 17:15 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-05-14 23:45 - 2019-04-07 17:05 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-05-14 23:45 - 2019-04-07 17:03 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-05-14 23:45 - 2019-04-07 17:03 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-05-14 23:45 - 2019-04-07 17:02 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-05-14 23:45 - 2019-04-07 17:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-05-14 23:45 - 2019-04-07 17:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-05-14 23:45 - 2019-04-07 16:57 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-05-14 23:45 - 2019-04-07 16:49 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-05-14 23:45 - 2019-04-07 16:48 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-05-14 23:45 - 2019-04-07 16:45 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-05-14 23:45 - 2019-04-07 16:45 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-05-14 23:45 - 2019-04-07 16:45 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-05-14 23:45 - 2019-04-07 16:42 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-05-14 23:45 - 2019-04-07 16:42 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-05-14 23:45 - 2019-04-07 16:42 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-05-14 23:45 - 2019-04-07 16:42 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-05-14 23:45 - 2019-04-07 16:42 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-05-14 23:45 - 2019-04-07 16:38 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-05-14 23:45 - 2019-04-07 16:35 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-05-14 23:45 - 2019-04-07 16:33 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-05-14 23:45 - 2019-04-07 16:33 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-05-14 23:45 - 2019-04-07 15:05 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-05-14 23:45 - 2019-04-05 02:34 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-05-14 23:45 - 2019-04-05 02:23 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-12 07:28 - 2018-09-16 12:29 - 000000000 ____D C:\FRST
2019-06-12 07:27 - 2016-12-14 21:22 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2019-06-12 07:26 - 2010-11-21 11:27 - 000670334 _____ C:\Windows\system32\perfh005.dat
2019-06-12 07:26 - 2010-11-21 11:27 - 000141946 _____ C:\Windows\system32\perfc005.dat
2019-06-12 07:26 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-12 07:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-06-12 07:23 - 2017-08-12 10:16 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-06-12 07:21 - 2018-12-14 20:51 - 000090066 _____ C:\Windows\system32\Drivers\fvstore.dat
2019-06-12 07:20 - 2014-02-21 16:59 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-12 07:20 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-12 00:00 - 2016-11-18 01:09 - 000000000 ____D C:\Users\Robin\AppData\LocalLow\Mozilla
2019-06-11 10:27 - 2009-07-14 06:45 - 000017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-11 10:27 - 2009-07-14 06:45 - 000017152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-11 10:21 - 2019-01-25 20:01 - 000004526 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-06-11 10:21 - 2018-12-09 00:55 - 000004206 _____ C:\Windows\System32\Tasks\Norton Security Scan for Admin
2019-06-11 10:21 - 2017-12-16 14:38 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-11 10:21 - 2017-12-06 17:11 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-06-11 10:21 - 2015-05-18 21:16 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-06-09 18:41 - 2019-03-24 11:35 - 000000000 ____D C:\Users\Robin\AppData\Local\CrashDumps
2019-06-09 08:53 - 2017-04-20 20:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-06-09 08:53 - 2014-02-26 17:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-08 15:05 - 2019-01-25 20:01 - 000004410 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-06-08 14:59 - 2014-08-12 16:19 - 000000000 ____D C:\Program Files\trend micro
2019-06-08 14:53 - 2014-12-20 14:16 - 000000000 ____D C:\Users\Admin\Desktop\stažené soubory
2019-06-08 14:46 - 2014-02-26 19:52 - 000000000 ____D C:\Hry
2019-06-06 15:03 - 2017-12-16 14:22 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-03 16:01 - 2017-12-16 14:22 - 000225608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-05-30 21:43 - 2017-12-16 14:22 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-30 07:43 - 2009-07-14 07:08 - 000032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-05-26 19:05 - 2019-01-14 16:57 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-26 19:05 - 2019-01-06 19:38 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-26 19:05 - 2019-01-06 19:38 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-26 19:05 - 2019-01-06 19:38 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-26 19:05 - 2018-10-21 07:57 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-26 19:05 - 2017-12-16 14:22 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-26 19:05 - 2017-12-16 14:22 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-26 19:05 - 2017-12-16 14:22 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-26 19:05 - 2017-12-16 14:22 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-26 19:05 - 2017-12-16 14:22 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-25 09:50 - 2019-04-05 09:44 - 000000000 ____D C:\Users\Admin\Documents\My Games
2019-05-25 09:50 - 2019-04-05 09:44 - 000000000 ____D C:\Users\Admin\AppData\Roaming\FiraxisLive
2019-05-25 09:38 - 2018-01-30 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-05-25 00:28 - 2014-03-04 22:31 - 000000000 ____D C:\Program Files (x86)\JDownloader v2.0
2019-05-19 13:49 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-05-19 07:19 - 2015-09-03 21:38 - 000000000 ___RD C:\Users\Admin\Virtual Machines
2019-05-15 16:56 - 2015-05-18 21:16 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 16:42 - 2015-08-13 15:18 - 000000000 ___RD C:\Users\Robin\Virtual Machines
2019-05-15 16:41 - 2009-07-14 06:45 - 000345024 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-15 16:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-05-15 16:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-05-15 00:23 - 2014-02-25 16:05 - 000000000 ____D C:\Windows\system32\MRT
2019-05-15 00:21 - 2014-02-25 16:05 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-15 00:20 - 2014-02-21 16:56 - 001561672 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-05-15 00:07 - 2014-02-25 16:25 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-15 00:07 - 2014-02-25 16:25 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-15 00:07 - 2014-02-25 16:25 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-15 00:07 - 2014-02-25 16:25 - 000000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories ================

2019-01-20 13:05 - 2019-02-23 10:24 - 000000038 _____ () C:\Users\Admin\AppData\Roaming\~SiMPLEX.ini

==================== FLock ================

2019-06-08 22:31 C:\System Volume Information

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-03 20:05
==================== End of FRST.txt ============================

Re: Prosím o preventivku

Napsal: 12 čer 2019 06:30
od BacilX
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2019 01
Ran by Admin (12-06-2019 07:28:59)
Running from C:\Users\Admin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-02-25 13:28:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2485784249-3341709608-829223016-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2485784249-3341709608-829223016-500 - Administrator - Disabled)
Guest (S-1-5-21-2485784249-3341709608-829223016-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2485784249-3341709608-829223016-1003 - Limited - Enabled)
Robin (S-1-5-21-2485784249-3341709608-829223016-1004 - Limited - Enabled) => C:\Users\Robin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: COMODO Advanced Protection (Enabled - Up to date) {255FE707-DEDA-33CA-1986-80AAD408CE05}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Enabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Aegisub 3.2.0 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.0 - Aegisub Team)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.12.0 - Ant Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
calibre (HKLM-x32\...\{0B374B2C-FE04-4741-B0B2-B14D84CEDAFF}) (Version: 3.35.0 - Kovid Goyal)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
COMODO Firewall (HKLM\...\{785D9670-B355-487D-8B6A-6B28490AF489}) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.)
Darkest Dungeon The Color of Madness (HKLM-x32\...\Darkest Dungeon The Color of Madness_is1) (Version: - )
FormatFactory 3.3.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
Galactic Civilizations II - Ultimate Edition (HKLM-x32\...\Galactic Civilizations II - Ultimate Edition) (Version: - Kalypso Media)
Gremlins vs Automatons (HKLM-x32\...\Gremlins vs Automatons_is1) (Version: - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 67.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.1 (x64 cs)) (Version: 67.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 67.0.1.7088 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 cs)) (Version: 45.8.0 - Mozilla)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
nGlide 1.05 (HKLM-x32\...\nGlide) (Version: 1.05 - Zeus Software)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.2.0 - pdfforge GmbH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Shareaza 2.7.10.2 (HKLM\...\Shareaza_is1) (Version: 2.7.10.2 - Shareaza Development Team)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Spellcross (DOSBox 0.74 emulace) (HKLM-x32\...\Spellcross (DOSBox 0.74 emulace)) (Version: - )
Stellaris MegaCorp (HKLM-x32\...\Stellaris MegaCorp_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
XCOM 2 Digital Deluxe Edition MULTi11 - ElAmigos version 1.0 u11 (HKLM-x32\...\{5B33B979-8F2B-4A3A-AAF6-76C0C216321D}_is1) (Version: 1.0 u11 - 2K)
XnView 2.13 (HKLM-x32\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-26] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2003-03-18 23:23 - 2003-03-18 23:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 14:40 - 2006-10-26 14:40 - 000335872 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
2018-09-16 13:23 - 2018-03-24 01:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2018-04-13 20:06 - 2018-04-13 20:06 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\Windows\System32\pdfcmon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Admin\Downloads:Shareaza.GUID [16]
AlternateDataStreams: C:\Users\Robin\Downloads:Shareaza.GUID [16]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-06-08 14:54 - 000000033 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-2485784249-3341709608-829223016-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: MozillaMaintenance => 3

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B49E75B1-A3B8-44ED-AE11-B46785FD2E67}] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EDE61EF5-D8FF-4FAE-B94D-C935A3344EB1}] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0A6187EB-8DC1-4C89-88D9-3E9928F6940F}] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{04FBBF19-723A-49A9-AAAE-FA93DA9005C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74B21F8B-7609-4F49-9022-9B9197B09F4C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A5991C55-B6A8-460F-B8E7-E41EF986D8D0}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [{D37F2FA0-711E-4A01-BD05-8DCD73EC9E95}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [TCP Query User{24316309-A1F6-468B-B10A-EEB36BCC0F08}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{78ED4724-0F7A-4A6F-8FE4-0DAB928BD5F0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{29CC7501-9030-44DC-B16D-E5266489C60F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EA322048-9FB3-4A42-B9AC-99A91E28237E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D7896EF1-9C27-4124-96F8-39635717B3FF}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [{46CF13F4-2BD8-4081-8F97-BF13859745E3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [{A529DF2B-238B-491B-9907-FD9809D729BB}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0E3D52A3-3A30-4DE1-A4DA-67A5865674A6}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9FC710FC-3CBA-41DA-ADB2-950EF7C0FE2B}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [{5C8CD737-8AF7-4D9D-AA37-F09E661E52E6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [TCP Query User{3D336B23-9B4C-4844-B932-F44616F083E1}C:\program files (x86)\jdownloader v2.0\jdownloader2.exe] => (Block) C:\program files (x86)\jdownloader v2.0\jdownloader2.exe (AppWork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{D23197A2-1D5F-4111-94A0-91826E46E1F3}C:\program files (x86)\jdownloader v2.0\jdownloader2.exe] => (Block) C:\program files (x86)\jdownloader v2.0\jdownloader2.exe (AppWork GmbH -> AppWork GmbH)
FirewallRules: [{9CEAC37D-CBD9-4A1C-A0F1-2D04EBF1CA17}] => (Allow) C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team) [File not signed]
FirewallRules: [{F82FC33E-8CD6-4738-AC2B-3F2986F9AB82}] => (Allow) C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team) [File not signed]
FirewallRules: [TCP Query User{1EF79CD8-B7D3-4D2B-A4EA-3612AE214118}C:\program files\shareaza\shareaza.exe] => (Block) C:\program files\shareaza\shareaza.exe (Shareaza Development Team) [File not signed]
FirewallRules: [UDP Query User{94A7B34A-6184-4880-85D4-B0DE38B56AEF}C:\program files\shareaza\shareaza.exe] => (Block) C:\program files\shareaza\shareaza.exe (Shareaza Development Team) [File not signed]
FirewallRules: [{5B933F2E-4FEB-4F87-B391-06BB22E5D9B9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E9F64EBA-BEC0-40FE-8430-12A9BC0F78AE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

==================== Restore Points =========================

08-06-2019 19:52:09 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/12/2019 07:21:32 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 10.6.2019.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: f34

Čas spuštění: 01d520dea5539602

Čas ukončení: 0

Cesta k aplikaci: C:\Users\Admin\Desktop\FRST64.exe

ID hlášení: eee617e4-8cd1-11e9-b9ec-d43d7effa8c6

Error: (06/12/2019 07:20:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/11/2019 08:13:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/10/2019 07:29:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/09/2019 06:41:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/09/2019 10:06:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/09/2019 10:04:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/09/2019 10:02:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: XCom2.exe, verze: 1.0.0.38128, časové razítko: 0x5824efd6
Název chybujícího modulu: tbbmalloc.dll, verze: 1.0.2009.325, časové razítko: 0x49ca2113
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000013a3
ID chybujícího procesu: 0x9f8
Čas spuštění chybující aplikace: 0x01d51e97f0bb277a
Cesta k chybující aplikaci: E:\Hry\XCOM 2\Binaries\Win64\XCom2.exe
Cesta k chybujícímu modulu: E:\Hry\XCOM 2\Binaries\Win64\tbbmalloc.dll
ID zprávy: efccbf2c-8a8c-11e9-a78b-d43d7effa8c6


System errors:
=============
Error: (06/12/2019 07:20:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (06/11/2019 08:13:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (06/11/2019 08:13:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí byla ukončena s následující chybou:
%%-2147014847 = Požadovaná adresa není v tomto kontextu platná.

Error: (06/10/2019 07:44:24 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.

Error: (06/10/2019 07:29:23 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (06/09/2019 06:41:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (06/09/2019 06:41:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:41:15, ‎9.‎6.‎2019) bylo neočekávané.

Error: (06/09/2019 10:06:36 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom


CodeIntegrity:
===================================

Date: 2014-08-15 16:18:13.943
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-15 16:18:13.904
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-15 16:18:13.864
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-15 16:18:13.825
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-14 10:09:27.234
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-08-14 10:09:27.197
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.1 01/20/2014
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Core(TM) i3-4330 CPU @ 3.50GHz
Percentage of memory in use: 41%
Total physical RAM: 8136.02 MB
Available physical RAM: 4720.05 MB
Total Virtual: 13134.16 MB
Available Virtual: 9561.96 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:103 GB) (Free:38.26 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:931.51 GB) (Free:76.65 GB) NTFS
Drive f: (Filmy) (Fixed) (Total:1863.01 GB) (Free:29.12 GB) NTFS

\\?\Volume{4e7be4a2-9b09-11e3-b7a6-d43d7effa8c6}\ (WinRE-ATC) (Fixed) (Total:8.79 GB) (Free:1.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 5A4EEB50)
Partition 1: (Active) - (Size=103 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8.8 GB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 795381E7)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 45DB875B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Prosím o preventivku

Napsal: 12 čer 2019 20:30
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files\Microsoft Security Client\MpCmdRun.exe
    ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALG
    ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt
    
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-2485784249-3341709608-829223016-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    2019-06-08 14:59 - 2019-06-08 14:59 - 000000000 ____D C:\rsit
    2019-06-08 14:52 - 2019-06-08 14:52 - 001222144 _____ C:\Users\Admin\Desktop\RSITx64.exe
    2019-06-08 14:59 - 2014-08-12 16:19 - 000000000 ____D C:\Program Files\trend micro
    2019-01-20 13:05 - 2019-02-23 10:24 - 000000038 _____ () C:\Users\Admin\AppData\Roaming\~SiMPLEX.ini
    AlternateDataStreams: C:\Users\Admin\Downloads:Shareaza.GUID [16]
    AlternateDataStreams: C:\Users\Robin\Downloads:Shareaza.GUID [16]
    
    DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ALG
    CMD: sc config ALG start= demand
    DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AppIDSvc
    CMD: sc config AppIDSvc start= demand
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Prosím o preventivku

Napsal: 13 čer 2019 08:18
od BacilX
Fix result of Farbar Recovery Scan Tool (x64) Version: 10-06-2019 01
Ran by Admin (13-06-2019 09:16:23) Run:2
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Robin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files\Microsoft Security Client\MpCmdRun.exe
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALG
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2485784249-3341709608-829223016-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
2019-06-08 14:59 - 2019-06-08 14:59 - 000000000 ____D C:\rsit
2019-06-08 14:52 - 2019-06-08 14:52 - 001222144 _____ C:\Users\Admin\Desktop\RSITx64.exe
2019-06-08 14:59 - 2014-08-12 16:19 - 000000000 ____D C:\Program Files\trend micro
2019-01-20 13:05 - 2019-02-23 10:24 - 000000038 _____ () C:\Users\Admin\AppData\Roaming\~SiMPLEX.ini
AlternateDataStreams: C:\Users\Admin\Downloads:Shareaza.GUID [16]
AlternateDataStreams: C:\Users\Robin\Downloads:Shareaza.GUID [16]

DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ALG
CMD: sc config ALG start= demand
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AppIDSvc
CMD: sc config AppIDSvc start= demand

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 26
Average :
Sum : 285170615
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Program Files\Microsoft Security Client\MpCmdRun.exe ========================

"C:\Program Files\Microsoft Security Client\MpCmdRun.exe" => not found
====== End of File: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALG]
"DisplayName"="@%SystemRoot%\system32\Alg.exe,-112"
"ImagePath"="%SystemRoot%\System32\alg.exe"
"Description"="@%SystemRoot%\system32\Alg.exe,-113"
"ObjectName"="NT AUTHORITY\LocalService"
"ErrorControl"="1"
"Start"="4"
"Type"="16"
"ServiceSidType"="1"
"RequiredPrivileges"="SeChangeNotifyPrivilege*SeCreateGlobalPrivilege*SeImpersonatePrivilege"
"FailureActions"="840300000000000000000000030000001400000001000000c0d4010001000000e09304000000000000000000"

=== End of ExportKey ===
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt]
"ImagePath"="%SystemRoot%\system32\svchost.exe -k netsvcs"
[HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt\Parameters]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"

=== End of ExportKey ===
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
HKU\S-1-5-21-2485784249-3341709608-829223016-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\System\CurrentControlSet\Services\MBAMSwissArmy => removed successfully
MBAMSwissArmy => service removed successfully
C:\rsit => moved successfully
C:\Users\Admin\Desktop\RSITx64.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Admin\AppData\Roaming\~SiMPLEX.ini => moved successfully
C:\Users\Admin\Downloads => ":Shareaza.GUID" ADS could not remove.
C:\Users\Robin\Downloads => ":Shareaza.GUID" ADS could not remove.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ALG => removed successfully

========= sc config ALG start= demand =========

[SC] ChangeServiceConfig ŁspŘch

========= End of CMD: =========

HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AppIDSvc => removed successfully

========= sc config AppIDSvc start= demand =========

[SC] ChangeServiceConfig ŁspŘch

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3112531 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 6688 B
Edge => 0 B
Chrome => 0 B
Firefox => 80037697 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
Admin => 6489734 B
Robin => 378553005 B

RecycleBin => 323588 B
EmptyTemp: => 454.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:17:00 ====

Re: Prosím o preventivku

Napsal: 13 čer 2019 21:02
od Conder
:arrow: Vyzera to OK. Su nejake problemy s PC?

Re: Prosím o preventivku

Napsal: 14 čer 2019 07:22
od BacilX
pc je v pohodě....šlo jen o prevenci...díky za kontrolu

Re: Prosím o preventivku

Napsal: 14 čer 2019 10:37
od Conder
:arrow: Tak este upraceme po pouzitych nastrojoch: