Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
rendy
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 14 zář 2013 20:14

kontrola

#1 Příspěvek od rendy »

Dobrý den,

prosím o preventivní kontrolu počítače děkuji :)


Logfile of random's system information tool 1.10 (written by random/random)
Run by tse-t at 2019-07-13 11:55:38
Microsoft Windows 10 Home
System drive C: has 76 GB (38%) free of 201 GB
Total RAM: 7359 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:55:41, on 13.07.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\tse-t.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "D:\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\c0338885.inf_amd64_648d9ae54bb276d8\B338884\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AMD User Experience Program Launcher (AUEPLauncher) - AMD - C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 7455 bytes

======Listing Processes======









winlogon.exe

c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\System32\DriverStore\FileRepository\c0338885.inf_amd64_648d9ae54bb276d8\B338884\atiesrxx.exe
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
atieclxx

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\compattelrunner.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository


C:\WINDOWS\system32\AUDIODG.EXE 0x47c
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
dashost.exe {b9dc3221-d168-47da-8fa81a08a78f7d8e}
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca

C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXass2jm06pp1n7aktd4dcj305y31qrc54.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
AvastUI.exe /nogui
"D:\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
"D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:u4U3sUanC0qzI/CN.1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe"
AUEPMaster.exe
"C:\Program Files\rempl\sedsvc.exe"

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 740 748 756 8192 752
C:\Windows\System32\RuntimeBroker.exe -Embedding
AUEPUF.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Users\tse-t\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\tse-t\AppData\Roaming\Mozilla\Firefox\Profiles\p2dhochk.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.171 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=D:\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=D:\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.171 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-05-20 13876952]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28 1393880]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-07-13 269192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=D:\DAEMON Tools Lite\DTAgent.exe [2017-08-14 4836032]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2019-04-18 9198512]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-07-13 11:55:38 ----D---- C:\rsit
2019-07-13 11:49:30 ----A---- C:\WINDOWS\system32\aswBoot.exe
2019-07-13 11:49:28 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2019-07-13 11:49:28 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2019-07-12 19:15:13 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-12 19:15:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-12 19:15:09 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-07-12 19:15:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-07-12 19:14:55 ----A---- C:\WINDOWS\system32\shell32.dll
2019-07-12 19:14:53 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-07-12 19:14:52 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-07-12 19:14:50 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-07-12 19:14:48 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-07-12 19:14:46 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-07-12 19:14:43 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-07-12 19:14:41 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-07-12 19:14:41 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-07-12 19:14:41 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-12 19:14:41 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-07-12 19:14:40 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-07-12 19:14:39 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-07-12 19:14:39 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-07-12 19:14:38 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-07-12 19:14:38 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-12 19:14:37 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-12 19:14:37 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-07-12 19:14:36 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-07-12 19:14:36 ----A---- C:\WINDOWS\system32\combase.dll
2019-07-12 19:14:35 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-07-12 19:14:35 ----A---- C:\WINDOWS\system32\twinui.dll
2019-07-12 19:14:35 ----A---- C:\WINDOWS\explorer.exe
2019-07-12 19:14:34 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-07-12 19:14:34 ----A---- C:\WINDOWS\system32\aepic.dll
2019-07-12 19:14:34 ----A---- C:\WINDOWS\system32\aeinv.dll
2019-07-12 19:14:33 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2019-07-12 19:14:33 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-12 19:14:32 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2019-07-12 19:14:32 ----A---- C:\WINDOWS\system32\InputService.dll
2019-07-12 19:14:32 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-07-12 19:14:31 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-07-12 19:14:31 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2019-07-12 19:14:31 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-07-12 19:14:31 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-12 19:14:31 ----A---- C:\WINDOWS\system32\aitstatic.exe
2019-07-12 19:14:30 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2019-07-12 19:14:30 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-07-12 19:14:30 ----A---- C:\WINDOWS\system32\generaltel.dll
2019-07-12 19:14:30 ----A---- C:\WINDOWS\system32\DWrite.dll
2019-07-12 19:14:30 ----A---- C:\WINDOWS\system32\dwmcore.dll
2019-07-12 19:14:29 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2019-07-12 19:14:29 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-07-12 19:14:29 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-07-12 19:14:29 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-12 19:14:29 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-07-12 19:14:28 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-07-12 19:14:28 ----A---- C:\WINDOWS\system32\sppcommdlg.dll
2019-07-12 19:14:28 ----A---- C:\WINDOWS\system32\sppcext.dll
2019-07-12 19:14:28 ----A---- C:\WINDOWS\system32\slui.exe
2019-07-12 19:14:28 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-07-12 19:14:27 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2019-07-12 19:14:27 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-12 19:14:27 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2019-07-12 19:14:27 ----A---- C:\WINDOWS\system32\mstscax.dll
2019-07-12 19:14:27 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-07-12 19:14:27 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-07-12 19:14:27 ----A---- C:\WINDOWS\system32\devinv.dll
2019-07-12 19:14:27 ----A---- C:\WINDOWS\system32\dcntel.dll
2019-07-12 19:14:27 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-12 19:14:26 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-07-12 19:14:26 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2019-07-12 19:14:26 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2019-07-12 19:14:26 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-07-12 19:14:26 ----A---- C:\WINDOWS\system32\NotificationController.dll
2019-07-12 19:14:26 ----A---- C:\WINDOWS\system32\invagent.dll
2019-07-12 19:14:26 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-07-12 19:14:26 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2019-07-12 19:14:25 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2019-07-12 19:14:25 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-07-12 19:14:25 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-07-12 19:14:25 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-12 19:14:25 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-07-12 19:14:24 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2019-07-12 19:14:24 ----A---- C:\WINDOWS\system32\wlansvc.dll
2019-07-12 19:14:24 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-12 19:14:24 ----A---- C:\WINDOWS\system32\phoneactivate.exe
2019-07-12 19:14:24 ----A---- C:\WINDOWS\system32\ole32.dll
2019-07-12 19:14:24 ----A---- C:\WINDOWS\system32\FntCache.dll
2019-07-12 19:14:24 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-07-12 19:14:24 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2019-07-12 19:14:24 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-12 19:14:23 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2019-07-12 19:14:23 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-07-12 19:14:23 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-07-12 19:14:23 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-07-12 19:14:23 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2019-07-12 19:14:23 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-12 19:14:22 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-12 19:14:22 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-12 19:14:22 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2019-07-12 19:14:22 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-12 19:14:22 ----A---- C:\WINDOWS\system32\daxexec.dll
2019-07-12 19:14:21 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-07-12 19:14:21 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2019-07-12 19:14:21 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-12 19:14:21 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-12 19:14:20 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2019-07-12 19:14:20 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-12 19:14:19 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2019-07-12 19:14:19 ----A---- C:\WINDOWS\system32\winload.exe
2019-07-12 19:14:19 ----A---- C:\WINDOWS\system32\policymanager.dll
2019-07-12 19:14:19 ----A---- C:\WINDOWS\system32\nettrace.dll
2019-07-12 19:14:18 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2019-07-12 19:14:18 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-07-12 19:14:18 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2019-07-12 19:14:18 ----A---- C:\WINDOWS\system32\wer.dll
2019-07-12 19:14:18 ----A---- C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-12 19:14:18 ----A---- C:\WINDOWS\system32\hal.dll
2019-07-12 19:14:18 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2019-07-12 19:14:18 ----A---- C:\WINDOWS\system32\dnsapi.dll
2019-07-12 19:14:18 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-12 19:14:17 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2019-07-12 19:14:17 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2019-07-12 19:14:17 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2019-07-12 19:14:17 ----A---- C:\WINDOWS\system32\wldp.dll
2019-07-12 19:14:17 ----A---- C:\WINDOWS\system32\winresume.exe
2019-07-12 19:14:17 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-12 19:14:17 ----A---- C:\WINDOWS\system32\sppwinob.dll
2019-07-12 19:14:17 ----A---- C:\WINDOWS\system32\QuietHours.dll
2019-07-12 19:14:17 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-07-12 19:14:17 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-07-12 19:14:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-12 19:14:16 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-07-12 19:14:16 ----A---- C:\WINDOWS\system32\wpx.dll
2019-07-12 19:14:16 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-07-12 19:14:16 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2019-07-12 19:14:16 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-07-12 19:14:16 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-07-12 19:14:16 ----A---- C:\WINDOWS\system32\ci.dll
2019-07-12 19:14:16 ----A---- C:\WINDOWS\system32\AcGenral.dll
2019-07-12 19:14:15 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2019-07-12 19:14:14 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-07-12 19:14:14 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2019-07-12 19:14:14 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2019-07-12 19:14:14 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2019-07-12 19:14:14 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-12 19:14:14 ----A---- C:\WINDOWS\system32\tdh.dll
2019-07-12 19:14:14 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2019-07-12 19:14:13 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2019-07-12 19:14:13 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2019-07-12 19:14:13 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\Unistore.dll
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\TDLMigration.dll
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\securekernel.exe
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\rdpcore.dll
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\efscore.dll
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2019-07-12 19:14:13 ----A---- C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-12 19:14:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2019-07-12 19:14:12 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2019-07-12 19:14:12 ----A---- C:\WINDOWS\system32\rmclient.dll
2019-07-12 19:14:12 ----A---- C:\WINDOWS\system32\pcasvc.dll
2019-07-12 19:14:12 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-12 19:14:12 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-12 19:14:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\system32\wc_storage.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\system32\rdpclip.exe
2019-07-12 19:14:11 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-12 19:14:11 ----A---- C:\WINDOWS\system32\dssvc.dll
2019-07-12 19:14:10 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2019-07-12 19:14:10 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2019-07-12 19:14:10 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2019-07-12 19:14:10 ----A---- C:\WINDOWS\system32\wermgr.exe
2019-07-12 19:14:10 ----A---- C:\WINDOWS\system32\skci.dll
2019-07-12 19:14:10 ----A---- C:\WINDOWS\system32\nltest.exe
2019-07-12 19:14:10 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-07-12 19:14:10 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2019-07-12 19:14:08 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2019-07-12 19:14:08 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2019-07-12 19:14:07 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeManagerObj.dll
2019-07-12 19:14:07 ----A---- C:\WINDOWS\system32\rastls.dll
2019-07-12 19:14:07 ----A---- C:\WINDOWS\system32\nshwfp.dll
2019-07-12 19:14:07 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2019-07-12 19:14:06 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2019-07-12 19:14:06 ----A---- C:\WINDOWS\system32\wlanapi.dll
2019-07-12 19:14:06 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-12 19:14:06 ----A---- C:\WINDOWS\system32\vdsbas.dll
2019-07-12 19:14:06 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-12 19:14:06 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2019-07-12 19:14:06 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-12 19:14:06 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2019-07-12 19:14:06 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-12 19:14:05 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2019-07-12 19:14:05 ----A---- C:\WINDOWS\system32\LicensingUI.exe
2019-07-12 19:14:04 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-07-12 19:14:04 ----A---- C:\WINDOWS\system32\rdpudd.dll
2019-07-12 19:14:04 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2019-07-12 19:14:04 ----A---- C:\WINDOWS\system32\bcdedit.exe
2019-07-12 19:13:51 ----A---- C:\WINDOWS\system32\changepk.exe
2019-07-12 19:13:50 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2019-07-12 19:13:50 ----A---- C:\WINDOWS\SYSWOW64\bcrypt.dll
2019-07-12 19:13:50 ----A---- C:\WINDOWS\system32\offreg.dll
2019-07-12 19:13:50 ----A---- C:\WINDOWS\system32\KdsCli.dll
2019-07-12 19:13:50 ----A---- C:\WINDOWS\system32\kdnet.dll
2019-07-12 19:13:50 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2019-07-12 19:13:50 ----A---- C:\WINDOWS\system32\bcrypt.dll
2019-07-12 19:13:48 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2019-07-12 19:13:48 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2019-07-12 19:13:48 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2019-07-12 19:13:47 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2019-07-12 19:13:47 ----A---- C:\WINDOWS\system32\profext.dll
2019-07-12 19:13:47 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2019-07-12 19:13:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2019-07-12 19:13:46 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2019-07-12 19:13:46 ----A---- C:\WINDOWS\SYSWOW64\dmvdsitf.dll
2019-07-12 19:13:46 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2019-07-12 19:13:46 ----A---- C:\WINDOWS\system32\wkssvc.dll
2019-07-12 19:13:46 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-12 19:13:46 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-12 19:13:46 ----A---- C:\WINDOWS\system32\dmvdsitf.dll
2019-07-12 19:13:45 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-07-12 19:13:45 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2019-07-12 19:13:45 ----A---- C:\WINDOWS\system32\WSReset.exe
2019-07-12 19:13:45 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2019-07-12 19:13:45 ----A---- C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-12 19:13:45 ----A---- C:\WINDOWS\splwow64.exe
2019-07-12 19:13:44 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2019-07-12 19:13:44 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2019-07-12 19:13:44 ----A---- C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-12 19:13:44 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2019-07-12 19:13:44 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2019-07-12 19:13:44 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2019-07-12 19:13:44 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-12 19:13:44 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2019-07-12 19:13:43 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-12 19:13:43 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2019-07-12 19:13:43 ----A---- C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-06-18 21:19:13 ----D---- C:\Program Files\Mozilla Firefox
2019-06-18 15:12:24 ----D---- C:\Program Files\UNP

======List of files/folders modified in the last 1 month======

2019-07-13 11:55:40 ----D---- C:\WINDOWS\system32\drivers\etc
2019-07-13 11:55:40 ----D---- C:\Program Files\trend micro
2019-07-13 11:53:55 ----D---- C:\WINDOWS\Temp
2019-07-13 11:53:15 ----D---- C:\WINDOWS\Prefetch
2019-07-13 11:53:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-13 11:51:29 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-07-13 11:50:38 ----D---- C:\WINDOWS\system32\drivers
2019-07-13 11:50:14 ----D---- C:\WINDOWS\system32\sru
2019-07-13 11:50:13 ----D---- C:\WINDOWS\system32\catroot2
2019-07-13 11:49:52 ----D---- C:\WINDOWS\system32\Tasks
2019-07-13 11:49:40 ----D---- C:\WINDOWS\system32\config
2019-07-13 11:49:30 ----HD---- C:\WINDOWS\ELAMBKUP
2019-07-13 11:49:30 ----D---- C:\WINDOWS\System32
2019-07-13 11:39:36 ----D---- C:\WINDOWS\system32\SleepStudy
2019-07-12 21:11:11 ----D---- C:\WINDOWS\INF
2019-07-12 21:11:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-12 21:11:03 ----RD---- C:\WINDOWS\Microsoft.NET
2019-07-12 21:07:12 ----D---- C:\WINDOWS\WinSxS
2019-07-12 21:07:01 ----D---- C:\WINDOWS\Logs
2019-07-12 21:06:44 ----D---- C:\WINDOWS\system32\DriverStore
2019-07-12 21:05:07 ----D---- C:\WINDOWS\TextInput
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\oobe
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\Dism
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-07-12 21:05:07 ----D---- C:\WINDOWS\SysWOW64
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\zu-ZA
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\yo-NG
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\xh-ZA
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\wo-SN
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\tn-ZA
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\ti-ET
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\rw-RW
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\oobe
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\nso-ZA
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\migration
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\ig-NG
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\Dism
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\cs-CZ
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\Boot
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-07-12 21:05:04 ----D---- C:\WINDOWS\system32\appraiser
2019-07-12 21:05:03 ----D---- C:\WINDOWS\ShellComponents
2019-07-12 21:05:03 ----D---- C:\WINDOWS\Provisioning
2019-07-12 21:05:02 ----D---- C:\WINDOWS\bcastdvr
2019-07-12 21:05:02 ----D---- C:\WINDOWS\apppatch
2019-07-12 21:05:02 ----D---- C:\Windows
2019-07-12 20:23:48 ----SHD---- C:\System Volume Information
2019-07-12 19:36:18 ----D---- C:\WINDOWS\system32\LogFiles
2019-07-12 19:29:35 ----HD---- C:\Program Files\WindowsApps
2019-07-12 19:23:26 ----D---- C:\WINDOWS\AppReadiness
2019-07-12 19:15:22 ----D---- C:\WINDOWS\CbsTemp
2019-07-12 19:12:43 ----D---- C:\WINDOWS\system32\MRT
2019-07-11 11:00:14 ----D---- C:\WINDOWS\debug
2019-07-11 11:00:05 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-07-02 22:35:44 ----D---- C:\Users\tse-t\AppData\Roaming\uTorrent
2019-06-21 17:43:23 ----SHD---- C:\Config.Msi
2019-06-21 08:49:55 ----SHDC---- C:\WINDOWS\Installer
2019-06-21 08:49:51 ----AD---- C:\Program Files\rempl
2019-06-19 09:30:13 ----RD---- C:\Program Files
2019-06-18 15:32:37 ----D---- C:\Users\tse-t\AppData\Roaming\vlc
2019-06-17 17:37:53 ----D---- C:\WINDOWS\SoftwareDistribution
2019-06-17 17:35:23 ----D---- C:\Users\tse-t\AppData\Roaming\DAEMON Tools Lite

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem13.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2015-06-03 73976]
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-07-13 37320]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-07-13 206056]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-07-13 61688]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-01-06 15488]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-07-13 88160]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-07-13 387392]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-07-13 209256]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-07-13 263224]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-07-13 279336]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-07-13 42504]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-07-13 112520]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-07-13 1030992]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-07-13 477288]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512]
R2 AODDriver4.3.0;AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [2015-02-19 60104]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-07-13 169112]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-07-13 225816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 82432]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0338885.inf_amd64_648d9ae54bb276d8\B338884\atikmdag.sys [2019-02-04 52808608]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0338885.inf_amd64_648d9ae54bb276d8\B338884\atikmpag.sys [2019-02-04 590240]
R3 AtiHDAudioService;@oem21.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2018-10-03 107400]
R3 dtlitescsibus;@oem4.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-08-17 30264]
R3 dtliteusbbus;@oem0.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-08-17 47672]
R3 GeneStor;@oem9.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [2015-07-15 115704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-02 4477656]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-04-12 604160]
S0 amdkmafd;@oem15.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 48544]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-06-07 76304]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RTSUER;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-05-19 411712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2017-01-31 173472]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0338885.inf_amd64_648d9ae54bb276d8\B338884\atiesrxx.exe [2019-02-04 508320]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 344064]
R2 AUEPLauncher;AMD User Experience Program Launcher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [2019-02-01 43008]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-07-13 414976]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_3b65d;Uživatelská služba platformy připojených zařízení_3b65d; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 OneSyncSvc_3b65d;Hostitel synchronizace_3b65d; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-06-11 363016]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-07-13 6797008]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-14 2291904]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_3b65d;Data kontaktů_3b65d; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-12 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-07-13 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_3b65d;Uživatelská služba pro GameDVR a vysílání her_3b65d; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_3b65d;Služba pro podporu uživatelů Bluetooth_3b65d; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_3b65d;DevicePicker_3b65d; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_3b65d;Tok zařízení_3b65d; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 90112]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-19 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_3b65d;Služba zasílání zpráv_3b65d; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-07-13 238624]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_3b65d;PrintWorkflow_3b65d; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-10 495616]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: kontrola

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

rendy
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 14 zář 2013 20:14

Re: kontrola

#3 Příspěvek od rendy »

log z AdwCleaner :)

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-07-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-17-2019
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\tse-t\AppData\Roaming\DRPSu

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted HKLM\Software\Wow6432Node\drpsu

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1655 octets] - [17/07/2019 20:13:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: kontrola

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

rendy
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 14 zář 2013 20:14

Re: kontrola

#5 Příspěvek od rendy »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by tse-t (administrator) on DESKTOP-4C196SM (LENOVO 10117) (18-07-2019 20:57:58)
Running from C:\Users\tse-t\OneDrive\Plocha
Loaded Profiles: tse-t (Available Profiles: tse-t)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0338885.inf_amd64_648d9ae54bb276d8\B338884\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0338885.inf_amd64_648d9ae54bb276d8\B338884\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Disc Soft Ltd -> Disc Soft Ltd) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) D:\DAEMON Tools Lite\DTAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3793205420-412100565-3992815856-1001\...\Run: [DAEMON Tools Lite Automount] => D:\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3793205420-412100565-3992815856-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198512 2019-04-18] (Support.com, Inc. -> SUPERAntiSpyware)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08FF4984-1F79-4C0D-9263-5BE5DD95BB7F} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57736 2019-02-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {10B6DB0D-50CC-4991-8E85-A36F02B86279} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-12] (Adobe Inc. -> Adobe)
Task: {4CAB9ABF-6A39-483B-ADC8-9D8300616ACB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {54EB3FDC-4DE4-458A-8033-5A72C4A8AC7C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {6F271E8D-2E52-4963-B57B-1392AC63088F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {84FE9064-8E41-4F1D-993A-E79DEE4BE479} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {88E294E6-787C-4D79-B184-B4364A61ECE3} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-02-01] (Advanced Micro Devices, Inc.) [File not signed]
Task: {91A83D9C-DFC4-44B4-8084-40DCFA737B28} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A645B860-D87B-4B33-8F9C-E86A72603A27} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-02-01] (Advanced Micro Devices, Inc.) [File not signed]
Task: {ACFCC1BE-AECD-433D-AB78-775E830BA5C0} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {AD0CEF79-32B6-4B60-B3D8-07C935C5B806} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-12] (Adobe Inc. -> Adobe)
Task: {AF460B21-39A5-4732-B63A-1360EDF3FEC3} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57736 2019-02-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{ae2e8b0e-c77b-46b3-be4d-9dc7ae18d701}: [DhcpNameServer] 192.168.88.1

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: p2dhochk.default
FF ProfilePath: C:\Users\tse-t\AppData\Roaming\Mozilla\Firefox\Profiles\p2dhochk.default [2019-07-18]
FF Homepage: Mozilla\Firefox\Profiles\p2dhochk.default -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\tse-t\AppData\Roaming\Mozilla\Firefox\Profiles\p2dhochk.default\Extensions\sp@avast.com.xpi [2019-06-05]
FF Extension: (uBlock Origin) - C:\Users\tse-t\AppData\Roaming\Mozilla\Firefox\Profiles\p2dhochk.default\Extensions\uBlock0@raymondhill.net.xpi [2019-03-14]
FF Extension: (Avast Online Security) - C:\Users\tse-t\AppData\Roaming\Mozilla\Firefox\Profiles\p2dhochk.default\Extensions\wrc@avast.com.xpi [2019-07-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-12] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> D:\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> D:\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\tse-t\AppData\Local\Google\Chrome\User Data\Default [2019-06-17]
CHR Extension: (Prezentace) - C:\Users\tse-t\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-05]
CHR Extension: (Dokumenty) - C:\Users\tse-t\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-05]
CHR Extension: (Disk Google) - C:\Users\tse-t\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-05]
CHR Extension: (YouTube) - C:\Users\tse-t\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-05]
CHR Extension: (Tabulky) - C:\Users\tse-t\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\tse-t\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tse-t\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-05]
CHR Extension: (Gmail) - C:\Users\tse-t\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\tse-t\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0338885.inf_amd64_648d9ae54bb276d8\B338884\atiesrxx.exe [508320 2019-02-04] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-02-01] (AMD) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0338885.inf_amd64_648d9ae54bb276d8\B338884\atikmdag.sys [52808608 2019-02-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0338885.inf_amd64_648d9ae54bb276d8\B338884\atikmpag.sys [590240 2019-02-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.3.0; C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209256 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263224 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206056 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61688 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279336 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42504 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169112 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030992 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477288 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225816 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387392 2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-08-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-08-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-07-15] (GENESYS LOGIC, INC. -> GenesysLogic)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-18 20:57 - 2019-07-18 20:57 - 000000000 ____D C:\FRST
2019-07-17 20:12 - 2019-07-17 20:13 - 000000000 ____D C:\AdwCleaner
2019-07-13 11:55 - 2019-07-13 11:55 - 000000000 ____D C:\rsit
2019-07-13 11:54 - 2019-07-13 11:54 - 001222144 _____ C:\Users\tse-t\Downloads\RSITx64.exe
2019-07-13 11:49 - 2019-07-13 11:49 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-07-13 11:49 - 2019-07-13 11:49 - 000225816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-07-13 11:49 - 2019-07-13 11:49 - 000169112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-07-12 19:15 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-12 19:15 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-12 19:15 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-12 19:15 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-12 19:14 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-12 19:14 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-12 19:14 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-12 19:14 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-12 19:14 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-12 19:14 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-12 19:14 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-12 19:14 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-12 19:14 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-12 19:14 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-12 19:14 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-12 19:14 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-12 19:14 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-12 19:14 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-12 19:14 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-12 19:14 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-12 19:14 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-12 19:14 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-12 19:14 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-12 19:14 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-12 19:14 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-12 19:14 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-12 19:14 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-12 19:14 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-12 19:14 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-12 19:14 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-12 19:14 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-12 19:14 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-12 19:14 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-12 19:14 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-12 19:14 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-12 19:14 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-12 19:14 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-12 19:14 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-12 19:14 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-12 19:14 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-12 19:14 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-12 19:14 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-12 19:14 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-12 19:14 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-12 19:14 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-12 19:14 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-12 19:14 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-12 19:14 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-12 19:14 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-12 19:14 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-12 19:14 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-12 19:14 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-12 19:14 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-12 19:14 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-12 19:14 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-12 19:14 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-12 19:14 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-12 19:14 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-12 19:14 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-12 19:14 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-12 19:14 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-12 19:14 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-12 19:14 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-12 19:14 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-12 19:14 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-12 19:14 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-12 19:14 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-12 19:14 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-12 19:14 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-12 19:14 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-12 19:14 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-12 19:14 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-12 19:14 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-12 19:14 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-12 19:14 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-12 19:14 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-12 19:14 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-12 19:14 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-12 19:14 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-12 19:14 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-12 19:14 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-12 19:14 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-12 19:14 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-12 19:14 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-12 19:14 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-12 19:14 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-12 19:14 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-12 19:14 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-12 19:14 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-12 19:14 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-12 19:14 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-12 19:14 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-12 19:14 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-12 19:14 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-12 19:14 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-12 19:14 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-12 19:14 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-12 19:14 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-12 19:14 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-12 19:14 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-12 19:14 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-12 19:14 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-12 19:14 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-12 19:14 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-12 19:14 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-12 19:14 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-12 19:14 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-12 19:14 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-12 19:14 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-12 19:14 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-12 19:14 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-12 19:14 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-12 19:14 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-12 19:14 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-12 19:14 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-12 19:14 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-12 19:14 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-12 19:14 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-12 19:14 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-12 19:14 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-12 19:14 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-12 19:14 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-12 19:14 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-12 19:14 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-12 19:14 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-12 19:14 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-12 19:14 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-12 19:14 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-12 19:14 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-12 19:14 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-12 19:14 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-12 19:14 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-12 19:14 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-12 19:14 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-12 19:14 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-12 19:14 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-12 19:14 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-12 19:14 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-12 19:14 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-12 19:14 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-12 19:14 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-12 19:14 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-12 19:14 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-12 19:14 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-12 19:14 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-12 19:14 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-12 19:14 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-12 19:14 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-12 19:14 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-12 19:14 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-12 19:14 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-12 19:14 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-12 19:14 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-12 19:14 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-12 19:14 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-12 19:14 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-12 19:14 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-12 19:14 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-12 19:14 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-12 19:14 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-12 19:14 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-12 19:14 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-12 19:14 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-12 19:14 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-12 19:14 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-12 19:14 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-12 19:14 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-12 19:14 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-12 19:14 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-12 19:14 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-12 19:14 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-12 19:14 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-12 19:14 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-12 19:14 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-12 19:14 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-12 19:14 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-12 19:14 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-12 19:14 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-12 19:14 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-12 19:14 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-12 19:14 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-12 19:14 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-12 19:14 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-12 19:14 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-12 19:14 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-12 19:14 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-12 19:14 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-12 19:14 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-12 19:14 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-12 19:14 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-12 19:14 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-12 19:14 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-12 19:14 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-12 19:14 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-12 19:14 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-12 19:14 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-12 19:14 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-12 19:14 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-12 19:14 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-12 19:14 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-12 19:14 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-12 19:14 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-12 19:14 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-12 19:14 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-12 19:14 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-12 19:14 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-12 19:14 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-12 19:14 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-12 19:14 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-12 19:13 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-12 19:13 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-12 19:13 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-12 19:13 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-12 19:13 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-12 19:13 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-12 19:13 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-12 19:13 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-12 19:13 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-12 19:13 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-12 19:13 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-12 19:13 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-12 19:13 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-12 19:13 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-12 19:13 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-12 19:13 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-12 19:13 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-12 19:13 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-12 19:13 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-12 19:13 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-12 19:13 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-12 19:13 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-12 19:13 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-12 19:13 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-12 19:13 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-12 19:13 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-12 19:13 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-12 19:13 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-12 19:13 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-12 19:13 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-12 19:13 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-12 19:13 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-12 19:13 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-12 19:13 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-12 19:13 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-12 19:13 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-12 19:13 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-12 19:13 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-12 19:13 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-12 19:13 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-11 10:48 - 2019-07-11 10:48 - 000360481 _____ C:\Users\tse-t\Downloads\DEKURS_090719112340.pdf
2019-07-02 11:07 - 2019-07-02 11:09 - 000000000 ____D C:\Users\tse-t\Downloads\Přátelé CZ
2019-07-02 11:07 - 2019-07-02 11:07 - 000228830 _____ C:\Users\tse-t\Downloads\[CzT]Pratele_CZ_1_10_serie.torrent
2019-07-02 09:40 - 2019-07-02 09:50 - 1004050180 _____ C:\Users\tse-t\Downloads\Černobyl s01e05 cz dabing.avi
2019-07-02 09:40 - 2019-07-02 09:40 - 000019827 _____ C:\Users\tse-t\Downloads\[CzT]Cernobyl_Chernobyl_S01E05_Vichnaya_Pamyat_CZ_WebRip_.torrent
2019-07-01 18:04 - 2019-07-01 18:38 - 2781152638 _____ C:\Users\tse-t\Downloads\Chernobyl - Černobyl S01E04 (2019) CZ.avi
2019-07-01 18:03 - 2019-07-01 18:03 - 000013851 _____ C:\Users\tse-t\Downloads\[CzT]Cernobyl_Chernobyl_S01E04_The_Happiness_of_All_Mankind_CZ_WebRip_1080p_.torrent
2019-06-18 21:19 - 2019-07-15 15:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-18 15:12 - 2019-06-18 15:12 - 000000000 ____D C:\Program Files\UNP

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-18 20:57 - 2017-12-04 11:31 - 000000000 ____D C:\Users\tse-t\AppData\LocalLow\Mozilla
2019-07-18 20:56 - 2018-06-24 13:46 - 000000000 ____D C:\Users\tse-t\AppData\Local\D3DSCache
2019-07-18 20:54 - 2018-05-19 19:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-18 20:54 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-18 20:20 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-18 20:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-18 20:16 - 2018-05-19 19:22 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-07-17 20:14 - 2018-05-19 19:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-17 20:13 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-17 20:13 - 2017-12-04 11:08 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-07-15 15:46 - 2017-12-04 11:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-13 12:17 - 2018-05-19 19:22 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-13 12:17 - 2018-05-19 19:22 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-07-13 12:17 - 2018-05-19 19:22 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-07-13 11:55 - 2018-07-08 11:48 - 000000000 ____D C:\Program Files\trend micro
2019-07-13 11:53 - 2017-12-04 11:31 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-13 11:49 - 2019-02-13 11:15 - 000279336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-07-13 11:49 - 2019-01-14 20:28 - 000263224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-07-13 11:49 - 2019-01-06 10:45 - 000206056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-07-13 11:49 - 2019-01-06 10:45 - 000061688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-07-13 11:49 - 2019-01-06 10:45 - 000037320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-07-13 11:49 - 2018-10-21 09:52 - 000042504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-07-13 11:49 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-13 11:49 - 2017-12-04 11:38 - 001030992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-07-13 11:49 - 2017-12-04 11:38 - 000477288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-07-13 11:49 - 2017-12-04 11:38 - 000387392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-07-13 11:49 - 2017-12-04 11:38 - 000209256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-07-13 11:49 - 2017-12-04 11:38 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-07-13 11:49 - 2017-12-04 11:38 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-07-12 21:11 - 2018-05-19 19:19 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-12 21:11 - 2018-04-12 17:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-12 21:11 - 2018-04-12 17:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-12 21:11 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-12 21:07 - 2018-05-19 19:02 - 000234176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-12 21:07 - 2018-02-17 10:22 - 000000000 ___RD C:\Users\tse-t\3D Objects
2019-07-12 21:07 - 2017-12-04 11:25 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-12 21:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-12 21:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-12 21:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-12 21:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-12 21:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-12 21:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-12 21:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-12 21:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-12 21:05 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-12 19:25 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-12 19:12 - 2018-02-10 10:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-11 11:00 - 2018-02-10 10:48 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-02 22:35 - 2017-12-05 10:28 - 000000000 ____D C:\Users\tse-t\AppData\Roaming\uTorrent
2019-07-02 10:13 - 2018-07-18 13:17 - 000000000 ____D C:\Users\tse-t\AppData\Local\CrashDumps
2019-06-21 08:49 - 2018-02-11 18:46 - 000000000 ____D C:\Program Files\rempl
2019-06-18 15:32 - 2019-04-02 19:48 - 000000000 ____D C:\Users\tse-t\AppData\Roaming\vlc
2019-06-18 13:15 - 2019-06-17 21:10 - 2141151312 _____ C:\Users\tse-t\Downloads\Chernobyl.S01E03.Open.Wide.O.Earth.CZ.avi

==================== Files in the root of some directories ================

2019-02-14 11:49 - 2019-02-14 11:54 - 000000000 _____ () C:\Users\tse-t\AppData\Roaming\FileIn.cns
2019-02-14 11:49 - 2019-02-14 11:54 - 000000000 _____ () C:\Users\tse-t\AppData\Roaming\FileOut.cns

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

rendy
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 14 zář 2013 20:14

Re: kontrola

#6 Příspěvek od rendy »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by tse-t (18-07-2019 20:59:39)
Running from C:\Users\tse-t\OneDrive\Plocha
Windows 10 Home Version 1803 17134.885 (X64) (2018-05-19 17:23:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3793205420-412100565-3992815856-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3793205420-412100565-3992815856-503 - Limited - Disabled)
Guest (S-1-5-21-3793205420-412100565-3992815856-501 - Limited - Disabled)
tse-t (S-1-5-21-3793205420-412100565-3992815856-1001 - Administrator - Enabled) => C:\Users\tse-t
WDAGUtilityAccount (S-1-5-21-3793205420-412100565-3992815856-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.2.1 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Driver Updater (HKLM-x32\...\{8804140C-3144-4075-9526-1C662E26CA17}) (Version: 2.5.5 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.5 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
Microsoft OneDrive (HKU\S-1-5-21-3793205420-412100565-3992815856-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 68.0 (x64 cs) (HKLM\...\Mozilla Firefox 68.0 (x64 cs)) (Version: 68.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1254 - SUPERAntiSpyware.com)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
The Elder Scrolls V Skyrim LE (HKLM-x32\...\The Elder Scrolls V Skyrim LE_is1) (Version: - )
Total War - Rome II (HKLM-x32\...\Total War - Rome II_is1) (Version: 2.0.0.0 - Sega)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-28] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-17] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-11] (king.com)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.31.0_x64__kejf07qmg0jnm [2019-07-12] (Keeper Security Inc)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.1.0.6_x86__h6adky7gbf63m [2019-06-18] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1807.9.0_x64__8wekyb3d8bbwe [2018-08-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-11-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-24] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-11] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-02-14] (Plex)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-11] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-02-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro

==================== Loaded Modules (Whitelisted) ==============

2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2013-08-30 20:46 - 2013-08-30 20:46 - 000344064 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2019-02-01 17:55 - 2019-02-01 17:55 - 000043008 _____ (AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
2019-02-01 17:55 - 2019-02-01 17:55 - 000571904 _____ (AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-12-04 10:46 - 2019-07-13 11:55 - 000000832 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3793205420-412100565-3992815856-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tse-t\Downloads\766536.jpg
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{74B30720-9068-4E6F-97BD-11DBB2E1D106}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BEEC389E-A0E6-48CD-9395-D1716171116F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F5532D79-48F4-4BDA-BDA9-28D7A2E34D5B}C:\users\tse-t\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tse-t\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{50E45203-18CB-4531-BEB8-8AB3349D5828}C:\users\tse-t\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tse-t\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{84ECDA30-E05C-4DEA-9FCB-12D4E89A0269}] => (Allow) D:\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat (Electronic Arts Inc.) [File not signed]
FirewallRules: [{E7647D50-D2CC-426E-916E-84B64E1595FE}] => (Allow) D:\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat (Electronic Arts Inc.) [File not signed]
FirewallRules: [{E4F17DDB-3C57-40BC-A8EB-1CEEC9875064}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{72DE1E46-1CEA-481C-85D9-188F78ABFA83}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

==================== Restore Points =========================

27-06-2019 11:32:16 Naplánovaný kontrolní bod
11-07-2019 10:59:25 Windows Update
18-07-2019 20:28:22 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: Obecný monitor PnP
Description: Obecný monitor PnP
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy monitorů)
Service: monitor
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/12/2019 07:17:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.

Error: (07/12/2019 07:17:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.

Error: (07/12/2019 07:17:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.

Error: (07/12/2019 07:16:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.

Error: (07/12/2019 07:16:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.

Error: (07/02/2019 10:13:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17134.285, časové razítko: 0x40f0d4bd
Kód výjimky: 0xc000041d
Posun chyby: 0x000063d7
ID chybujícího procesu: 0x130c
Čas spuštění chybující aplikace: 0x01d530a95e1dedfe
Cesta k chybující aplikaci: C:\Users\tse-t\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: fb23a432-6b52-4116-8544-8268284160e7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/01/2019 06:41:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17134.285, časové razítko: 0x40f0d4bd
Kód výjimky: 0xc000041d
Posun chyby: 0x000063d7
ID chybujícího procesu: 0x20c4
Čas spuštění chybující aplikace: 0x01d5302680b7797c
Cesta k chybující aplikaci: C:\Users\tse-t\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 4b35c0c8-b3f8-46b2-86ab-caf3ceebc035
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/28/2019 01:02:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17134.753 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 26ac

Čas spuštění: 01d52d7de78431c4

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

ID hlášení: 4572de4d-bd4d-43f1-86fe-531e1e64e9cd

Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: App


System errors:
=============
Error: (07/18/2019 08:15:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4C196SM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-4C196SM\tse-t (SID: S-1-5-21-3793205420-412100565-3992815856-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/18/2019 08:15:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4C196SM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-4C196SM\tse-t (SID: S-1-5-21-3793205420-412100565-3992815856-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/18/2019 08:15:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4C196SM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-4C196SM\tse-t (SID: S-1-5-21-3793205420-412100565-3992815856-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/17/2019 08:13:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Remediation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/17/2019 08:13:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/17/2019 08:13:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SAS Core Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (07/17/2019 08:13:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD User Experience Program Launcher byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/17/2019 08:13:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2019-06-17 17:32:27.806
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-06-14 07:33:19.161
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-03 10:03:14.726
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-10 17:09:35.179
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-10 17:09:35.179
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-10 14:28:27.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-07-10 14:28:27.766
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO I7KT31AUS 11/05/2013
Motherboard: LENOVO
Processor: AMD A10-6700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 36%
Total physical RAM: 7358.64 MB
Available physical RAM: 4696.41 MB
Total Virtual: 8510.64 MB
Available Virtual: 5704.41 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:196.6 GB) (Free:72.98 GB) NTFS
Drive d: (Data) (Fixed) (Total:709.94 GB) (Free:631.16 GB) NTFS

\\?\Volume{637bd438-d993-438c-9cb3-1786764832c4}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{c4cc57ff-7531-40d8-8557-cbc862774ce5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 889BB36B)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: kontrola

#7 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    2019-07-13 11:55 - 2019-07-13 11:55 - 000000000 ____D C:\rsit
    2019-07-13 11:54 - 2019-07-13 11:54 - 001222144 _____ C:\Users\tse-t\Downloads\RSITx64.exe
    2019-07-13 11:55 - 2018-07-08 11:48 - 000000000 ____D C:\Program Files\trend micro
    2019-02-14 11:49 - 2019-02-14 11:54 - 000000000 _____ () C:\Users\tse-t\AppData\Roaming\FileIn.cns
    2019-02-14 11:49 - 2019-02-14 11:54 - 000000000 _____ () C:\Users\tse-t\AppData\Roaming\FileOut.cns
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

rendy
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 14 zář 2013 20:14

Re: kontrola

#8 Příspěvek od rendy »

tady je log :)

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by tse-t (20-07-2019 12:01:07) Run:1
Running from C:\Users\tse-t\OneDrive\Plocha
Loaded Profiles: tse-t (Available Profiles: tse-t)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
2019-07-13 11:55 - 2019-07-13 11:55 - 000000000 ____D C:\rsit
2019-07-13 11:54 - 2019-07-13 11:54 - 001222144 _____ C:\Users\tse-t\Downloads\RSITx64.exe
2019-07-13 11:55 - 2018-07-08 11:48 - 000000000 ____D C:\Program Files\trend micro
2019-02-14 11:49 - 2019-02-14 11:54 - 000000000 _____ () C:\Users\tse-t\AppData\Roaming\FileIn.cns
2019-02-14 11:49 - 2019-02-14 11:54 - 000000000 _____ () C:\Users\tse-t\AppData\Roaming\FileOut.cns

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 1
Average :
Sum : 282
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

C:\rsit => moved successfully
C:\Users\tse-t\Downloads\RSITx64.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\tse-t\AppData\Roaming\FileIn.cns => moved successfully
C:\Users\tse-t\AppData\Roaming\FileOut.cns => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 142492625 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 347192 B
Edge => 9102 B
Chrome => 171047 B
Firefox => 1096583251 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 3838137 B
LocalService => 13532 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
tse-t => 13638490 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:02:50 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: kontrola

#9 Příspěvek od Conder »

:arrow: Ako to vyzera s PC? Su nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

rendy
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 14 zář 2013 20:14

Re: kontrola

#10 Příspěvek od rendy »

nene nejsou, já myslim že je všecko v pohodě :)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: kontrola

#11 Příspěvek od Conder »

:arrow: Logy vyzeraju OK. Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět