AhojPotřeboval bych preventívně projet log z RSITu a poradit proč mi nejde net framework nainstalovat Win jsou legal. ( koupený klíč ) a k tomu se vztahují i aktualizace které win update hází do chyby. tu popřípadně ještě doplním.
LOG:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pocky at 2021-09-10 19:03:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 900 GB (94%) free of 954 GB
Total RAM: 16366 MB (85% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe"
"C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe"
"C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe"
"C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe"
"C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe"
"C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe"
"C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe"
"C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Pocky\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Pocky\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=93.0.4577.63 --initial-client-data=0xa4,0xa8,0xac,0x78,0xb0,0x7fef301a380,0x7fef301a390,0x7fef301a3a0
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1144 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=1348 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=1552 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2472 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4060 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2744 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=1072 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1128,6261700035044748134,5676340489281132001,131072 --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2281150472-3489666352-2589934116-10004_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2281150472-3489666352-2589934116-10004 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Pocky\Downloads\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"=C:\Program Files\VIA XHCI UASP Utility\usb3Monitor []
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2010-10-08 2494576]
"CsrHCRPServer"=C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [2012-03-22 1134288]
"CsrAudioguiCtrl"=C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [2012-03-22 511696]
"CsrSyncMLServer"=C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [2012-03-22 244944]
"vksts"=C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [2012-03-22 25792]
"HarmonyUserStartup"=C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [2012-03-22 39128]
"CSRHarmonySkypePlugin"=C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [2012-03-22 146656]
"TrayApplication"=C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [2012-03-22 529616]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2010-10-08 2494576]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2021-09-10 19:03:16 ----D---- C:\rsit
2021-09-10 19:03:16 ----D---- C:\Program Files\trend micro
2021-09-10 19:00:53 ----D---- C:\FRST
2021-09-10 18:38:19 ----D---- C:\Program Files (x86)\Outbyte
2021-09-10 18:38:10 ----D---- C:\ProgramData\Outbyte
2021-09-10 18:33:48 ----D---- C:\BluetoothExchangeFolder
2021-09-10 18:30:54 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2021-09-10 18:30:54 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2021-09-10 18:30:54 ----A---- C:\Windows\system32\UIAnimation.dll
2021-09-10 18:30:54 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2021-09-10 18:30:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2021-09-10 18:30:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2021-09-10 18:30:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2021-09-10 18:30:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2021-09-10 18:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2021-09-10 18:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2021-09-10 18:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2021-09-10 18:30:49 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2021-09-10 18:30:49 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2021-09-10 18:30:49 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2021-09-10 18:30:49 ----A---- C:\Windows\system32\WMPhoto.dll
2021-09-10 18:30:49 ----A---- C:\Windows\system32\d3d10_1.dll
2021-09-10 18:30:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2021-09-10 18:30:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2021-09-10 18:30:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2021-09-10 18:30:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2021-09-10 18:30:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2021-09-10 18:30:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2021-09-10 18:30:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2021-09-10 18:30:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2021-09-10 18:30:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2021-09-10 18:30:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2021-09-10 18:30:45 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2021-09-10 18:30:45 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2021-09-10 18:30:45 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2021-09-10 18:30:45 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2021-09-10 18:30:45 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2021-09-10 18:30:45 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2021-09-10 18:30:45 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2021-09-10 18:30:45 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2021-09-10 18:30:45 ----A---- C:\Windows\system32\dxgi.dll
2021-09-10 18:30:45 ----A---- C:\Windows\system32\d3d10warp.dll
2021-09-10 18:30:45 ----A---- C:\Windows\system32\d3d10level9.dll
2021-09-10 18:30:45 ----A---- C:\Windows\system32\d3d10core.dll
2021-09-10 18:30:45 ----A---- C:\Windows\system32\d3d10_1core.dll
2021-09-10 18:30:44 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2021-09-10 18:30:44 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2021-09-10 18:30:44 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2021-09-10 18:30:44 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2021-09-10 18:30:44 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2021-09-10 18:30:44 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2021-09-10 18:30:44 ----A---- C:\Windows\system32\XpsPrint.dll
2021-09-10 18:30:44 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2021-09-10 18:30:44 ----A---- C:\Windows\system32\WindowsCodecs.dll
2021-09-10 18:30:44 ----A---- C:\Windows\system32\FntCache.dll
2021-09-10 18:30:44 ----A---- C:\Windows\system32\DWrite.dll
2021-09-10 18:30:44 ----A---- C:\Windows\system32\d3d11.dll
2021-09-10 18:30:44 ----A---- C:\Windows\system32\d3d10.dll
2021-09-10 18:30:44 ----A---- C:\Windows\system32\d2d1.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2021-09-10 18:29:58 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2021-09-10 18:29:58 ----A---- C:\Windows\SYSWOW64\user.exe
2021-09-10 18:29:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2021-09-10 18:29:58 ----A---- C:\Windows\SYSWOW64\credssp.dll
2021-09-10 18:29:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2021-09-10 18:29:58 ----A---- C:\Windows\system32\wdigest.dll
2021-09-10 18:29:58 ----A---- C:\Windows\system32\TSpkg.dll
2021-09-10 18:29:58 ----A---- C:\Windows\system32\sspisrv.dll
2021-09-10 18:29:58 ----A---- C:\Windows\system32\schannel.dll
2021-09-10 18:29:58 ----A---- C:\Windows\system32\lsass.exe
2021-09-10 18:29:58 ----A---- C:\Windows\system32\apisetschema.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\setup16.exe
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\objsel.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\instnm.exe
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2021-09-10 18:29:57 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\wow64cpu.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\winsrv.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\winlogon.exe
2021-09-10 18:29:57 ----A---- C:\Windows\system32\wincredprovider.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\ntvdm64.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\msv1_0.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\KernelBase.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2021-09-10 18:29:57 ----A---- C:\Windows\system32\dpapiprovider.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\dimsroam.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\csrsrv.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\conhost.exe
2021-09-10 18:29:57 ----A---- C:\Windows\system32\cngprovider.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\capiprovider.dll
2021-09-10 18:29:57 ----A---- C:\Windows\system32\adprovider.dll
2021-09-10 18:29:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2021-09-10 18:29:53 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2021-09-10 18:29:53 ----A---- C:\Windows\SYSWOW64\secur32.dll
2021-09-10 18:29:53 ----A---- C:\Windows\system32\sspicli.dll
2021-09-10 18:29:53 ----A---- C:\Windows\system32\secur32.dll
2021-09-10 18:29:53 ----A---- C:\Windows\system32\objsel.dll
2021-09-10 18:29:53 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2021-09-10 18:29:53 ----A---- C:\Windows\system32\credssp.dll
2021-09-10 18:29:52 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2021-09-10 18:29:52 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2021-09-10 18:29:52 ----A---- C:\Windows\system32\wow64.dll
2021-09-10 18:29:52 ----A---- C:\Windows\system32\smss.exe
2021-09-10 18:29:52 ----A---- C:\Windows\system32\ncrypt.dll
2021-09-10 18:29:52 ----A---- C:\Windows\system32\lsasrv.dll
2021-09-10 18:29:52 ----A---- C:\Windows\system32\kerberos.dll
2021-09-10 18:29:52 ----A---- C:\Windows\system32\drivers\cng.sys
2021-09-10 18:29:48 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2021-09-10 18:29:48 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2021-09-10 18:29:48 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2021-09-10 18:29:48 ----A---- C:\Windows\system32\wow64win.dll
2021-09-10 18:29:48 ----A---- C:\Windows\system32\ntoskrnl.exe
2021-09-10 18:29:48 ----A---- C:\Windows\system32\kernel32.dll
2021-09-10 18:09:38 ----D---- C:\c65cbaf97158f265f81f9bb2a59786
2021-09-10 17:49:53 ----D---- C:\0f0d6fa86f0920561acbc7871b2ff642
2021-09-10 16:50:49 ----D---- C:\Windows\system32\gl-ES
2021-09-10 16:50:49 ----D---- C:\Windows\system32\fr-CA
2021-09-10 16:50:49 ----D---- C:\Windows\system32\eu-ES
2021-09-10 16:50:49 ----D---- C:\Windows\system32\es-cl
2021-09-10 16:50:49 ----D---- C:\Windows\system32\ca-ES
2021-09-10 16:50:49 ----D---- C:\Program Files (x86)\CSR
2021-09-10 16:50:43 ----D---- C:\Program Files\CSR
2021-09-10 16:24:52 ----D---- C:\7f4d6a15fbd4012fce3bec8a181e966a
2021-09-10 16:19:30 ----A---- C:\Windows\system32\VIASysFx.dll
2021-09-10 16:19:30 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2021-09-10 16:19:30 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2021-09-10 16:19:30 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2021-09-10 16:19:30 ----A---- C:\Windows\system32\nQPropPageExt.dll
2021-09-10 16:19:30 ----A---- C:\Windows\system32\nQAPO.dll
2021-09-10 16:19:30 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2021-09-10 16:19:30 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2021-09-10 16:18:02 ----D---- C:\Windows\system32\SRSLabs
2021-09-10 16:18:02 ----D---- C:\Program Files\VIA
2021-09-10 16:18:00 ----A---- C:\Windows\SYSWOW64\VMAPO32.DLL
2021-09-10 16:18:00 ----A---- C:\Windows\system32\WavesGUILib64.dll
2021-09-10 16:18:00 ----A---- C:\Windows\system32\VtSrdAPO.dll
2021-09-10 16:18:00 ----A---- C:\Windows\system32\VMPPLD64.DLL
2021-09-10 16:18:00 ----A---- C:\Windows\system32\VMPPCN64.DLL
2021-09-10 16:18:00 ----A---- C:\Windows\system32\VMAPO64.DLL
2021-09-10 16:18:00 ----A---- C:\Windows\system32\ViakaraokeSrv.exe
2021-09-10 16:18:00 ----A---- C:\Windows\system32\ViaKaraokePropPageExt.dll
2021-09-10 16:18:00 ----A---- C:\Windows\system32\ViaKaraokeApo.dll
2021-09-10 16:18:00 ----A---- C:\Windows\system32\MaxxAudioVIA64.dll
2021-09-10 16:18:00 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2021-09-10 16:18:00 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2021-09-10 16:18:00 ----A---- C:\Windows\system32\drivers\VMfilt64.sys
2021-09-10 16:17:59 ----A---- C:\Windows\SYSWOW64\VMTHX32.DLL
2021-09-10 16:17:59 ----A---- C:\Windows\system32\VMWRP64.DLL
2021-09-10 16:17:59 ----A---- C:\Windows\system32\VMTHX64.DLL
2021-09-10 16:17:59 ----A---- C:\Windows\system32\PropPageExt.dll
2021-09-10 16:17:59 ----A---- C:\Windows\system32\EEP64H.dll
2021-09-10 16:17:59 ----A---- C:\Windows\system32\EEL64H.dll
2021-09-10 16:17:59 ----A---- C:\Windows\system32\EEL64A.dll
2021-09-10 16:17:59 ----A---- C:\Windows\system32\EEG64H.dll
2021-09-10 16:17:59 ----A---- C:\Windows\system32\EEG64A.dll
2021-09-10 16:17:59 ----A---- C:\Windows\system32\EED64H.dll
2021-09-10 16:17:59 ----A---- C:\Windows\system32\EED64A.dll
2021-09-10 16:17:59 ----A---- C:\Windows\system32\EEA64H.dll
2021-09-10 16:17:59 ----A---- C:\Windows\system32\EEA64A.dll
2021-09-10 16:17:53 ----N---- C:\Windows\difxapi.dll
2021-09-10 16:14:58 ----D---- C:\Users\Pocky\AppData\Roaming\InstallShield
2021-09-10 16:14:12 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2021-09-10 16:14:10 ----A---- C:\Windows\SYSWOW64\log.txt
2021-09-10 16:13:07 ----D---- C:\Program Files (x86)\Intel
2021-09-10 16:13:07 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2021-09-10 16:12:34 ----D---- C:\Intel
2021-09-10 16:11:48 ----A---- C:\Windows\system32\drivers\L1C62x64.sys
2021-09-10 16:11:23 ----D---- C:\Windows\SYSWOW64\Atheros_L1e
2021-09-10 16:00:43 ----D---- C:\Program Files (x86)\TP-Link
2021-09-10 15:59:53 ----A---- C:\Windows\system32\TP_TXPWR_LMT_Enc.txt
2021-09-10 15:59:53 ----A---- C:\Windows\system32\TP_PHY_REG_PG_Enc.txt
2021-09-10 15:59:53 ----A---- C:\Windows\system32\drivers\TP_TXPWR_LMT_Enc.txt
2021-09-10 15:59:53 ----A---- C:\Windows\system32\drivers\TP_PHY_REG_PG_Enc.txt
2021-09-10 15:59:52 ----A---- C:\Windows\system32\rtwlanu.sys
2021-09-10 15:59:52 ----A---- C:\Windows\system32\Rtlihvs.dll
2021-09-10 15:59:52 ----A---- C:\Windows\system32\RtlExtUI.dll
2021-09-10 15:59:52 ----A---- C:\Windows\system32\rtlCoInst.dll
2021-09-10 15:59:52 ----A---- C:\Windows\system32\rtlCoInst.dat
2021-09-10 15:59:52 ----A---- C:\Windows\system32\drivers\rtwlanu.sys
2021-09-10 15:59:44 ----D---- C:\ProgramData\TP-Link
2021-09-07 20:10:20 ----D---- C:\Windows\Panther
2021-09-07 20:10:15 ----RASH---- C:\BOOTSECT.BAK
2021-09-07 20:10:14 ----SHD---- C:\Boot
2021-09-07 19:26:37 ----D---- C:\Users\Pocky\AppData\Roaming\vlc
2021-09-07 19:26:31 ----D---- C:\Program Files (x86)\VideoLAN
2021-09-07 19:24:54 ----D---- C:\Program Files\Google
2021-09-07 19:24:27 ----D---- C:\Program Files (x86)\Google
2021-09-07 19:23:05 ----A---- C:\Windows\system32\drivers\xhcdrv.sys
2021-09-07 19:22:32 ----D---- C:\Program Files\VIA XHCI UASP Utility
2021-09-07 19:22:30 ----A---- C:\Windows\system32\Wdfres.dll
2021-09-07 19:22:30 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2021-09-07 19:22:30 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2021-09-07 19:22:27 ----A---- C:\Windows\system32\drivers\vusbstor.sys
2021-09-07 19:22:11 ----D---- C:\Program Files (x86)\VIA
2021-09-07 19:21:16 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2021-09-07 19:21:16 ----A---- C:\Windows\system32\drivers\ViaHub3.sys
2021-09-07 19:20:13 ----A---- C:\Windows\system32\drivers\RtVlan620.sys
2021-09-07 19:20:13 ----A---- C:\Windows\system32\drivers\RtTeam60.sys
2021-09-07 19:20:13 ----A---- C:\Windows\system32\drivers\RtNdPt60.sys
2021-09-07 19:19:50 ----D---- C:\Program Files (x86)\AMD APP
2021-09-07 19:19:46 ----DC---- C:\Windows\system32\DRVSTORE
2021-09-07 19:19:46 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2021-09-07 19:19:34 ----D---- C:\ProgramData\AMD
2021-09-07 19:19:34 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2021-09-07 19:19:30 ----D---- C:\Program Files (x86)\ATI Technologies
2021-09-07 19:18:47 ----D---- C:\Program Files (x86)\ATI
2021-09-07 19:18:31 ----D---- C:\Program Files\ATI Technologies
2021-09-07 19:18:28 ----D---- C:\Program Files\ATI
2021-09-07 19:17:49 ----SHD---- C:\Windows\Installer
2021-09-07 19:16:42 ----A---- C:\Windows\system32\RTNUninst64.dll
2021-09-07 19:16:42 ----A---- C:\Windows\system32\RtNicProp64.dll
2021-09-07 19:16:42 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2021-09-07 19:16:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2021-09-07 19:16:31 ----D---- C:\Program Files (x86)\Realtek
2021-09-07 19:15:31 ----D---- C:\Users\Pocky\AppData\Roaming\Identities
2021-09-07 19:15:28 ----SD---- C:\Users\Pocky\AppData\Roaming\Microsoft
2021-09-07 19:15:28 ----D---- C:\Users\Pocky\AppData\Roaming\Media Center Programs
2021-09-07 19:15:26 ----SHD---- C:\Recovery
2021-09-07 19:15:26 ----SHD---- C:\ProgramData\Šablony
2021-09-07 19:15:26 ----SHD---- C:\ProgramData\Plocha
2021-09-07 19:15:26 ----SHD---- C:\ProgramData\Oblíbené položky
2021-09-07 19:15:26 ----SHD---- C:\ProgramData\Nabídka Start
2021-09-07 19:15:26 ----SHD---- C:\ProgramData\Dokumenty
2021-09-07 19:15:26 ----SHD---- C:\ProgramData\Data aplikací
2021-09-07 19:15:24 ----D---- C:\Windows\SoftwareDistribution
2021-09-07 19:11:13 ----D---- C:\Windows\Prefetch
2021-09-07 19:11:05 ----SHD---- C:\System Volume Information
2021-09-07 19:11:05 ----ASH---- C:\pagefile.sys
2021-09-07 19:11:05 ----ASH---- C:\hiberfil.sys
2021-08-24 19:52:16 ----A---- C:\Windows\system32\drivers\AtiPcie.sys
2021-08-24 19:52:15 ----A---- C:\Windows\system32\drivers\ahcix64s.sys
======List of files/folders modified in the last 1 month======
2021-09-10 19:03:16 ----RD---- C:\Program Files
2021-09-10 19:03:16 ----D---- C:\Windows\Temp
2021-09-10 18:44:45 ----D---- C:\Windows\system32\config
2021-09-10 18:38:19 ----RD---- C:\Program Files (x86)
2021-09-10 18:38:15 ----D---- C:\Windows\System32
2021-09-10 18:38:15 ----D---- C:\Windows\inf
2021-09-10 18:38:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2021-09-10 18:38:10 ----HD---- C:\ProgramData
2021-09-10 18:33:53 ----D---- C:\Windows\system32\drivers
2021-09-10 18:33:50 ----D---- C:\Windows\winsxs
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\zh-TW
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\zh-HK
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\zh-CN
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\tr-TR
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\sv-SE
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\ru-RU
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\pt-PT
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\pt-BR
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\pl-PL
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\nl-NL
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\nb-NO
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\ko-KR
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\ja-JP
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\it-IT
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\hu-HU
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\fr-FR
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\fi-FI
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\es-ES
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\en-US
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\el-GR
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\de-DE
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\da-DK
2021-09-10 18:32:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2021-09-10 18:32:47 ----D---- C:\Windows\SysWOW64
2021-09-10 18:32:47 ----D---- C:\Windows\system32\zh-TW
2021-09-10 18:32:47 ----D---- C:\Windows\system32\zh-HK
2021-09-10 18:32:47 ----D---- C:\Windows\system32\zh-CN
2021-09-10 18:32:47 ----D---- C:\Windows\system32\tr-TR
2021-09-10 18:32:47 ----D---- C:\Windows\system32\sv-SE
2021-09-10 18:32:47 ----D---- C:\Windows\system32\ru-RU
2021-09-10 18:32:47 ----D---- C:\Windows\system32\pt-PT
2021-09-10 18:32:47 ----D---- C:\Windows\system32\pt-BR
2021-09-10 18:32:47 ----D---- C:\Windows\system32\pl-PL
2021-09-10 18:32:47 ----D---- C:\Windows\system32\nl-NL
2021-09-10 18:32:47 ----D---- C:\Windows\system32\nb-NO
2021-09-10 18:32:47 ----D---- C:\Windows\system32\ko-KR
2021-09-10 18:32:47 ----D---- C:\Windows\system32\ja-JP
2021-09-10 18:32:47 ----D---- C:\Windows\system32\it-IT
2021-09-10 18:32:47 ----D---- C:\Windows\system32\hu-HU
2021-09-10 18:32:47 ----D---- C:\Windows\system32\fr-FR
2021-09-10 18:32:47 ----D---- C:\Windows\system32\fi-FI
2021-09-10 18:32:47 ----D---- C:\Windows\system32\es-ES
2021-09-10 18:32:47 ----D---- C:\Windows\system32\en-US
2021-09-10 18:32:47 ----D---- C:\Windows\system32\el-GR
2021-09-10 18:32:47 ----D---- C:\Windows\system32\de-DE
2021-09-10 18:32:47 ----D---- C:\Windows\system32\da-DK
2021-09-10 18:32:47 ----D---- C:\Windows\system32\cs-CZ
2021-09-10 18:32:47 ----D---- C:\Windows\AppPatch
2021-09-10 18:31:24 ----D---- C:\Windows
2021-09-10 18:31:09 ----D---- C:\Windows\system32\catroot
2021-09-10 18:31:08 ----D---- C:\Windows\system32\catroot2
2021-09-10 16:51:03 ----D---- C:\Windows\system32\DriverStore
2021-09-10 16:50:50 ----D---- C:\Windows\system32\th-TH
2021-09-10 16:50:50 ----D---- C:\Windows\system32\sk-SK
2021-09-10 16:50:50 ----D---- C:\Windows\system32\he-IL
2021-09-10 16:50:50 ----D---- C:\Windows\system32\ar-SA
2021-09-10 16:50:49 ----D---- C:\Program Files (x86)\Common Files
2021-09-10 16:01:59 ----SD---- C:\ProgramData\Microsoft
2021-09-10 15:48:41 ----D---- C:\Windows\system32\NDF
2021-09-09 14:54:53 ----D---- C:\Windows\system32\drivers\UMDF
2021-09-09 14:54:27 ----D---- C:\Windows\system32\wdi
2021-09-08 05:42:21 ----D---- C:\Windows\rescache
2021-09-08 05:42:16 ----D---- C:\Windows\Logs
2021-09-07 19:33:16 ----D---- C:\Windows\system32\wbem
2021-09-07 19:33:16 ----D---- C:\Windows\system32\drivers\cs-CZ
2021-09-07 19:26:08 ----D---- C:\Windows\system32\LogFiles
2021-09-07 19:24:27 ----D---- C:\Windows\system32\Tasks
2021-09-07 19:23:16 ----D---- C:\Windows\system32\CodeIntegrity
2021-09-07 19:18:43 ----D---- C:\Program Files\Common Files\Microsoft Shared
2021-09-07 19:16:27 ----D---- C:\Windows\system32\restore
2021-09-07 19:16:22 ----D---- C:\Windows\Microsoft.NET
2021-09-07 19:16:20 ----RSD---- C:\Windows\assembly
2021-09-07 19:15:31 ----SHD---- C:\$Recycle.Bin
2021-09-07 19:15:28 ----RD---- C:\Users
2021-09-07 19:15:26 ----D---- C:\Windows\system32\Recovery
2021-09-07 19:15:26 ----D---- C:\Program Files\Windows NT
2021-09-07 19:14:06 ----D---- C:\Windows\debug
2021-09-07 19:12:27 ----D---- C:\Windows\system32\sysprep
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ahcix64s;ahcix64s; C:\Windows\system32\DRIVERS\ahcix64s.sys [2009-07-14 226616]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 27136]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 CsrBtPort;Ovladač zařízení Bluetooth CSR; C:\Windows\system32\DRIVERS\CsrBtPort.sys [2012-03-22 2784968]
R3 csrpan;Bluetooth Personal Area Network Device Driver; C:\Windows\system32\DRIVERS\csrpan.sys [2012-03-22 39616]
R3 csrserial;Ovladač zařízení SPP; C:\Windows\system32\DRIVERS\csrserial.sys [2012-03-22 61128]
R3 csrusb;CSR ovladač rozhraní USB pro hardwarový klíč Bluetooth; C:\Windows\System32\Drivers\csrusb.sys [2012-03-22 47296]
R3 csrusbfilter;CSR USB filter driver; C:\Windows\System32\Drivers\csrusbfilter.sys [2012-03-22 23752]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-04-25 104560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2021-09-10 56600]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-03-30 56448]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-10-02 1349232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-21 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-21 80384]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2017-12-07 5273160]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VUSB3HUB;VIA USB 3 Root Hub Service; C:\Windows\system32\DRIVERS\ViaHub3.sys [2014-10-31 225792]
S3 xhcdrv;VIA USB eXtensible Host Controller Service; C:\Windows\system32\DRIVERS\xhcdrv.sys [2013-08-12 295424]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BtSwitcherService;Služba Pøepnutí Bluetooth; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [2012-03-22 64216]
R2 CSRBtAudioService;Služba CSR Bluetooth Audio; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [2012-03-22 465624]
R2 CsrBtOBEXService;Služba CSR OBEX; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [2012-03-22 1041616]
R2 CsrBtService;CSR služba Bluetooth; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [2012-03-22 825032]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2021-09-10 326424]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2021-09-10 2594584]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-10-22 27768]
S2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-09-07 153168]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\93.0.4577.63\elevation_service.exe [2021-08-27 1483096]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-09-07 153168]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka + pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka + pomoc
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
JanHellsing
- Návštěvník
- Příspěvky: 91
- Registrován: 25 lis 2012 14:53
Re: Preventivka + pomoc
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-12-2021
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1467 octets] - [12/09/2021 12:38:14]
AdwCleaner[S01].txt - [1528 octets] - [12/09/2021 12:57:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-12-2021
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1467 octets] - [12/09/2021 12:38:14]
AdwCleaner[S01].txt - [1528 octets] - [12/09/2021 12:57:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka + pomoc
OK. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
JanHellsing
- Návštěvník
- Příspěvky: 91
- Registrován: 25 lis 2012 14:53
Re: Preventivka + pomoc
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2021
Ran by Pocky (12-09-2021 18:59:24)
Running from C:\Users\Pocky\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2021-09-07 17:15:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2281150472-3489666352-2589934116-500 - Administrator - Disabled)
Guest (S-1-5-21-2281150472-3489666352-2589934116-501 - Limited - Disabled)
Pocky (S-1-5-21-2281150472-3489666352-2589934116-1000 - Administrator - Enabled) => C:\Users\Pocky
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Catalyst Install Manager (HKLM\...\{120EC191-78F8-CA89-3511-7E90C23F5261}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Název společnosti:)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.63 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.50.1172 - Intel Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Novicorp WinToFlash Lite verze 1.13.0000 (HKLM-x32\...\{A1A1FF24-34C6-4B77-BDB7-A689979F018C}_is1) (Version: 1.13.0000 - Novicorp)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
The Lord of the Rings FREE Trial (HKLM-x32\...\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TP-Link TL-WN722N (HKLM-x32\...\{F9C15685-38A9-46A1-9826-97204015C19C}) (Version: 2.1.0 - TP-Link)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Warcraft 3 Frozen Throne patch 1.26 version for Windows (HKLM-x32\...\{813E638A-0410-E9B7-7834-85862C98DD52}_is1) (Version: for Windows - )
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2281150472-3489666352-2589934116-1000\...\Warcraft III) (Version: - )
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2012-08-06 12:01 - 2012-08-06 12:01 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2012-08-06 12:01 - 2012-08-06 12:01 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2021-09-07 19:25 - 2021-08-27 22:38 - 000442200 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\libegl.dll
2021-09-07 19:25 - 2021-08-27 22:38 - 008154968 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\libglesv2.dll
2021-09-07 19:25 - 2021-08-27 22:38 - 004590424 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\vk_swiftshader.dll
2021-09-07 19:25 - 2021-08-27 22:38 - 000728920 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\vulkan-1.dll
2021-09-07 19:25 - 2021-08-27 22:37 - 170324312 _____ (Google LLC -> Google LLC) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\chrome.dll
2021-09-07 19:25 - 2021-08-27 22:38 - 001189208 _____ (Google LLC -> Google LLC) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\chrome_elf.dll
2021-09-07 19:25 - 2021-08-27 22:10 - 004891080 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\D3DCompiler_47.dll
2021-09-12 14:07 - 2017-11-07 12:00 - 000544768 _____ (Novicorp) [File not signed] \\?\C:\Program Files (x86)\Novicorp WinToFlash\Language\lc0409.dll
2021-09-12 14:07 - 2017-11-07 12:00 - 000963072 _____ (Novicorp) [File not signed] C:\Program Files (x86)\Novicorp WinToFlash\Components\AboutDialog.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 8) (Whitelisted) ==========
HKU\S-1-5-21-2281150472-3489666352-2589934116-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxps://www.msn.com/cs-cz/?ocid=iehp
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-2281150472-3489666352-2589934116-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{57ED0CB4-2B21-4301-AF23-234284260458}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) [File not signed]
==================== Restore Points =========================
07-09-2021 19:16:27 Instalováno Realtek Ethernet Controller Driver
07-09-2021 19:17:49 Installed AMD SATA Controller Driver
07-09-2021 19:20:07 Instalováno Realtek Ethernet Diagnostic Utility
07-09-2021 19:22:07 Installed Platform
07-09-2021 19:23:20 Configured Platform
10-09-2021 15:54:14 Instalováno Realtek Ethernet Controller Driver
10-09-2021 15:59:47 Installed TP-Link Wireless Adapter WPS Tool and Driver
10-09-2021 16:11:15 Instalováno Atheros Communications Inc.(R) AR81Family Gigabit/FaJfÜZ
10-09-2021 16:17:36 Configured Platform
10-09-2021 16:18:46 Configured Platform
10-09-2021 16:50:26 Installed CSR Harmony Wireless Software Stack.
10-09-2021 18:29:40 Windows Update
10-09-2021 18:30:37 Windows Update
11-09-2021 09:28:57 Instalace balíčku ovladače zařízení: Disc-Soft Systémová zařízení
11-09-2021 10:14:22 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
11-09-2021 10:15:06 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
System errors:
=============
Error: (09/12/2021 06:58:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (09/12/2021 06:58:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (09/12/2021 06:58:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (09/12/2021 01:59:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (09/12/2021 01:59:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (09/12/2021 01:59:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (09/12/2021 01:41:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (09/12/2021 01:41:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V17.6 01/13/2012
Motherboard: MSI H61M-P21 (MS-7680)
Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Percentage of memory in use: 24%
Total physical RAM: 16365.96 MB
Available physical RAM: 12291.04 MB
Total Virtual: 32730.09 MB
Available Virtual: 27464.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:862.25 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Removable) (Total:14.52 GB) (Free:13.95 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B00F9B1F)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 14.6 GB) (Disk ID: 06DFE992)
Partition 1: (Active) - (Size=14.6 GB) - (Type=0C)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2021
Ran by Pocky (administrator) on POCKY-PC (MSI MS-7680) (12-09-2021 18:58:29)
Running from C:\Users\Pocky\Desktop
Loaded Profiles: Pocky
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Google LLC -> Google LLC) [File not signed] C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Novicorp) [File not signed] C:\Program Files (x86)\Novicorp WinToFlash\WinToFlash.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.) [File not signed]
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2494576 2010-10-08] (VIA Technologies Inc. -> VIA)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2494576 2010-10-08] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [msqbeySrv] => C:\Windows\inf\msqbey.vbe [1558 2013-08-27] () [File not signed]
HKU\S-1-5-21-2281150472-3489666352-2589934116-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\Windows\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.63\Installer\chrmstp.exe [2021-09-07] (Google LLC -> Google LLC) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2A119B3B-EDA2-4007-A18F-E5AFD589AA0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2021-09-07] (Google Inc -> Google Inc.)
Task: {D63CD625-A9B5-42A6-94B9-00B6A09E0702} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2021-09-07] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{768AC1A1-F09C-4495-9BE7-B88A357D684B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{85FA77A2-9E5E-4A45-9565-EEDA5B2F7BF2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DBDB85CC-A4DB-48F8-9065-D9BD77AD18DC}: [DhcpNameServer] 192.168.0.4 172.16.0.10 172.16.0.20
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default [2021-09-12]
CHR HomePage: Default -> hxxp://mail.ru/cnt/10445?gp=855100
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=855100"
CHR Extension: (Prezentace) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-07]
CHR Extension: (Dokumenty) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-07]
CHR Extension: (Disk Google) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-07]
CHR Extension: (YouTube) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-07]
CHR Extension: (Tabulky) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-07]
CHR Extension: (Gmail) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
S2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\93.0.4577.63\elevation_service.exe [1483096 2021-08-27] (Google LLC -> Google LLC) [File not signed]
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-10-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2021-09-11] (DT Soft Ltd -> DT Soft Ltd)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [5273160 2017-12-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-12 18:58 - 2021-09-12 18:58 - 000010682 _____ C:\Users\Pocky\Desktop\FRST.txt
2021-09-12 14:07 - 2021-09-12 14:07 - 000001210 _____ C:\Users\Public\Desktop\Novicorp WinToFlash Lite.lnk
2021-09-12 14:07 - 2021-09-12 14:07 - 000000000 ____D C:\Users\Pocky\Documents\Multiboot Cache
2021-09-12 14:07 - 2021-09-12 14:07 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\Novicorp
2021-09-12 14:07 - 2021-09-12 14:07 - 000000000 ____D C:\Users\Pocky\AppData\Local\Novicorp
2021-09-12 14:07 - 2021-09-12 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Novicorp WinToFlash Lite
2021-09-12 14:07 - 2021-09-12 14:07 - 000000000 ____D C:\Program Files (x86)\Novicorp WinToFlash
2021-09-12 14:06 - 2021-09-12 14:06 - 009567962 _____ (Novicorp ) C:\Users\Pocky\Downloads\Novicorp_WinToFlash_Lite_The_Bootable_USB_Creator_1.13.0000_Setup.exe
2021-09-12 13:03 - 2021-09-12 13:41 - 000000070 _____ C:\Users\Pocky\Desktop\rufus.ini
2021-09-12 12:37 - 2021-09-12 12:59 - 000000000 ____D C:\AdwCleaner
2021-09-12 12:37 - 2021-09-12 12:37 - 008553680 _____ (Malwarebytes) C:\Users\Pocky\Desktop\adwcleaner_8.3.0.exe
2021-09-12 12:35 - 2021-09-12 14:06 - 000000270 __RSH C:\ProgramData\ntuser.pol
2021-09-12 12:35 - 2021-09-12 12:35 - 001181752 _____ (Akeo Consulting) C:\Users\Pocky\Desktop\rufus-3.15p.exe
2021-09-12 12:35 - 2021-09-12 12:35 - 000000070 _____ C:\Users\Pocky\Downloads\rufus.ini
2021-09-12 09:11 - 2021-09-12 09:11 - 000002144 _____ C:\Users\Pocky\Downloads\smime.p7s
2021-09-11 21:52 - 2021-09-11 22:02 - 598044672 _____ C:\Users\Pocky\Desktop\pt-pt_windows_xp_home_with_service_pack_3_x86_cd_x14-92425.iso
2021-09-11 21:51 - 2021-09-11 22:04 - 868036353 _____ C:\Users\Pocky\Downloads\Windows xp crystal cz+cd key.rar.rar
2021-09-11 21:51 - 2021-09-11 22:04 - 673089536 _____ C:\Users\Pocky\Desktop\WINDOWS XP SP3+.iso
2021-09-11 21:51 - 2021-09-11 22:03 - 728920064 _____ C:\Users\Pocky\Desktop\Windows xp SP3.iso
2021-09-11 21:51 - 2021-09-11 22:02 - 728612864 _____ C:\Users\Pocky\Desktop\Microsoft Windows XP Professional SP3 CZ [ 8.2013 ] .iso
2021-09-11 21:51 - 2021-09-11 22:02 - 648671232 _____ C:\Users\Pocky\Desktop\WIN XP Crystal.iso
2021-09-11 12:28 - 2021-09-11 12:34 - 639762432 _____ C:\Users\Pocky\Desktop\Windows XP_CZ_SP3.iso
2021-09-11 12:27 - 2021-09-11 12:28 - 683343872 _____ C:\Users\Pocky\Desktop\Windows XP.iso
2021-09-11 12:26 - 2021-09-11 12:26 - 000000000 ____D C:\Users\Pocky\Desktop\WIndows XP Windows 7 Windows Vista crack activator
2021-09-11 10:14 - 2021-09-11 10:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-09-11 10:14 - 2021-09-11 10:14 - 001420840 _____ (Microsoft Corporation) C:\Users\Pocky\Downloads\vcredist_arm.exe
2021-09-11 10:12 - 2021-09-11 10:12 - 069778584 _____ (Blizzard Entertainment) C:\Users\Pocky\Downloads\War3TFT_127a_Cesky.exe
2021-09-11 10:11 - 2021-09-11 10:11 - 000000000 _____ C:\Users\Pocky\regbcm
2021-09-11 10:10 - 2021-09-11 10:10 - 000001496 _____ C:\Users\Public\Desktop\Warcraft 3 Frozen Throne patch 1.26.lnk
2021-09-11 09:39 - 2021-09-11 09:39 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2021-09-11 09:36 - 2021-09-11 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft 3 Frozen Throne patch 1.26
2021-09-11 09:35 - 2021-09-11 09:35 - 000001960 _____ C:\Users\Pocky\Desktop\Frozen Throne.lnk
2021-09-11 09:32 - 2021-09-11 09:35 - 000056741 _____ C:\Windows\War3Unin.dat
2021-09-11 09:32 - 2021-09-11 09:34 - 000139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
2021-09-11 09:32 - 2021-09-11 09:34 - 000002829 _____ C:\Windows\War3Unin.pif
2021-09-11 09:32 - 2021-09-11 09:34 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2021-09-11 09:32 - 2021-09-11 09:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2021-09-11 09:32 - 2021-09-11 09:32 - 000001953 _____ C:\Users\Pocky\Desktop\Warcraft III.lnk
2021-09-11 09:31 - 2021-09-11 12:24 - 000000000 ____D C:\Program Files (x86)\Warcraft III
2021-09-11 09:28 - 2021-09-11 09:29 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\DAEMON Tools Lite
2021-09-11 09:28 - 2021-09-11 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2021-09-11 09:28 - 2021-09-11 09:29 - 000000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2021-09-11 09:28 - 2021-09-11 09:28 - 011193664 _____ (DT Soft Ltd.) C:\Users\Pocky\Downloads\Lite 4.40.2_DTLite4402-0131.exe
2021-09-11 09:28 - 2021-09-11 09:28 - 000254528 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2021-09-11 09:28 - 2021-09-11 09:28 - 000001954 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2021-09-11 09:28 - 2021-09-11 09:28 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2021-09-11 08:24 - 2021-09-11 08:26 - 836779400 _____ (simplix) C:\Users\Pocky\Downloads\UpdatePack7R2-21.8.11.exe
2021-09-11 08:24 - 2021-09-11 08:24 - 001050984 _____ (simplix) C:\Users\Pocky\Downloads\UpdatePack7R2.exe
2021-09-11 08:17 - 2021-09-11 08:17 - 121307088 _____ (Microsoft Corporation) C:\Users\Pocky\Downloads\ndp48-x86-x64-allos-enu (1).exe
2021-09-11 08:15 - 2021-09-11 08:15 - 121307088 _____ (Microsoft Corporation) C:\Users\Pocky\Downloads\ndp48-x86-x64-allos-enu.exe
2021-09-11 08:08 - 2021-09-11 08:08 - 001405792 _____ (Microsoft Corporation) C:\Users\Pocky\Downloads\ndp472-kb4054531-web.exe
2021-09-10 20:59 - 2021-09-10 21:01 - 869799936 _____ C:\Users\Pocky\Downloads\Neporazitelny 2 cz.avi
2021-09-10 20:37 - 2021-09-10 20:39 - 864607872 _____ C:\Users\Pocky\Downloads\01.NEPORAZITELNY CZ.avi
2021-09-10 19:03 - 2021-09-10 19:03 - 000000000 ____D C:\rsit
2021-09-10 19:03 - 2021-09-10 19:03 - 000000000 ____D C:\Program Files\trend micro
2021-09-10 19:02 - 2021-09-10 19:02 - 001222144 _____ C:\Users\Pocky\Downloads\RSITx64.exe
2021-09-10 19:01 - 2021-09-10 19:02 - 000008470 _____ C:\Users\Pocky\Downloads\Addition.txt
2021-09-10 19:00 - 2021-09-12 18:58 - 000000000 ____D C:\FRST
2021-09-10 19:00 - 2021-09-10 19:02 - 000033467 _____ C:\Users\Pocky\Downloads\FRST.txt
2021-09-10 18:50 - 2021-09-10 18:50 - 002302976 _____ (Farbar) C:\Users\Pocky\Desktop\FRST64.exe
2021-09-10 18:37 - 2021-09-10 18:38 - 021305248 _____ (Outbyte) C:\Users\Pocky\Downloads\0x800c0006-outbyte-pc-repair.exe
2021-09-10 18:33 - 2021-09-10 18:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf
2021-09-10 18:33 - 2021-09-10 18:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_csrpan_01009.Wdf
2021-09-10 18:33 - 2021-09-10 18:33 - 000000000 ____D C:\BluetoothExchangeFolder
2021-09-10 18:30 - 2021-09-10 18:30 - 011840839 _____ C:\Users\Pocky\Downloads\Windows6.1-KB2670838-x64.msu
2021-09-10 18:30 - 2021-09-10 18:30 - 005911327 _____ C:\Users\Pocky\Downloads\Windows6.1-KB2670838-x86.msu
2021-09-10 18:29 - 2021-09-10 18:29 - 013414711 _____ C:\Users\Pocky\Downloads\Windows6.1-KB2871997-v2-x64.msu
2021-09-10 18:09 - 2021-09-10 18:09 - 001260536 _____ (Microsoft Corporation) C:\Users\Pocky\Downloads\netfxrepairtool.exe
2021-09-10 18:09 - 2021-09-10 18:09 - 000247947 _____ C:\Users\Pocky\Desktop\FixDotNet20210910160950188.cab
2021-09-10 18:09 - 2021-09-10 18:09 - 000000000 ____D C:\c65cbaf97158f265f81f9bb2a59786
2021-09-10 17:49 - 2021-09-10 18:05 - 000000000 ____D C:\0f0d6fa86f0920561acbc7871b2ff642
2021-09-10 16:52 - 2021-09-10 16:52 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_csrusb_01009.Wdf
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Windows\system32\gl-ES
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Windows\system32\eu-ES
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Windows\system32\es-cl
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Windows\system32\ca-ES
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Program Files\CSR
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Program Files (x86)\CSR
2021-09-10 16:49 - 2021-09-10 16:49 - 000000000 ____D C:\Users\Pocky\Desktop\Windows
2021-09-10 16:46 - 2021-09-10 16:47 - 427938830 _____ C:\Users\Pocky\Downloads\UB400_Driver.zip
2021-09-10 16:42 - 2021-09-10 16:42 - 000000000 ____D C:\Users\Pocky\AppData\Local\ElevatedDiagnostics
2021-09-10 16:24 - 2021-09-10 16:25 - 000000000 ____D C:\7f4d6a15fbd4012fce3bec8a181e966a
2021-09-10 16:19 - 2021-09-10 16:19 - 000001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
2021-09-10 16:19 - 2010-10-02 03:41 - 001349232 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2021-09-10 16:19 - 2010-10-02 03:41 - 000991856 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2021-09-10 16:19 - 2010-10-02 03:41 - 000549488 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2021-09-10 16:19 - 2010-10-02 03:41 - 000202864 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2021-09-10 16:19 - 2010-10-02 03:41 - 000091760 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2021-09-10 16:19 - 2010-10-02 03:41 - 000085616 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2021-09-10 16:19 - 2007-12-04 11:28 - 000086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2021-09-10 16:19 - 2007-12-04 11:28 - 000082432 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2021-09-10 16:18 - 2021-09-10 16:19 - 000001206 _____ C:\Users\Public\Desktop\HD VDeck.lnk
2021-09-10 16:18 - 2021-09-10 16:18 - 000000000 ____D C:\Windows\system32\SRSLabs
2021-09-10 16:18 - 2021-09-10 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA
2021-09-10 16:18 - 2021-09-10 16:18 - 000000000 ____D C:\Program Files\VIA
2021-09-10 16:18 - 2012-10-22 16:44 - 001161336 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2021-09-10 16:18 - 2012-10-22 16:44 - 000123512 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2021-09-10 16:18 - 2012-10-22 16:44 - 000070776 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2021-09-10 16:18 - 2012-10-22 16:44 - 000027768 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2021-09-10 16:18 - 2012-09-24 16:33 - 003141496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVIA64.dll
2021-09-10 16:18 - 2012-09-24 16:32 - 002080120 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2021-09-10 16:18 - 2012-09-05 17:12 - 000860024 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2021-09-10 16:18 - 2012-07-15 13:16 - 000394104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2021-09-10 16:18 - 2011-09-27 18:13 - 000879616 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2021-09-10 16:18 - 2011-09-27 18:13 - 000739328 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2021-09-10 16:18 - 2011-09-27 18:13 - 000057856 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2021-09-10 16:18 - 2010-10-26 18:54 - 000053760 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2021-09-10 16:18 - 2009-07-31 11:40 - 000025600 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2021-09-10 16:17 - 2012-10-22 16:43 - 000055416 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 007163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64H.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64H.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64H.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64H.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64H.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2021-09-10 16:17 - 2011-09-27 18:13 - 000619520 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2021-09-10 16:17 - 2011-09-27 18:13 - 000554496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2021-09-10 16:17 - 2010-10-26 18:55 - 000074240 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2021-09-10 16:14 - 2021-09-10 16:13 - 000008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2021-09-10 16:13 - 2021-09-10 16:14 - 000000000 ____D C:\Program Files (x86)\Intel
2021-09-10 16:13 - 2012-07-04 10:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2021-09-10 16:12 - 2021-09-10 16:12 - 000000000 ____D C:\Intel
2021-09-10 16:11 - 2021-09-10 16:11 - 000000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2021-09-10 16:11 - 2012-04-25 15:07 - 000104560 _____ (Qualcomm Atheros Co., Ltd.) C:\Windows\system32\Drivers\L1C62x64.sys
2021-09-10 16:10 - 2021-09-10 16:10 - 031121050 _____ C:\Users\Pocky\Downloads\LiveUpdate.zip
2021-09-10 16:10 - 2021-09-10 16:10 - 002881236 _____ C:\Users\Pocky\Downloads\SuperCharger_mb_1.3.0.29.zip
2021-09-10 16:09 - 2021-09-10 16:10 - 257198572 _____ C:\Users\Pocky\Downloads\intel_vga_7_mb.zip
2021-09-10 16:09 - 2021-09-10 16:10 - 148775988 _____ C:\Users\Pocky\Downloads\via_audio_mb_8.zip
2021-09-10 16:09 - 2021-09-10 16:10 - 066722018 _____ C:\Users\Pocky\Downloads\via_audio_ac97_vx7_mb.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 012474270 _____ C:\Users\Pocky\Downloads\Intel_RST_MB.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 005841701 _____ C:\Users\Pocky\Downloads\Atheros_lan_vx_mb.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 004135195 _____ C:\Users\Pocky\Downloads\intel6x_ime_mb.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 002796573 _____ C:\Users\Pocky\Downloads\intel_chipset_6_mb.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 001872438 _____ C:\Users\Pocky\Downloads\intel_rstrt_mb.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 000612925 _____ C:\Users\Pocky\Downloads\Intel_RST_floppy_MB.zip
2021-09-10 16:01 - 2021-09-10 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2021-09-10 16:00 - 2021-09-10 16:00 - 000000000 ____D C:\Program Files (x86)\TP-Link
2021-09-10 15:59 - 2021-09-10 16:00 - 000000000 ____D C:\Users\Pocky\AppData\Local\TP-Link
2021-09-10 15:59 - 2021-09-10 15:59 - 000000000 ____D C:\ProgramData\TP-Link
2021-09-10 15:59 - 2017-12-07 05:12 - 005273160 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\rtwlanu.sys
2021-09-10 15:59 - 2017-12-07 05:12 - 005273160 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlanu.sys
2021-09-10 15:59 - 2017-12-07 05:12 - 001190976 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2021-09-10 15:59 - 2017-12-07 05:12 - 000132672 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\RtlExtUI.dll
2021-09-10 15:59 - 2017-12-07 05:12 - 000066624 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\system32\rtlCoInst.dll
2021-09-10 15:59 - 2017-12-07 05:11 - 000023961 _____ C:\Windows\system32\netrtwlanu.cat
2021-09-10 15:59 - 2017-12-07 01:04 - 000011794 _____ C:\Windows\system32\rtlCoInst.dat
2021-09-10 15:59 - 2017-12-07 01:04 - 000002083 _____ C:\Windows\system32\TP_TXPWR_LMT_Enc.txt
2021-09-10 15:59 - 2017-12-07 01:04 - 000002083 _____ C:\Windows\system32\Drivers\TP_TXPWR_LMT_Enc.txt
2021-09-10 15:59 - 2017-12-07 01:04 - 000000657 _____ C:\Windows\system32\TP_PHY_REG_PG_Enc.txt
2021-09-10 15:59 - 2017-12-07 01:04 - 000000657 _____ C:\Windows\system32\Drivers\TP_PHY_REG_PG_Enc.txt
2021-09-09 14:54 - 2021-09-09 14:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2021-09-08 04:25 - 2021-09-08 04:26 - 1325045760 _____ C:\Users\Pocky\Downloads\W7SP1_HOMEPREMIUM_64bit.iso
2021-09-07 20:10 - 2021-09-07 20:10 - 000008192 __RSH C:\BOOTSECT.BAK
2021-09-07 20:10 - 2021-09-07 19:15 - 000000000 ____D C:\Windows\Panther
2021-09-07 20:10 - 2010-11-21 05:23 - 000383786 __RSH C:\bootmgr
2021-09-07 19:38 - 2021-09-07 19:38 - 000000000 ____D C:\Users\Pocky\.gnutls
2021-09-07 19:34 - 2021-09-07 19:34 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ViaHub3_01011.Wdf
2021-09-07 19:33 - 2021-09-07 19:33 - 000057560 _____ C:\Users\Pocky\AppData\Local\GDIPFONTCACHEV1.DAT
2021-09-07 19:26 - 2021-09-11 08:52 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\vlc
2021-09-07 19:26 - 2021-09-07 19:39 - 000001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-09-07 19:26 - 2021-09-07 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-09-07 19:26 - 2021-09-07 19:26 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2021-09-07 19:25 - 2021-09-07 19:25 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-07 19:25 - 2021-09-07 19:25 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-07 19:24 - 2021-09-12 18:34 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-07 19:24 - 2021-09-07 19:36 - 000000000 ____D C:\Users\Pocky\AppData\Local\Google
2021-09-07 19:24 - 2021-09-07 19:29 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-07 19:24 - 2021-09-07 19:29 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-07 19:24 - 2021-09-07 19:24 - 000000000 ____D C:\Program Files\Google
2021-09-07 19:23 - 2013-08-12 11:13 - 000295424 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\xhcdrv.sys
2021-09-07 19:22 - 2021-09-10 16:18 - 000000000 ____D C:\Program Files (x86)\VIA
2021-09-07 19:22 - 2021-09-07 19:22 - 000000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2021-09-07 19:22 - 2021-09-07 19:22 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xhcdrv_01011.Wdf
2021-09-07 19:22 - 2021-09-07 19:22 - 000000000 ____D C:\Program Files\VIA XHCI UASP Utility
2021-09-07 19:22 - 2013-01-18 03:11 - 000086064 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\vusbstor.sys
2021-09-07 19:22 - 2012-06-02 16:35 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2021-09-07 19:21 - 2014-10-31 10:44 - 000225792 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\ViaHub3.sys
2021-09-07 19:20 - 2021-09-07 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2021-09-07 19:20 - 2011-09-16 09:12 - 000032360 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys
2021-09-07 19:20 - 2011-06-15 15:11 - 000058472 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys
2021-09-07 19:20 - 2011-06-15 15:11 - 000027136 _____ (Realtek ) C:\Windows\system32\Drivers\RtNdPt60.sys
2021-09-07 19:19 - 2021-09-07 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2021-09-07 19:19 - 2021-09-07 19:19 - 000000000 ____D C:\ProgramData\AMD
2021-09-07 19:19 - 2021-09-07 19:19 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2021-09-07 19:19 - 2021-09-07 19:19 - 000000000 ____D C:\Program Files (x86)\AMD APP
2021-09-07 19:19 - 2012-03-30 16:49 - 000056448 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2021-09-07 19:19 - 2010-02-18 09:18 - 000046136 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdiox64.sys
2021-09-07 19:18 - 2021-09-07 19:19 - 000000000 ____D C:\Program Files\ATI Technologies
2021-09-07 19:18 - 2021-09-07 19:18 - 000002060 _____ C:\Users\Public\Desktop\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
2021-09-07 19:18 - 2021-09-07 19:18 - 000000000 ____D C:\Program Files\ATI
2021-09-07 19:18 - 2021-09-07 19:18 - 000000000 ____D C:\Program Files (x86)\ATI
2021-09-07 19:16 - 2021-09-10 16:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-09-07 19:16 - 2021-09-10 15:54 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-09-07 19:16 - 2014-06-17 14:13 - 000941272 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2021-09-07 19:16 - 2014-06-17 14:13 - 000107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2021-09-07 19:16 - 2014-06-17 14:13 - 000073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2021-09-07 19:15 - 2021-09-11 10:12 - 000000000 ____D C:\Users\Pocky\AppData\Local\VirtualStore
2021-09-07 19:15 - 2021-09-11 10:11 - 000000000 ____D C:\Users\Pocky
2021-09-07 19:15 - 2021-09-07 19:15 - 000001447 _____ C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2021-09-07 19:15 - 2021-09-07 19:15 - 000001413 _____ C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2021-09-07 19:15 - 2021-09-07 19:15 - 000000020 ___SH C:\Users\Pocky\ntuser.ini
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Šablony
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Soubory cookie
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Poslední
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Okolní tiskárny
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Okolní síť
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Nabídka Start
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Dokumenty
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Documents\Obrázky
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Documents\Hudba
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Documents\Filmy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Data aplikací
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\AppData\Local\Data aplikací
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Šablony
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Poslední
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Šablony
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Plocha
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Oblíbené položky
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-09-07 19:15 - 2011-04-12 10:45 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\Media Center Programs
2021-09-07 19:12 - 2021-09-07 19:12 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2021-09-07 19:12 - 2021-09-07 19:12 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2021-08-24 19:52 - 2009-07-14 17:35 - 000226616 _____ (Advanced Micro Devices, Inc) C:\Windows\system32\Drivers\ahcix64s.sys
2021-08-24 19:52 - 2009-05-05 16:00 - 000016440 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\AtiPcie.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-12 12:35 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-09-12 12:35 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2021-09-12 09:04 - 2009-07-14 06:45 - 000022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-12 09:04 - 2009-07-14 06:45 - 000022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-11 12:58 - 2011-04-12 10:34 - 000622422 _____ C:\Windows\system32\perfh005.dat
2021-09-11 12:58 - 2011-04-12 10:34 - 000118604 _____ C:\Windows\system32\perfc005.dat
2021-09-11 12:58 - 2009-07-14 07:13 - 001445734 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-11 12:58 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-09-11 02:58 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2021-09-10 18:33 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-10 16:13 - 2011-09-22 09:49 - 000056600 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2021-09-10 15:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2021-09-07 20:10 - 2009-07-14 07:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2021-09-07 19:18 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2021-09-07 19:15 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Windows NT
2021-09-07 19:12 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2021-09-07 19:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\sysprep
2021-09-07 19:11 - 2009-07-14 06:45 - 000274736 _____ C:\Windows\system32\FNTCACHE.DAT
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-09-09 14:54
==================== End of FRST.txt ========================
Ran by Pocky (12-09-2021 18:59:24)
Running from C:\Users\Pocky\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2021-09-07 17:15:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2281150472-3489666352-2589934116-500 - Administrator - Disabled)
Guest (S-1-5-21-2281150472-3489666352-2589934116-501 - Limited - Disabled)
Pocky (S-1-5-21-2281150472-3489666352-2589934116-1000 - Administrator - Enabled) => C:\Users\Pocky
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Catalyst Install Manager (HKLM\...\{120EC191-78F8-CA89-3511-7E90C23F5261}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Název společnosti:)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.63 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.50.1172 - Intel Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Novicorp WinToFlash Lite verze 1.13.0000 (HKLM-x32\...\{A1A1FF24-34C6-4B77-BDB7-A689979F018C}_is1) (Version: 1.13.0000 - Novicorp)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
The Lord of the Rings FREE Trial (HKLM-x32\...\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TP-Link TL-WN722N (HKLM-x32\...\{F9C15685-38A9-46A1-9826-97204015C19C}) (Version: 2.1.0 - TP-Link)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Warcraft 3 Frozen Throne patch 1.26 version for Windows (HKLM-x32\...\{813E638A-0410-E9B7-7834-85862C98DD52}_is1) (Version: for Windows - )
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2281150472-3489666352-2589934116-1000\...\Warcraft III) (Version: - )
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2012-08-06 12:01 - 2012-08-06 12:01 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2012-08-06 12:01 - 2012-08-06 12:01 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2021-09-07 19:25 - 2021-08-27 22:38 - 000442200 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\libegl.dll
2021-09-07 19:25 - 2021-08-27 22:38 - 008154968 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\libglesv2.dll
2021-09-07 19:25 - 2021-08-27 22:38 - 004590424 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\vk_swiftshader.dll
2021-09-07 19:25 - 2021-08-27 22:38 - 000728920 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\vulkan-1.dll
2021-09-07 19:25 - 2021-08-27 22:37 - 170324312 _____ (Google LLC -> Google LLC) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\chrome.dll
2021-09-07 19:25 - 2021-08-27 22:38 - 001189208 _____ (Google LLC -> Google LLC) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\chrome_elf.dll
2021-09-07 19:25 - 2021-08-27 22:10 - 004891080 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Google\Chrome\Application\93.0.4577.63\D3DCompiler_47.dll
2021-09-12 14:07 - 2017-11-07 12:00 - 000544768 _____ (Novicorp) [File not signed] \\?\C:\Program Files (x86)\Novicorp WinToFlash\Language\lc0409.dll
2021-09-12 14:07 - 2017-11-07 12:00 - 000963072 _____ (Novicorp) [File not signed] C:\Program Files (x86)\Novicorp WinToFlash\Components\AboutDialog.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 8) (Whitelisted) ==========
HKU\S-1-5-21-2281150472-3489666352-2589934116-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxps://www.msn.com/cs-cz/?ocid=iehp
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-2281150472-3489666352-2589934116-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{57ED0CB4-2B21-4301-AF23-234284260458}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) [File not signed]
==================== Restore Points =========================
07-09-2021 19:16:27 Instalováno Realtek Ethernet Controller Driver
07-09-2021 19:17:49 Installed AMD SATA Controller Driver
07-09-2021 19:20:07 Instalováno Realtek Ethernet Diagnostic Utility
07-09-2021 19:22:07 Installed Platform
07-09-2021 19:23:20 Configured Platform
10-09-2021 15:54:14 Instalováno Realtek Ethernet Controller Driver
10-09-2021 15:59:47 Installed TP-Link Wireless Adapter WPS Tool and Driver
10-09-2021 16:11:15 Instalováno Atheros Communications Inc.(R) AR81Family Gigabit/FaJfÜZ
10-09-2021 16:17:36 Configured Platform
10-09-2021 16:18:46 Configured Platform
10-09-2021 16:50:26 Installed CSR Harmony Wireless Software Stack.
10-09-2021 18:29:40 Windows Update
10-09-2021 18:30:37 Windows Update
11-09-2021 09:28:57 Instalace balíčku ovladače zařízení: Disc-Soft Systémová zařízení
11-09-2021 10:14:22 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
11-09-2021 10:15:06 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
Error: (09/12/2021 06:58:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.
System errors:
=============
Error: (09/12/2021 06:58:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (09/12/2021 06:58:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (09/12/2021 06:58:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (09/12/2021 01:59:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (09/12/2021 01:59:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (09/12/2021 01:59:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (09/12/2021 01:41:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (09/12/2021 01:41:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V17.6 01/13/2012
Motherboard: MSI H61M-P21 (MS-7680)
Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Percentage of memory in use: 24%
Total physical RAM: 16365.96 MB
Available physical RAM: 12291.04 MB
Total Virtual: 32730.09 MB
Available Virtual: 27464.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:862.25 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Removable) (Total:14.52 GB) (Free:13.95 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B00F9B1F)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 14.6 GB) (Disk ID: 06DFE992)
Partition 1: (Active) - (Size=14.6 GB) - (Type=0C)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2021
Ran by Pocky (administrator) on POCKY-PC (MSI MS-7680) (12-09-2021 18:58:29)
Running from C:\Users\Pocky\Desktop
Loaded Profiles: Pocky
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Google LLC -> Google LLC) [File not signed] C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Novicorp) [File not signed] C:\Program Files (x86)\Novicorp WinToFlash\WinToFlash.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.) [File not signed]
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2494576 2010-10-08] (VIA Technologies Inc. -> VIA)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2494576 2010-10-08] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [msqbeySrv] => C:\Windows\inf\msqbey.vbe [1558 2013-08-27] () [File not signed]
HKU\S-1-5-21-2281150472-3489666352-2589934116-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\Windows\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.63\Installer\chrmstp.exe [2021-09-07] (Google LLC -> Google LLC) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2A119B3B-EDA2-4007-A18F-E5AFD589AA0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2021-09-07] (Google Inc -> Google Inc.)
Task: {D63CD625-A9B5-42A6-94B9-00B6A09E0702} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2021-09-07] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{768AC1A1-F09C-4495-9BE7-B88A357D684B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{85FA77A2-9E5E-4A45-9565-EEDA5B2F7BF2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DBDB85CC-A4DB-48F8-9065-D9BD77AD18DC}: [DhcpNameServer] 192.168.0.4 172.16.0.10 172.16.0.20
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default [2021-09-12]
CHR HomePage: Default -> hxxp://mail.ru/cnt/10445?gp=855100
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=855100"
CHR Extension: (Prezentace) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-07]
CHR Extension: (Dokumenty) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-07]
CHR Extension: (Disk Google) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-07]
CHR Extension: (YouTube) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-07]
CHR Extension: (Tabulky) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-07]
CHR Extension: (Gmail) - C:\Users\Pocky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
S2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\93.0.4577.63\elevation_service.exe [1483096 2021-08-27] (Google LLC -> Google LLC) [File not signed]
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-10-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2021-09-11] (DT Soft Ltd -> DT Soft Ltd)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [5273160 2017-12-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-12 18:58 - 2021-09-12 18:58 - 000010682 _____ C:\Users\Pocky\Desktop\FRST.txt
2021-09-12 14:07 - 2021-09-12 14:07 - 000001210 _____ C:\Users\Public\Desktop\Novicorp WinToFlash Lite.lnk
2021-09-12 14:07 - 2021-09-12 14:07 - 000000000 ____D C:\Users\Pocky\Documents\Multiboot Cache
2021-09-12 14:07 - 2021-09-12 14:07 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\Novicorp
2021-09-12 14:07 - 2021-09-12 14:07 - 000000000 ____D C:\Users\Pocky\AppData\Local\Novicorp
2021-09-12 14:07 - 2021-09-12 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Novicorp WinToFlash Lite
2021-09-12 14:07 - 2021-09-12 14:07 - 000000000 ____D C:\Program Files (x86)\Novicorp WinToFlash
2021-09-12 14:06 - 2021-09-12 14:06 - 009567962 _____ (Novicorp ) C:\Users\Pocky\Downloads\Novicorp_WinToFlash_Lite_The_Bootable_USB_Creator_1.13.0000_Setup.exe
2021-09-12 13:03 - 2021-09-12 13:41 - 000000070 _____ C:\Users\Pocky\Desktop\rufus.ini
2021-09-12 12:37 - 2021-09-12 12:59 - 000000000 ____D C:\AdwCleaner
2021-09-12 12:37 - 2021-09-12 12:37 - 008553680 _____ (Malwarebytes) C:\Users\Pocky\Desktop\adwcleaner_8.3.0.exe
2021-09-12 12:35 - 2021-09-12 14:06 - 000000270 __RSH C:\ProgramData\ntuser.pol
2021-09-12 12:35 - 2021-09-12 12:35 - 001181752 _____ (Akeo Consulting) C:\Users\Pocky\Desktop\rufus-3.15p.exe
2021-09-12 12:35 - 2021-09-12 12:35 - 000000070 _____ C:\Users\Pocky\Downloads\rufus.ini
2021-09-12 09:11 - 2021-09-12 09:11 - 000002144 _____ C:\Users\Pocky\Downloads\smime.p7s
2021-09-11 21:52 - 2021-09-11 22:02 - 598044672 _____ C:\Users\Pocky\Desktop\pt-pt_windows_xp_home_with_service_pack_3_x86_cd_x14-92425.iso
2021-09-11 21:51 - 2021-09-11 22:04 - 868036353 _____ C:\Users\Pocky\Downloads\Windows xp crystal cz+cd key.rar.rar
2021-09-11 21:51 - 2021-09-11 22:04 - 673089536 _____ C:\Users\Pocky\Desktop\WINDOWS XP SP3+.iso
2021-09-11 21:51 - 2021-09-11 22:03 - 728920064 _____ C:\Users\Pocky\Desktop\Windows xp SP3.iso
2021-09-11 21:51 - 2021-09-11 22:02 - 728612864 _____ C:\Users\Pocky\Desktop\Microsoft Windows XP Professional SP3 CZ [ 8.2013 ] .iso
2021-09-11 21:51 - 2021-09-11 22:02 - 648671232 _____ C:\Users\Pocky\Desktop\WIN XP Crystal.iso
2021-09-11 12:28 - 2021-09-11 12:34 - 639762432 _____ C:\Users\Pocky\Desktop\Windows XP_CZ_SP3.iso
2021-09-11 12:27 - 2021-09-11 12:28 - 683343872 _____ C:\Users\Pocky\Desktop\Windows XP.iso
2021-09-11 12:26 - 2021-09-11 12:26 - 000000000 ____D C:\Users\Pocky\Desktop\WIndows XP Windows 7 Windows Vista crack activator
2021-09-11 10:14 - 2021-09-11 10:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-09-11 10:14 - 2021-09-11 10:14 - 001420840 _____ (Microsoft Corporation) C:\Users\Pocky\Downloads\vcredist_arm.exe
2021-09-11 10:12 - 2021-09-11 10:12 - 069778584 _____ (Blizzard Entertainment) C:\Users\Pocky\Downloads\War3TFT_127a_Cesky.exe
2021-09-11 10:11 - 2021-09-11 10:11 - 000000000 _____ C:\Users\Pocky\regbcm
2021-09-11 10:10 - 2021-09-11 10:10 - 000001496 _____ C:\Users\Public\Desktop\Warcraft 3 Frozen Throne patch 1.26.lnk
2021-09-11 09:39 - 2021-09-11 09:39 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2021-09-11 09:36 - 2021-09-11 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft 3 Frozen Throne patch 1.26
2021-09-11 09:35 - 2021-09-11 09:35 - 000001960 _____ C:\Users\Pocky\Desktop\Frozen Throne.lnk
2021-09-11 09:32 - 2021-09-11 09:35 - 000056741 _____ C:\Windows\War3Unin.dat
2021-09-11 09:32 - 2021-09-11 09:34 - 000139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
2021-09-11 09:32 - 2021-09-11 09:34 - 000002829 _____ C:\Windows\War3Unin.pif
2021-09-11 09:32 - 2021-09-11 09:34 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2021-09-11 09:32 - 2021-09-11 09:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2021-09-11 09:32 - 2021-09-11 09:32 - 000001953 _____ C:\Users\Pocky\Desktop\Warcraft III.lnk
2021-09-11 09:31 - 2021-09-11 12:24 - 000000000 ____D C:\Program Files (x86)\Warcraft III
2021-09-11 09:28 - 2021-09-11 09:29 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\DAEMON Tools Lite
2021-09-11 09:28 - 2021-09-11 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2021-09-11 09:28 - 2021-09-11 09:29 - 000000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2021-09-11 09:28 - 2021-09-11 09:28 - 011193664 _____ (DT Soft Ltd.) C:\Users\Pocky\Downloads\Lite 4.40.2_DTLite4402-0131.exe
2021-09-11 09:28 - 2021-09-11 09:28 - 000254528 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2021-09-11 09:28 - 2021-09-11 09:28 - 000001954 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2021-09-11 09:28 - 2021-09-11 09:28 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2021-09-11 08:24 - 2021-09-11 08:26 - 836779400 _____ (simplix) C:\Users\Pocky\Downloads\UpdatePack7R2-21.8.11.exe
2021-09-11 08:24 - 2021-09-11 08:24 - 001050984 _____ (simplix) C:\Users\Pocky\Downloads\UpdatePack7R2.exe
2021-09-11 08:17 - 2021-09-11 08:17 - 121307088 _____ (Microsoft Corporation) C:\Users\Pocky\Downloads\ndp48-x86-x64-allos-enu (1).exe
2021-09-11 08:15 - 2021-09-11 08:15 - 121307088 _____ (Microsoft Corporation) C:\Users\Pocky\Downloads\ndp48-x86-x64-allos-enu.exe
2021-09-11 08:08 - 2021-09-11 08:08 - 001405792 _____ (Microsoft Corporation) C:\Users\Pocky\Downloads\ndp472-kb4054531-web.exe
2021-09-10 20:59 - 2021-09-10 21:01 - 869799936 _____ C:\Users\Pocky\Downloads\Neporazitelny 2 cz.avi
2021-09-10 20:37 - 2021-09-10 20:39 - 864607872 _____ C:\Users\Pocky\Downloads\01.NEPORAZITELNY CZ.avi
2021-09-10 19:03 - 2021-09-10 19:03 - 000000000 ____D C:\rsit
2021-09-10 19:03 - 2021-09-10 19:03 - 000000000 ____D C:\Program Files\trend micro
2021-09-10 19:02 - 2021-09-10 19:02 - 001222144 _____ C:\Users\Pocky\Downloads\RSITx64.exe
2021-09-10 19:01 - 2021-09-10 19:02 - 000008470 _____ C:\Users\Pocky\Downloads\Addition.txt
2021-09-10 19:00 - 2021-09-12 18:58 - 000000000 ____D C:\FRST
2021-09-10 19:00 - 2021-09-10 19:02 - 000033467 _____ C:\Users\Pocky\Downloads\FRST.txt
2021-09-10 18:50 - 2021-09-10 18:50 - 002302976 _____ (Farbar) C:\Users\Pocky\Desktop\FRST64.exe
2021-09-10 18:37 - 2021-09-10 18:38 - 021305248 _____ (Outbyte) C:\Users\Pocky\Downloads\0x800c0006-outbyte-pc-repair.exe
2021-09-10 18:33 - 2021-09-10 18:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf
2021-09-10 18:33 - 2021-09-10 18:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_csrpan_01009.Wdf
2021-09-10 18:33 - 2021-09-10 18:33 - 000000000 ____D C:\BluetoothExchangeFolder
2021-09-10 18:30 - 2021-09-10 18:30 - 011840839 _____ C:\Users\Pocky\Downloads\Windows6.1-KB2670838-x64.msu
2021-09-10 18:30 - 2021-09-10 18:30 - 005911327 _____ C:\Users\Pocky\Downloads\Windows6.1-KB2670838-x86.msu
2021-09-10 18:29 - 2021-09-10 18:29 - 013414711 _____ C:\Users\Pocky\Downloads\Windows6.1-KB2871997-v2-x64.msu
2021-09-10 18:09 - 2021-09-10 18:09 - 001260536 _____ (Microsoft Corporation) C:\Users\Pocky\Downloads\netfxrepairtool.exe
2021-09-10 18:09 - 2021-09-10 18:09 - 000247947 _____ C:\Users\Pocky\Desktop\FixDotNet20210910160950188.cab
2021-09-10 18:09 - 2021-09-10 18:09 - 000000000 ____D C:\c65cbaf97158f265f81f9bb2a59786
2021-09-10 17:49 - 2021-09-10 18:05 - 000000000 ____D C:\0f0d6fa86f0920561acbc7871b2ff642
2021-09-10 16:52 - 2021-09-10 16:52 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_csrusb_01009.Wdf
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Windows\system32\gl-ES
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Windows\system32\eu-ES
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Windows\system32\es-cl
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Windows\system32\ca-ES
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Program Files\CSR
2021-09-10 16:50 - 2021-09-10 16:50 - 000000000 ____D C:\Program Files (x86)\CSR
2021-09-10 16:49 - 2021-09-10 16:49 - 000000000 ____D C:\Users\Pocky\Desktop\Windows
2021-09-10 16:46 - 2021-09-10 16:47 - 427938830 _____ C:\Users\Pocky\Downloads\UB400_Driver.zip
2021-09-10 16:42 - 2021-09-10 16:42 - 000000000 ____D C:\Users\Pocky\AppData\Local\ElevatedDiagnostics
2021-09-10 16:24 - 2021-09-10 16:25 - 000000000 ____D C:\7f4d6a15fbd4012fce3bec8a181e966a
2021-09-10 16:19 - 2021-09-10 16:19 - 000001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
2021-09-10 16:19 - 2010-10-02 03:41 - 001349232 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2021-09-10 16:19 - 2010-10-02 03:41 - 000991856 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2021-09-10 16:19 - 2010-10-02 03:41 - 000549488 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2021-09-10 16:19 - 2010-10-02 03:41 - 000202864 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2021-09-10 16:19 - 2010-10-02 03:41 - 000091760 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2021-09-10 16:19 - 2010-10-02 03:41 - 000085616 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2021-09-10 16:19 - 2007-12-04 11:28 - 000086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2021-09-10 16:19 - 2007-12-04 11:28 - 000082432 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2021-09-10 16:18 - 2021-09-10 16:19 - 000001206 _____ C:\Users\Public\Desktop\HD VDeck.lnk
2021-09-10 16:18 - 2021-09-10 16:18 - 000000000 ____D C:\Windows\system32\SRSLabs
2021-09-10 16:18 - 2021-09-10 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA
2021-09-10 16:18 - 2021-09-10 16:18 - 000000000 ____D C:\Program Files\VIA
2021-09-10 16:18 - 2012-10-22 16:44 - 001161336 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2021-09-10 16:18 - 2012-10-22 16:44 - 000123512 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2021-09-10 16:18 - 2012-10-22 16:44 - 000070776 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2021-09-10 16:18 - 2012-10-22 16:44 - 000027768 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2021-09-10 16:18 - 2012-09-24 16:33 - 003141496 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVIA64.dll
2021-09-10 16:18 - 2012-09-24 16:32 - 002080120 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2021-09-10 16:18 - 2012-09-05 17:12 - 000860024 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2021-09-10 16:18 - 2012-07-15 13:16 - 000394104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2021-09-10 16:18 - 2011-09-27 18:13 - 000879616 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2021-09-10 16:18 - 2011-09-27 18:13 - 000739328 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2021-09-10 16:18 - 2011-09-27 18:13 - 000057856 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2021-09-10 16:18 - 2010-10-26 18:54 - 000053760 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2021-09-10 16:18 - 2009-07-31 11:40 - 000025600 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2021-09-10 16:17 - 2012-10-22 16:43 - 000055416 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 007163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64H.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64H.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64H.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64H.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64H.dll
2021-09-10 16:17 - 2011-12-15 13:16 - 000075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2021-09-10 16:17 - 2011-09-27 18:13 - 000619520 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2021-09-10 16:17 - 2011-09-27 18:13 - 000554496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2021-09-10 16:17 - 2010-10-26 18:55 - 000074240 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2021-09-10 16:14 - 2021-09-10 16:13 - 000008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2021-09-10 16:13 - 2021-09-10 16:14 - 000000000 ____D C:\Program Files (x86)\Intel
2021-09-10 16:13 - 2012-07-04 10:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2021-09-10 16:12 - 2021-09-10 16:12 - 000000000 ____D C:\Intel
2021-09-10 16:11 - 2021-09-10 16:11 - 000000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2021-09-10 16:11 - 2012-04-25 15:07 - 000104560 _____ (Qualcomm Atheros Co., Ltd.) C:\Windows\system32\Drivers\L1C62x64.sys
2021-09-10 16:10 - 2021-09-10 16:10 - 031121050 _____ C:\Users\Pocky\Downloads\LiveUpdate.zip
2021-09-10 16:10 - 2021-09-10 16:10 - 002881236 _____ C:\Users\Pocky\Downloads\SuperCharger_mb_1.3.0.29.zip
2021-09-10 16:09 - 2021-09-10 16:10 - 257198572 _____ C:\Users\Pocky\Downloads\intel_vga_7_mb.zip
2021-09-10 16:09 - 2021-09-10 16:10 - 148775988 _____ C:\Users\Pocky\Downloads\via_audio_mb_8.zip
2021-09-10 16:09 - 2021-09-10 16:10 - 066722018 _____ C:\Users\Pocky\Downloads\via_audio_ac97_vx7_mb.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 012474270 _____ C:\Users\Pocky\Downloads\Intel_RST_MB.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 005841701 _____ C:\Users\Pocky\Downloads\Atheros_lan_vx_mb.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 004135195 _____ C:\Users\Pocky\Downloads\intel6x_ime_mb.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 002796573 _____ C:\Users\Pocky\Downloads\intel_chipset_6_mb.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 001872438 _____ C:\Users\Pocky\Downloads\intel_rstrt_mb.zip
2021-09-10 16:09 - 2021-09-10 16:09 - 000612925 _____ C:\Users\Pocky\Downloads\Intel_RST_floppy_MB.zip
2021-09-10 16:01 - 2021-09-10 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2021-09-10 16:00 - 2021-09-10 16:00 - 000000000 ____D C:\Program Files (x86)\TP-Link
2021-09-10 15:59 - 2021-09-10 16:00 - 000000000 ____D C:\Users\Pocky\AppData\Local\TP-Link
2021-09-10 15:59 - 2021-09-10 15:59 - 000000000 ____D C:\ProgramData\TP-Link
2021-09-10 15:59 - 2017-12-07 05:12 - 005273160 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\rtwlanu.sys
2021-09-10 15:59 - 2017-12-07 05:12 - 005273160 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlanu.sys
2021-09-10 15:59 - 2017-12-07 05:12 - 001190976 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2021-09-10 15:59 - 2017-12-07 05:12 - 000132672 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\RtlExtUI.dll
2021-09-10 15:59 - 2017-12-07 05:12 - 000066624 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\system32\rtlCoInst.dll
2021-09-10 15:59 - 2017-12-07 05:11 - 000023961 _____ C:\Windows\system32\netrtwlanu.cat
2021-09-10 15:59 - 2017-12-07 01:04 - 000011794 _____ C:\Windows\system32\rtlCoInst.dat
2021-09-10 15:59 - 2017-12-07 01:04 - 000002083 _____ C:\Windows\system32\TP_TXPWR_LMT_Enc.txt
2021-09-10 15:59 - 2017-12-07 01:04 - 000002083 _____ C:\Windows\system32\Drivers\TP_TXPWR_LMT_Enc.txt
2021-09-10 15:59 - 2017-12-07 01:04 - 000000657 _____ C:\Windows\system32\TP_PHY_REG_PG_Enc.txt
2021-09-10 15:59 - 2017-12-07 01:04 - 000000657 _____ C:\Windows\system32\Drivers\TP_PHY_REG_PG_Enc.txt
2021-09-09 14:54 - 2021-09-09 14:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2021-09-08 04:25 - 2021-09-08 04:26 - 1325045760 _____ C:\Users\Pocky\Downloads\W7SP1_HOMEPREMIUM_64bit.iso
2021-09-07 20:10 - 2021-09-07 20:10 - 000008192 __RSH C:\BOOTSECT.BAK
2021-09-07 20:10 - 2021-09-07 19:15 - 000000000 ____D C:\Windows\Panther
2021-09-07 20:10 - 2010-11-21 05:23 - 000383786 __RSH C:\bootmgr
2021-09-07 19:38 - 2021-09-07 19:38 - 000000000 ____D C:\Users\Pocky\.gnutls
2021-09-07 19:34 - 2021-09-07 19:34 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ViaHub3_01011.Wdf
2021-09-07 19:33 - 2021-09-07 19:33 - 000057560 _____ C:\Users\Pocky\AppData\Local\GDIPFONTCACHEV1.DAT
2021-09-07 19:26 - 2021-09-11 08:52 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\vlc
2021-09-07 19:26 - 2021-09-07 19:39 - 000001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-09-07 19:26 - 2021-09-07 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-09-07 19:26 - 2021-09-07 19:26 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2021-09-07 19:25 - 2021-09-07 19:25 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-07 19:25 - 2021-09-07 19:25 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-07 19:24 - 2021-09-12 18:34 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-07 19:24 - 2021-09-07 19:36 - 000000000 ____D C:\Users\Pocky\AppData\Local\Google
2021-09-07 19:24 - 2021-09-07 19:29 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-07 19:24 - 2021-09-07 19:29 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-07 19:24 - 2021-09-07 19:24 - 000000000 ____D C:\Program Files\Google
2021-09-07 19:23 - 2013-08-12 11:13 - 000295424 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\xhcdrv.sys
2021-09-07 19:22 - 2021-09-10 16:18 - 000000000 ____D C:\Program Files (x86)\VIA
2021-09-07 19:22 - 2021-09-07 19:22 - 000000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2021-09-07 19:22 - 2021-09-07 19:22 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xhcdrv_01011.Wdf
2021-09-07 19:22 - 2021-09-07 19:22 - 000000000 ____D C:\Program Files\VIA XHCI UASP Utility
2021-09-07 19:22 - 2013-01-18 03:11 - 000086064 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\vusbstor.sys
2021-09-07 19:22 - 2012-06-02 16:35 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2021-09-07 19:21 - 2014-10-31 10:44 - 000225792 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\ViaHub3.sys
2021-09-07 19:20 - 2021-09-07 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2021-09-07 19:20 - 2011-09-16 09:12 - 000032360 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys
2021-09-07 19:20 - 2011-06-15 15:11 - 000058472 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys
2021-09-07 19:20 - 2011-06-15 15:11 - 000027136 _____ (Realtek ) C:\Windows\system32\Drivers\RtNdPt60.sys
2021-09-07 19:19 - 2021-09-07 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2021-09-07 19:19 - 2021-09-07 19:19 - 000000000 ____D C:\ProgramData\AMD
2021-09-07 19:19 - 2021-09-07 19:19 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2021-09-07 19:19 - 2021-09-07 19:19 - 000000000 ____D C:\Program Files (x86)\AMD APP
2021-09-07 19:19 - 2012-03-30 16:49 - 000056448 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2021-09-07 19:19 - 2010-02-18 09:18 - 000046136 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdiox64.sys
2021-09-07 19:18 - 2021-09-07 19:19 - 000000000 ____D C:\Program Files\ATI Technologies
2021-09-07 19:18 - 2021-09-07 19:18 - 000002060 _____ C:\Users\Public\Desktop\Play The Lord of the Rings Online™ - FREE for 10 Days!.lnk
2021-09-07 19:18 - 2021-09-07 19:18 - 000000000 ____D C:\Program Files\ATI
2021-09-07 19:18 - 2021-09-07 19:18 - 000000000 ____D C:\Program Files (x86)\ATI
2021-09-07 19:16 - 2021-09-10 16:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-09-07 19:16 - 2021-09-10 15:54 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-09-07 19:16 - 2014-06-17 14:13 - 000941272 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2021-09-07 19:16 - 2014-06-17 14:13 - 000107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2021-09-07 19:16 - 2014-06-17 14:13 - 000073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2021-09-07 19:15 - 2021-09-11 10:12 - 000000000 ____D C:\Users\Pocky\AppData\Local\VirtualStore
2021-09-07 19:15 - 2021-09-11 10:11 - 000000000 ____D C:\Users\Pocky
2021-09-07 19:15 - 2021-09-07 19:15 - 000001447 _____ C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2021-09-07 19:15 - 2021-09-07 19:15 - 000001413 _____ C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2021-09-07 19:15 - 2021-09-07 19:15 - 000000020 ___SH C:\Users\Pocky\ntuser.ini
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Šablony
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Soubory cookie
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Poslední
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Okolní tiskárny
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Okolní síť
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Nabídka Start
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Dokumenty
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Documents\Obrázky
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Documents\Hudba
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Documents\Filmy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\Data aplikací
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Pocky\AppData\Local\Data aplikací
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Šablony
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Poslední
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Šablony
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Plocha
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Oblíbené položky
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-09-07 19:15 - 2021-09-07 19:15 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-09-07 19:15 - 2011-04-12 10:45 - 000000000 ____D C:\Users\Pocky\AppData\Roaming\Media Center Programs
2021-09-07 19:12 - 2021-09-07 19:12 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2021-09-07 19:12 - 2021-09-07 19:12 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2021-08-24 19:52 - 2009-07-14 17:35 - 000226616 _____ (Advanced Micro Devices, Inc) C:\Windows\system32\Drivers\ahcix64s.sys
2021-08-24 19:52 - 2009-05-05 16:00 - 000016440 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\AtiPcie.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-12 12:35 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-09-12 12:35 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2021-09-12 09:04 - 2009-07-14 06:45 - 000022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-12 09:04 - 2009-07-14 06:45 - 000022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-11 12:58 - 2011-04-12 10:34 - 000622422 _____ C:\Windows\system32\perfh005.dat
2021-09-11 12:58 - 2011-04-12 10:34 - 000118604 _____ C:\Windows\system32\perfc005.dat
2021-09-11 12:58 - 2009-07-14 07:13 - 001445734 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-11 12:58 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-09-11 02:58 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2021-09-10 18:33 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-10 16:13 - 2011-09-22 09:49 - 000056600 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2021-09-10 15:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2021-09-07 20:10 - 2009-07-14 07:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2021-09-07 19:18 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2021-09-07 19:15 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Windows NT
2021-09-07 19:12 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2021-09-07 19:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\sysprep
2021-09-07 19:11 - 2009-07-14 06:45 - 000274736 _____ C:\Windows\system32\FNTCACHE.DAT
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-09-09 14:54
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka + pomoc
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [msqbeySrv] => C:\Windows\inf\msqbey.vbe [1558 2013-08-27] () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
JanHellsing
- Návštěvník
- Příspěvky: 91
- Registrován: 25 lis 2012 14:53
Re: Preventivka + pomoc
bohužel log se neoběvil. kde by se dal najít? proběhl pouze restart.
-
JanHellsing
- Návštěvník
- Příspěvky: 91
- Registrován: 25 lis 2012 14:53
Re: Preventivka + pomoc
tak asi nalezeno díky Dialix 
je zrovna na stejném kroku jako my snad je to tedy on:
Fix result of Farbar Recovery Scan Tool (x64) Version: 08-09-2021
Ran by Pocky (12-09-2021 20:11:23) Run:1
Running from C:\Users\Pocky\Desktop
Loaded Profiles: Pocky
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [msqbeySrv] => C:\Windows\inf\msqbey.vbe [1558 2013-08-27] () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\msqbeySrv" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13990023 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2911726 B
Edge => 0 B
Chrome => 410633215 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83565 B
systemprofile32 => 149793 B
LocalService => 216021 B
NetworkService => 320607 B
Pocky => 168060340 B
RecycleBin => 0 B
EmptyTemp: => 576.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:11:28 ====
je zrovna na stejném kroku jako my snad je to tedy on:Fix result of Farbar Recovery Scan Tool (x64) Version: 08-09-2021
Ran by Pocky (12-09-2021 20:11:23) Run:1
Running from C:\Users\Pocky\Desktop
Loaded Profiles: Pocky
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [msqbeySrv] => C:\Windows\inf\msqbey.vbe [1558 2013-08-27] () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\msqbeySrv" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13990023 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2911726 B
Edge => 0 B
Chrome => 410633215 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83565 B
systemprofile32 => 149793 B
LocalService => 216021 B
NetworkService => 320607 B
Pocky => 168060340 B
RecycleBin => 0 B
EmptyTemp: => 576.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:11:28 ====
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka + pomoc
Je to on a bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
JanHellsing
- Návštěvník
- Příspěvky: 91
- Registrován: 25 lis 2012 14:53
Re: Preventivka + pomoc
záleží v čem změna jelikož je to starčí pc které jsem trošku upravil tak co se týče rychlosti ta je bez problémů díky 1TB ssd, ramky 16gb. log jsem dával jhlavně kůli kontrole ale po vašem návodu ste určitě vyděl někde chybu akorád já nejsem trénovaný tak sem ji zatím nepostřehl ( upřímnost nadevše ) každopádně pomoc se hlavně týkala Net framework- nejde nainstalovat píše mi:
Verze OS = 6.1.7601, SP = 1.0, Platform 2, Service Pack 1
Popis OS = Win7 - x64 Home Premium Edition Service Pack 1
MSI = 5.0.7601.17514
Verze Windows = amd64_windowsfoundation_31bf3856ad364e35_6.1.7601.17514_none_615fdfe2a739474c.manifest Servis
Windows = 6.1.7601.17514
CommandLine = C: \ ad0ea3228f1d2339699489c9b84b \\ Setup.exe /x86 /x64 /redist
TimeZone = Střední Evropa (letní čas)
Počáteční LCID = 1029
Použití mechanismu simultánního stahování a instalace
Provoz: Instalace
Název
balíčku = Verze instalačního balíčku Microsoft .NET Framework 4.8 verze = 4.8.04115
Zásady shromažďování údajů o uživatelské zkušenosti: vždy aktualizováno
Počet příslušných položek: 10
C: \ ad0ea3228f1d2339699489c9b84b \ SetupUtility.exe - Ověření podpisu souboru SetupUtility.exe (C: \ ad0ea3228f1d2339699489c9b84b \ SetupUtility.exe) se nezdařilo s chybou 0x800b0109 (Certifikační řetěz byl zpracován, ale byl ukončen v partnerském certifikátu,
Není k dispozici žádný FileHash. Nelze provést ověření FileHash pro SetupUtility.exe
Soubor SetupUtility.exe (C: \ ad0ea3228f1d2339699489c9b84b \ SetupUtility.exe), neúspěšná autentizace. (Chyba = -2146762487). Doporučujeme tento soubor odstranit a zkusit znovu nastavení.
Konečný výsledek: Instalace se nezdařila s kódem chyby: (0x800B0109), „Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.“ (Uplynulý čas: 0 00:00:11).
a aktualizací ty hlásí chybu 80072EFE. což jsem psal i na úvod
( upřímnost nadevše ) každopádně pomoc se hlavně týkala Net framework- nejde nainstalovat píše mi:Verze OS = 6.1.7601, SP = 1.0, Platform 2, Service Pack 1
Popis OS = Win7 - x64 Home Premium Edition Service Pack 1
MSI = 5.0.7601.17514
Verze Windows = amd64_windowsfoundation_31bf3856ad364e35_6.1.7601.17514_none_615fdfe2a739474c.manifest Servis
Windows = 6.1.7601.17514
CommandLine = C: \ ad0ea3228f1d2339699489c9b84b \\ Setup.exe /x86 /x64 /redist
TimeZone = Střední Evropa (letní čas)
Počáteční LCID = 1029
Použití mechanismu simultánního stahování a instalace
Provoz: Instalace
Název
balíčku = Verze instalačního balíčku Microsoft .NET Framework 4.8 verze = 4.8.04115
Zásady shromažďování údajů o uživatelské zkušenosti: vždy aktualizováno
Počet příslušných položek: 10
C: \ ad0ea3228f1d2339699489c9b84b \ SetupUtility.exe - Ověření podpisu souboru SetupUtility.exe (C: \ ad0ea3228f1d2339699489c9b84b \ SetupUtility.exe) se nezdařilo s chybou 0x800b0109 (Certifikační řetěz byl zpracován, ale byl ukončen v partnerském certifikátu,
Není k dispozici žádný FileHash. Nelze provést ověření FileHash pro SetupUtility.exe
Soubor SetupUtility.exe (C: \ ad0ea3228f1d2339699489c9b84b \ SetupUtility.exe), neúspěšná autentizace. (Chyba = -2146762487). Doporučujeme tento soubor odstranit a zkusit znovu nastavení.
Konečný výsledek: Instalace se nezdařila s kódem chyby: (0x800B0109), „Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.“ (Uplynulý čas: 0 00:00:11).
a aktualizací ty hlásí chybu 80072EFE. což jsem psal i na úvod
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka + pomoc
Malware problém nezpůsobuje. Zkuste tento postup: https://www.bestonline.cz/windows-updat ... windows-7/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
JanHellsing
- Návštěvník
- Příspěvky: 91
- Registrován: 25 lis 2012 14:53
Re: Preventivka + pomoc
tak aktualizace se stahují. předpokládám že součástí aktualizací jsou i net framework??
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka + pomoc
To vám nyní nepovím. Uvidíte po stažení.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
JanHellsing
- Návštěvník
- Příspěvky: 91
- Registrován: 25 lis 2012 14:53
Re: Preventivka + pomoc
ano jsou součástí.. každopádně děkuji za vyřešení problému.
-
Rudy
- Site Admin
- Příspěvky: 118241
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka + pomoc
To jsem rád a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?