Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

E-maily odeslané přes TB na Gmail padají do spamu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
funkymusic
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 402
Registrován: 07 pro 2004 15:16

E-maily odeslané přes TB na Gmail padají do spamu

#1 Příspěvek od funkymusic »

Ahoj kolegové,
Mám takový zajímavý problém. Při odeslání mailu z Thunderbirdu (volny.cz, o2 internet - smtp nastavená smtp.o2isp.cz, port 587) na gmailovou adresu spadne tento e-mail do spamu. Při odeslání z webového prostředí se e-mail odešle bez problémů. Dle mxtoolbox.com se IP adresa nachází na blacklistu spamhaus ZEN.

Prosím Vás o pomoc s odvirováním počítače, abych mohl zažádat o smazání z BL. Žádné jiné viditelné problémy s počítačem nepozoruji.

Díky moc za pomoc borci!

Zde RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by KNR at 2019-05-01 21:37:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 110 GB (48%) free of 229 GB
Total RAM: 4076 MB (68% free)

HijackThis download failed

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
AvastUI.exe /nogui
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="22C98A3B-A00D-7400-763E-263DA47B216D" /binpath="C:\Program Files\AVAST Software\Avast"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Glary Utilities 5\Integrator.exe" /autostart
"C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe"
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
taskeng.exe {3C4139A6-3869-4ECE-98DD-4D301972006F}

"C:\Users\KNR\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\KNR\AppData\Roaming\Mozilla\Firefox\Profiles\2u4cs7g4.default

prefs.js - "browser.startup.homepage" - "https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0626__yaff"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@qq.com/npAndroidAssistant]
"Description"=QQPhoneManager Onekey-Install plug-in for Android Phones
"Path"=C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\KNR\AppData\Roaming\Mozilla\Firefox\Profiles\2u4cs7g4.default\searchplugins\
yahoo-lavasoft.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-07 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-07 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-04-24 261000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"GUDelayStartup"=C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [2019-04-09 44016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABBYY Screenshot Reader Bonus]
C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe [2013-06-25 941584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR12]
C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [2014-05-27 1472312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2018-07-03 18385368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GUDelayStartup]
C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [2019-04-09 44016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2019-01-08 9279544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype for Desktop]
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2019-03-26 53540200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 18\Program32\ZPSTRAY.EXE [2017-01-09 680520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 12.lnk]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=181

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"VIDC.FFDS"=ff_vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit -
.js - open -
.vbs - edit -
.vbs - open -

======List of files/folders created in the last 1 month======

2019-05-01 21:37:35 ----D---- C:\rsit
2019-05-01 21:37:35 ----D---- C:\Program Files\trend micro
2019-04-24 18:35:57 ----A---- C:\Windows\system32\aswBoot.exe
2019-04-13 12:56:55 ----D---- C:\Program Files\Google
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-04-10 07:12:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-04-10 07:12:13 ----A---- C:\Windows\SYSWOW64\user.exe
2019-04-10 07:12:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-10 07:12:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-04-10 07:12:12 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\wow64cpu.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\wdigest.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\sxssrv.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\sspisrv.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\srclient.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\secur32.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\msimg32.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\KernelBase.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\kernel32.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\drivers\processr.sys
2019-04-10 07:12:12 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-04-10 07:12:12 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-04-10 07:12:12 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-04-10 07:12:12 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-04-10 07:12:12 ----A---- C:\Windows\system32\csrsrv.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\cryptbase.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\comcat.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\appidsvc.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\appidapi.dll
2019-04-10 07:12:12 ----A---- C:\Windows\system32\apisetschema.dll
2019-04-10 07:12:11 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-04-10 07:12:11 ----A---- C:\Windows\system32\sscore.dll
2019-04-10 07:12:11 ----A---- C:\Windows\system32\srcore.dll
2019-04-10 07:12:11 ----A---- C:\Windows\system32\smss.exe
2019-04-10 07:12:11 ----A---- C:\Windows\system32\rpchttp.dll
2019-04-10 07:12:11 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2019-04-10 07:12:11 ----A---- C:\Windows\system32\ntdll.dll
2019-04-10 07:12:11 ----A---- C:\Windows\system32\hal.dll
2019-04-10 07:12:11 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-04-10 07:12:11 ----A---- C:\Windows\system32\drivers\npfs.sys
2019-04-10 07:12:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-04-10 07:12:11 ----A---- C:\Windows\system32\drivers\appid.sys
2019-04-10 07:12:11 ----A---- C:\Windows\system32\bcrypt.dll
2019-04-10 07:12:10 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-04-10 07:12:10 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-04-10 07:12:10 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-04-10 07:12:10 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-04-10 07:12:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-04-10 07:12:10 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-04-10 07:12:10 ----A---- C:\Windows\system32\wow64.dll
2019-04-10 07:12:10 ----A---- C:\Windows\system32\TSpkg.dll
2019-04-10 07:12:10 ----A---- C:\Windows\system32\sspicli.dll
2019-04-10 07:12:10 ----A---- C:\Windows\system32\srvsvc.dll
2019-04-10 07:12:10 ----A---- C:\Windows\system32\schannel.dll
2019-04-10 07:12:10 ----A---- C:\Windows\system32\rpcss.dll
2019-04-10 07:12:10 ----A---- C:\Windows\system32\rdpcorets.dll
2019-04-10 07:12:10 ----A---- C:\Windows\system32\ncrypt.dll
2019-04-10 07:12:10 ----A---- C:\Windows\system32\msv1_0.dll
2019-04-10 07:12:10 ----A---- C:\Windows\system32\lsass.exe
2019-04-10 07:12:10 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-04-10 07:12:09 ----A---- C:\Windows\system32\rpcrt4.dll
2019-04-10 07:12:09 ----A---- C:\Windows\system32\oleaut32.dll
2019-04-10 07:12:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-04-10 07:12:09 ----A---- C:\Windows\system32\lsasrv.dll
2019-04-10 07:12:09 ----A---- C:\Windows\system32\kerberos.dll
2019-04-10 07:12:09 ----A---- C:\Windows\system32\advapi32.dll
2019-04-10 07:12:08 ----A---- C:\Windows\system32\ole32.dll
2019-04-10 07:12:08 ----A---- C:\Windows\system32\mshtml.dll
2019-04-10 07:12:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-04-10 07:12:07 ----A---- C:\Windows\system32\wow64win.dll
2019-04-10 07:12:06 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-04-10 07:12:06 ----A---- C:\Windows\system32\mf3216.dll
2019-04-10 07:12:06 ----A---- C:\Windows\system32\ieframe.dll
2019-04-10 07:12:05 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-04-10 07:12:05 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-04-10 07:12:05 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-04-10 07:12:05 ----A---- C:\Windows\system32\msxml6.dll
2019-04-10 07:12:05 ----A---- C:\Windows\system32\msxml3.dll
2019-04-10 07:12:05 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-04-10 07:12:05 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-04-10 07:12:05 ----A---- C:\Windows\system32\drivers\srv.sys
2019-04-10 07:12:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-04-10 07:12:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-04-10 07:12:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-04-10 07:12:04 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2019-04-10 07:12:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-04-10 07:12:04 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-04-10 07:12:04 ----A---- C:\Windows\system32\wininet.dll
2019-04-10 07:12:04 ----A---- C:\Windows\system32\win32k.sys
2019-04-10 07:12:04 ----A---- C:\Windows\system32\urlmon.dll
2019-04-10 07:12:04 ----A---- C:\Windows\system32\rstrui.exe
2019-04-10 07:12:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-04-10 07:12:04 ----A---- C:\Windows\system32\conhost.exe
2019-04-10 07:12:04 ----A---- C:\Windows\system32\certcli.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\oleprn.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\msi.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-04-10 07:12:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\winsrv.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\vbscript.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\termsrv.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\rdpudd.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\rdpcore.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\oleprn.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\ntvdm64.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\msi.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\msfeeds.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\msaudite.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\iertutil.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\credssp.dll
2019-04-10 07:12:03 ----A---- C:\Windows\system32\auditpol.exe
2019-04-10 07:12:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-04-10 07:12:03 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-04-10 07:12:03 ----A---- C:\Windows\system32\adtschema.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-04-10 07:12:02 ----A---- C:\Windows\SYSWOW64\authui.dll
2019-04-10 07:12:02 ----A---- C:\Windows\system32\webcheck.dll
2019-04-10 07:12:02 ----A---- C:\Windows\system32\oleres.dll
2019-04-10 07:12:02 ----A---- C:\Windows\system32\msobjs.dll
2019-04-10 07:12:02 ----A---- C:\Windows\system32\msihnd.dll
2019-04-10 07:12:02 ----A---- C:\Windows\system32\msiexec.exe
2019-04-10 07:12:02 ----A---- C:\Windows\system32\jscript9.dll
2019-04-10 07:12:02 ----A---- C:\Windows\system32\jscript.dll
2019-04-10 07:12:02 ----A---- C:\Windows\system32\iedkcs32.dll
2019-04-10 07:12:02 ----A---- C:\Windows\system32\drivers\netbt.sys
2019-04-10 07:12:02 ----A---- C:\Windows\system32\drivers\luafv.sys
2019-04-10 07:12:02 ----A---- C:\Windows\system32\consent.exe
2019-04-10 07:12:02 ----A---- C:\Windows\system32\authui.dll
2019-04-10 07:12:02 ----A---- C:\Windows\system32\appinfo.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-04-10 07:12:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\occache.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\netbtugc.exe
2019-04-10 07:12:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-04-10 07:12:01 ----A---- C:\Windows\system32\msrating.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\msimsg.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\mshtmled.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\jsproxy.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\jscript9diag.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\inseng.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\ieUnatt.exe
2019-04-10 07:12:01 ----A---- C:\Windows\system32\ieui.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\iesetup.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\iernonce.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-04-10 07:12:01 ----A---- C:\Windows\system32\ieapfltr.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\ie4uinit.exe
2019-04-10 07:12:01 ----A---- C:\Windows\system32\dxtrans.dll
2019-04-10 07:12:01 ----A---- C:\Windows\system32\dxtmsft.dll
2019-04-10 07:12:00 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2019-04-10 07:12:00 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2019-04-10 07:12:00 ----A---- C:\Windows\system32\msxml6r.dll
2019-04-10 07:12:00 ----A---- C:\Windows\system32\msxml3r.dll
2019-04-10 07:12:00 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-04-06 15:57:58 ----A---- C:\Windows\system32\wksprt.exe
2019-04-06 15:57:58 ----A---- C:\Windows\system32\mstscax.dll
2019-04-06 15:57:57 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2019-04-06 15:57:57 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2019-04-06 15:57:57 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2019-04-06 15:57:57 ----A---- C:\Windows\system32\tsgqec.dll
2019-04-06 15:57:57 ----A---- C:\Windows\system32\rdvidcrl.dll
2019-04-06 10:35:27 ----A---- C:\Windows\system32\TSWbPrxy.exe
2019-04-05 14:35:46 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2019-04-05 14:35:46 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2019-04-05 14:35:46 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2019-04-05 14:35:46 ----A---- C:\Windows\system32\XAudio2_7.dll
2019-04-05 14:35:46 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2019-04-05 14:35:46 ----A---- C:\Windows\system32\xactengine3_7.dll
2019-04-05 14:35:45 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2019-04-05 14:35:45 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2019-04-05 14:35:45 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2019-04-05 14:35:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2019-04-05 14:35:45 ----A---- C:\Windows\system32\d3dx11_43.dll
2019-04-05 14:35:45 ----A---- C:\Windows\system32\d3dx10_43.dll
2019-04-05 14:35:45 ----A---- C:\Windows\system32\d3dcsx_43.dll
2019-04-05 14:35:45 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2019-04-05 14:35:44 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2019-04-05 14:35:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2019-04-05 14:35:44 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2019-04-05 14:35:44 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2019-04-05 14:35:44 ----A---- C:\Windows\system32\XAudio2_6.dll
2019-04-05 14:35:44 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2019-04-05 14:35:44 ----A---- C:\Windows\system32\xactengine3_6.dll
2019-04-05 14:35:44 ----A---- C:\Windows\system32\D3DX9_43.dll
2019-04-05 14:35:43 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2019-04-05 14:35:43 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2019-04-05 14:35:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2019-04-05 14:35:43 ----A---- C:\Windows\system32\XAudio2_5.dll
2019-04-05 14:35:43 ----A---- C:\Windows\system32\xactengine3_5.dll
2019-04-05 14:35:43 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2019-04-05 14:35:42 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2019-04-05 14:35:42 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2019-04-05 14:35:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2019-04-05 14:35:42 ----A---- C:\Windows\system32\d3dx11_42.dll
2019-04-05 14:35:42 ----A---- C:\Windows\system32\d3dcsx_42.dll
2019-04-05 14:35:42 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2019-04-05 14:35:41 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2019-04-05 14:35:41 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2019-04-05 14:35:41 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2019-04-05 14:35:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2019-04-05 14:35:41 ----A---- C:\Windows\system32\D3DX9_42.dll
2019-04-05 14:35:41 ----A---- C:\Windows\system32\d3dx10_42.dll
2019-04-05 14:35:41 ----A---- C:\Windows\system32\d3dx10_41.dll
2019-04-05 14:35:41 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2019-04-05 14:35:40 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2019-04-05 14:35:40 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2019-04-05 14:35:40 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2019-04-05 14:35:40 ----A---- C:\Windows\system32\XAudio2_4.dll
2019-04-05 14:35:40 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2019-04-05 14:35:40 ----A---- C:\Windows\system32\D3DX9_41.dll
2019-04-05 14:35:39 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2019-04-05 14:35:39 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2019-04-05 14:35:39 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2019-04-05 14:35:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2019-04-05 14:35:39 ----A---- C:\Windows\system32\xactengine3_4.dll
2019-04-05 14:35:39 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2019-04-05 14:35:39 ----A---- C:\Windows\system32\d3dx10_40.dll
2019-04-05 14:35:39 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2019-04-05 14:35:38 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2019-04-05 14:35:38 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2019-04-05 14:35:38 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2019-04-05 14:35:38 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2019-04-05 14:35:38 ----A---- C:\Windows\system32\XAudio2_3.dll
2019-04-05 14:35:38 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2019-04-05 14:35:38 ----A---- C:\Windows\system32\xactengine3_3.dll
2019-04-05 14:35:38 ----A---- C:\Windows\system32\D3DX9_40.dll
2019-04-05 14:35:37 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2019-04-05 14:35:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2019-04-05 14:35:37 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2019-04-05 14:35:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2019-04-05 14:35:37 ----A---- C:\Windows\system32\XAudio2_2.dll
2019-04-05 14:35:37 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2019-04-05 14:35:37 ----A---- C:\Windows\system32\xactengine3_2.dll
2019-04-05 14:35:37 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2019-04-05 14:35:36 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2019-04-05 14:35:36 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2019-04-05 14:35:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2019-04-05 14:35:36 ----A---- C:\Windows\system32\D3DX9_39.dll
2019-04-05 14:35:36 ----A---- C:\Windows\system32\d3dx10_39.dll
2019-04-05 14:35:36 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2019-04-05 14:35:35 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2019-04-05 14:35:35 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2019-04-05 14:35:35 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2019-04-05 14:35:35 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2019-04-05 14:35:35 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2019-04-05 14:35:35 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2019-04-05 14:35:35 ----A---- C:\Windows\system32\XAudio2_1.dll
2019-04-05 14:35:35 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2019-04-05 14:35:35 ----A---- C:\Windows\system32\xactengine3_1.dll
2019-04-05 14:35:35 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2019-04-05 14:35:35 ----A---- C:\Windows\system32\d3dx10_38.dll
2019-04-05 14:35:35 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2019-04-05 14:35:34 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2019-04-05 14:35:34 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2019-04-05 14:35:34 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2019-04-05 14:35:34 ----A---- C:\Windows\system32\XAudio2_0.dll
2019-04-05 14:35:34 ----A---- C:\Windows\system32\xactengine3_0.dll
2019-04-05 14:35:34 ----A---- C:\Windows\system32\D3DX9_38.dll
2019-04-05 14:35:33 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2019-04-05 14:35:33 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2019-04-05 14:35:33 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2019-04-05 14:35:33 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2019-04-05 14:35:33 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2019-04-05 14:35:33 ----A---- C:\Windows\system32\D3DX9_37.dll
2019-04-05 14:35:33 ----A---- C:\Windows\system32\d3dx10_37.dll
2019-04-05 14:35:33 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2019-04-05 14:35:32 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2019-04-05 14:35:32 ----A---- C:\Windows\system32\xactengine2_10.dll
2019-04-05 14:34:26 ----D---- C:\Windows\SYSWOW64\directx
2019-04-05 14:20:27 ----D---- C:\Users\KNR\AppData\Roaming\MPC-BE
2019-04-05 14:20:26 ----D---- C:\Program Files\MPC-BE x64
2019-04-05 11:44:17 ----A---- C:\Windows\system32\FNTCACHE.DAT
2019-04-05 11:01:41 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2019-04-05 11:01:40 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2019-04-05 11:01:40 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2019-04-05 11:01:40 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2019-04-05 11:01:39 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2019-04-05 11:01:39 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2019-04-05 11:01:39 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2019-04-05 11:01:39 ----A---- C:\Windows\system32\wksprtPS.dll
2019-04-05 11:01:39 ----A---- C:\Windows\system32\mstsc.exe
2019-04-05 11:01:39 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2019-04-05 10:59:23 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2019-04-05 10:59:22 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2019-04-05 10:59:22 ----A---- C:\Windows\system32\rdpendp_winip.dll
2019-04-05 10:51:48 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2019-04-05 10:51:48 ----A---- C:\Windows\system32\KBDAZEL.DLL
2019-04-05 10:51:48 ----A---- C:\Windows\system32\KBDAZE.DLL
2019-04-05 10:51:47 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2019-04-05 10:51:47 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2019-04-05 10:51:47 ----A---- C:\Windows\system32\kbdgeoqw.dll
2019-04-05 10:51:25 ----A---- C:\Windows\system32\shell32.dll
2019-04-05 10:51:24 ----A---- C:\Windows\SYSWOW64\shell32.dll
2019-04-05 10:51:24 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2019-04-05 10:51:24 ----A---- C:\Windows\system32\gdi32.dll
2019-04-05 10:51:23 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2019-04-05 10:51:23 ----A---- C:\Windows\system32\ExplorerFrame.dll
2019-04-05 10:51:21 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-04-05 10:51:21 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2019-05-01 21:37:35 ----RD---- C:\Program Files
2019-05-01 21:37:35 ----D---- C:\Users\KNR\AppData\Roaming\Mozilla
2019-05-01 21:37:34 ----D---- C:\Windows\Temp
2019-05-01 21:32:48 ----D---- C:\Windows\System32
2019-05-01 21:32:48 ----D---- C:\Windows\inf
2019-05-01 21:32:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-05-01 21:29:10 ----D---- C:\Program Files (x86)\Glary Utilities 5
2019-04-29 17:48:05 ----D---- C:\Windows\system32\config
2019-04-29 16:28:43 ----D---- C:\Users\KNR\AppData\Roaming\Thunderbird
2019-04-29 06:47:08 ----D---- C:\Users\KNR\AppData\Roaming\vlc
2019-04-28 14:08:46 ----D---- C:\Windows
2019-04-26 17:20:21 ----D---- C:\Windows\system32\catroot2
2019-04-25 08:11:14 ----D---- C:\Windows\system32\drivers
2019-04-24 18:36:05 ----D---- C:\Windows\system32\Tasks
2019-04-23 20:04:57 ----A---- C:\LOGFILE.TXT
2019-04-22 20:16:28 ----SHD---- C:\System Volume Information
2019-04-14 01:46:29 ----D---- C:\Windows\SoftwareDistribution
2019-04-13 19:01:49 ----D---- C:\Users\KNR\AppData\Roaming\MPC-HC
2019-04-13 13:00:50 ----SHD---- C:\Windows\Installer
2019-04-13 13:00:50 ----SHD---- C:\Config.Msi
2019-04-13 12:58:41 ----RD---- C:\Program Files (x86)
2019-04-12 06:53:12 ----D---- C:\Windows\SysWOW64
2019-04-10 15:55:19 ----D---- C:\Windows\Microsoft.NET
2019-04-10 15:54:49 ----RSD---- C:\Windows\assembly
2019-04-10 15:26:39 ----D---- C:\Windows\winsxs
2019-04-10 15:25:03 ----D---- C:\Program Files\Internet Explorer
2019-04-10 15:25:03 ----D---- C:\Program Files (x86)\Internet Explorer
2019-04-10 15:25:02 ----D---- C:\Windows\SYSWOW64\en-US
2019-04-10 15:25:02 ----D---- C:\Windows\SYSWOW64\cs-CZ
2019-04-10 15:25:01 ----D---- C:\Windows\system32\en-US
2019-04-10 15:25:01 ----D---- C:\Windows\system32\drivers\en-US
2019-04-10 15:25:01 ----D---- C:\Windows\system32\cs-CZ
2019-04-10 15:25:00 ----D---- C:\Windows\system32\Boot
2019-04-10 15:25:00 ----D---- C:\Windows\AppPatch
2019-04-10 15:24:58 ----D---- C:\Windows\system32\DriverStore
2019-04-10 09:14:36 ----D---- C:\Windows\system32\MRT
2019-04-10 09:10:39 ----D---- C:\Windows\debug
2019-04-10 09:10:32 ----AC---- C:\Windows\system32\MRT.exe
2019-04-07 18:43:33 ----D---- C:\Windows\Logs
2019-04-07 16:46:06 ----D---- C:\Windows\A5W_DATA
2019-04-07 16:29:48 ----A---- C:\Windows\A5W.INI
2019-04-06 11:48:50 ----A---- C:\Windows\SOFTPEG.INI
2019-04-05 14:34:26 ----D---- C:\temp
2019-04-05 11:06:51 ----D---- C:\Windows\SYSWOW64\wbem
2019-04-05 11:06:51 ----D---- C:\Windows\system32\wbem
2019-04-05 11:06:50 ----RSD---- C:\Windows\Fonts
2019-04-05 11:06:50 ----D---- C:\Windows\PolicyDefinitions
2019-04-05 10:56:16 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide64;amdide64; C:\Windows\system32\DRIVERS\amdide64.sys [2015-10-16 11944]
R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2019-04-24 37104]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-04-24 196000]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblog.sys [2019-04-24 320624]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-04-24 57888]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-04-24 88160]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-04-24 385848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-04-24 205400]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-04-24 254128]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2019-04-24 257832]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-04-24 42288]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-04-24 112520]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-04-24 1031000]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-04-24 476776]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 516096]
R1 GUBootStartup;GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [2018-07-13 28936]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-07-14 27552]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-04-24 166848]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-04-24 220640]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-11-20 21516800]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-11-20 483840]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-21 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2019-01-08 6380600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2018-11-21 1087424]
S1 QMUdisk;tencent QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMUdisk64.sys []
S1 softaal;softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\softaal64.sys []
S1 SRepairDrv;SRepairDrv; \??\C:\Windows\GJFix\SRepairDrv []
S1 TsDefenseBt;TsDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys []
S2 tsnethlpx64;TsNetHlpX64.sys; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys []
S3 AmUStor;Al USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2018-02-07 90560]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2016-06-21 42536]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [2014-01-07 14872]
S3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2015-10-22 60928]
S3 GUMHFilter;GUMHFilter; C:\Windows\system32\DRIVERS\GUMHFilter.sys [2016-02-18 20096]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2017-07-14 16056]
S3 TSSKX64;TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [2016-03-09 45368]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-04-24 362488]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-04-24 6660888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
S3 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-11-20 296448]
S3 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-16 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-16 144200]
S3 ICEsoundService;ICEsound Service; C:\Windows\system32\ICEsoundService64.exe [2019-01-08 799240]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-03-26 116224]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-09-19 6347056]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-03-19 217040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TechSmith Uploader Service;TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [2015-01-26 3408384]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-17 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by KNR (administrator) on KNR-PC (01-05-2019 21:39:27)
Running from C:\Users\KNR\Desktop
Loaded Profiles: KNR (Available Profiles: KNR)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2019-04-09] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3571200 2015-02-28] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [182272 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\i263_32.drv [391168 1997-08-27] (Intel Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.I263] => C:\Windows\SysWOW64\I263_32.drv [391168 1997-08-27] (Intel Corporation) [File not signed]
HKLM\...\Drivers32-x32: [VIDC.IV41] => ir41_32.ax
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [110592 2003-04-16] (TechSmith Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3591680 2015-02-28] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
BootExecute: autocheck autochk *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23A3B95D-AF13-41D4-BC00-3AE9B9B8737C} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [915952 2019-04-09] (Glarysoft LTD -> Glarysoft Ltd)
Task: {2D99A041-82C6-4E1E-A061-66E7CA27A202} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2F4C5F89-8EC3-428B-9C77-8B70BB44A0CC} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56640 2015-08-11] (TechSmith Corporation -> TechSmith Corporation)
Task: {3AAC6D83-DCE5-42AD-8A0D-BDE983BFF65B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {40F3551A-31A8-4724-86E0-5A174C030838} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {657B2C15-CE1A-4519-A15F-F5D4A4CF4BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-16] (Google Inc -> Google Inc.)
Task: {9E33096D-9E66-4E19-A209-298E8E02C7CC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-07-03] (Piriform Ltd -> Piriform Ltd)
Task: {B561885A-8DF8-457E-92C2-316646B881A1} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {BB3D5B36-6BE7-4E84-94BE-A1CC1CFD8EB8} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [135672 2019-04-09] (Glarysoft LTD -> Glarysoft Ltd)
Task: {D17C3B59-745A-4578-96D7-7D483A351265} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [533200 2018-07-03] (Piriform Ltd -> Piriform Ltd)
Task: {D83EFD96-0E14-4FFF-8A1E-5BF29D14D6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-16] (Google Inc -> Google Inc.)
Task: {F63DBC30-9B83-4DC4-8DB8-72F64D444A7C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
HKLM\System\...\Parameters\PersistentRoutes: [23.218.212.69,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [204.160.124.125,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [8.254.25.126,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [198.78.194.252,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [198.78.209.253,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [8.254.23.254,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [157.56.91.82,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [104.79.147.136,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [23.61.72.70,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.185.126,255.255.255.255,127.0.0.1,1]
PersistentRoutes: There are 63 PersistentRoutes.


Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-825402696-3782770724-1342242442-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {2E71F9A1-DAEC-477D-9EEA-41C60E5BBC76} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {81F8BC81-3EE7-489A-81C0-D046CB910FE1} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {8D42ADE1-89E5-4570-8A9F-1D5469EC5AAD} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {A888AE94-6EE9-496E-89CE-560C8688C9FF} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {A8E42571-D589-42A7-BD74-79C51C907A92} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {C7DE935C-C096-4025-BF10-BDBCD3CB08C1} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {CBDE38DD-AA81-48DB-8087-01C3B61C726E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {EEF1609F-A1CC-4E18-A5F9-8B29E6256628} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {F233CB0B-ABC2-41DD-B0D3-EC69795EF6DC} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-07] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File

FireFox:
========
FF DefaultProfile: 2u4cs7g4.default
FF ProfilePath: C:\Users\KNR\AppData\Roaming\Mozilla\Firefox\Profiles\2u4cs7g4.default [2019-04-21]
FF Homepage: Mozilla\Firefox\Profiles\2u4cs7g4.default -> hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0626__yaff
FF NewTab: Mozilla\Firefox\Profiles\2u4cs7g4.default -> hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0626__yaff
FF Extension: (SaveFrom.net helper) - C:\Users\KNR\AppData\Roaming\Mozilla\Firefox\Profiles\2u4cs7g4.default\Extensions\helper-sig@savefrom.net.xpi [2018-03-07] [UpdateUrl:hxxps://download.sf-helper.com/mozilla/updates.json]
FF Extension: (Avast Online Security) - C:\Users\KNR\AppData\Roaming\Mozilla\Firefox\Profiles\2u4cs7g4.default\Extensions\wrc@avast.com.xpi [2018-07-17]
FF SearchPlugin: C:\Users\KNR\AppData\Roaming\Mozilla\Firefox\Profiles\2u4cs7g4.default\searchplugins\yahoo-lavasoft.xml [2016-06-26]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-13] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-13] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default [2019-04-21]
CHR Extension: (Docs) - C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-16]
CHR Extension: (YouTube) - C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (电脑管家上网防护) - C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-03-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [296448 2015-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
S3 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [799240 2019-01-08] (ICEpower a/s -> ICEpower)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S3 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 QQPCRTP; no ImagePath

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2015-10-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R3 amdiox64; C:\Windows\System32\DRIVERS\amdiox64.sys [46136 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21516800 2015-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [483840 2015-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [90560 2018-02-07] (Alcorlink Corp. -> Alcorlink Corp.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254128 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320624 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57888 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [257832 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1031000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476776 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220640 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-06-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [42536 2016-06-21] (IVT CORPORATION -> IVT Corporation.)
S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] (Enigma Software Group USA, LLC -> )
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [60928 2015-10-22] (Microsoft Windows Hardware Compatibility Publisher -> GenesysLogic)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-07-13] (Glarysoft LTD -> Glarysoft Ltd)
S3 GUMHFilter; C:\Windows\System32\DRIVERS\GUMHFilter.sys [20096 2016-02-18] (Glarysoft LTD -> GlarySoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-07-14] (Martin Malik - REALiX -> REALiX(tm))
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2017-07-14] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [45368 2016-03-09] (Tencent Technology(Shenzhen) Company Limited -> 电脑管家)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
U3 DfSdkS; no ImagePath
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMUdisk64.sys [X]
S1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\softaal64.sys [X]
S1 SRepairDrv; \??\C:\Windows\GJFix\SRepairDrv [X]
S1 TsDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [X]

funkymusic
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 402
Registrován: 07 pro 2004 15:16

Re: E-maily odeslané přes TB na Gmail padají do spamu

#2 Příspěvek od funkymusic »

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 21:39 - 2019-05-01 21:40 - 000021544 _____ C:\Users\KNR\Desktop\FRST.txt
2019-05-01 21:39 - 2019-05-01 21:39 - 000000000 ____D C:\FRST
2019-05-01 21:37 - 2019-05-01 21:37 - 000000000 ____D C:\rsit
2019-05-01 21:37 - 2019-05-01 21:37 - 000000000 ____D C:\Program Files\trend micro
2019-05-01 21:37 - 2019-05-01 21:36 - 002430464 _____ (Farbar) C:\Users\KNR\Desktop\FRST64.exe
2019-05-01 21:37 - 2019-05-01 21:36 - 001222144 _____ C:\Users\KNR\Desktop\RSITx64.exe
2019-04-24 18:35 - 2019-04-24 18:35 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-04-13 12:57 - 2019-04-13 12:57 - 000002192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-04-13 12:57 - 2019-04-13 12:57 - 000002180 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-04-13 12:56 - 2019-04-13 12:56 - 000000000 ____D C:\Program Files\Google
2019-04-12 18:15 - 2019-04-24 18:36 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-10 07:12 - 2019-04-02 03:57 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-04-10 07:12 - 2019-03-29 03:36 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-10 07:12 - 2019-03-28 05:35 - 000348776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-04-10 07:12 - 2019-03-28 03:55 - 000397120 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-04-10 07:12 - 2019-03-27 02:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-10 07:12 - 2019-03-26 08:14 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-10 07:12 - 2019-03-26 08:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-04-10 07:12 - 2019-03-26 08:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-04-10 07:12 - 2019-03-26 07:52 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-10 07:12 - 2019-03-26 07:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-04-10 07:12 - 2019-03-26 07:51 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-04-10 07:12 - 2019-03-26 07:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-10 07:12 - 2019-03-26 07:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-04-10 07:12 - 2019-03-26 07:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-04-10 07:12 - 2019-03-26 07:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-04-10 07:12 - 2019-03-26 07:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-04-10 07:12 - 2019-03-26 07:41 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-04-10 07:12 - 2019-03-26 07:40 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-10 07:12 - 2019-03-26 07:40 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-10 07:12 - 2019-03-26 07:40 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-10 07:12 - 2019-03-26 07:40 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-04-10 07:12 - 2019-03-26 07:40 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-04-10 07:12 - 2019-03-26 07:35 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-04-10 07:12 - 2019-03-26 07:31 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-04-10 07:12 - 2019-03-26 07:26 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-04-10 07:12 - 2019-03-26 07:26 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-04-10 07:12 - 2019-03-26 07:25 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-04-10 07:12 - 2019-03-26 07:22 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-04-10 07:12 - 2019-03-26 07:22 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-04-10 07:12 - 2019-03-26 07:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-04-10 07:12 - 2019-03-26 07:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-04-10 07:12 - 2019-03-26 07:12 - 020280832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-04-10 07:12 - 2019-03-26 07:10 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-04-10 07:12 - 2019-03-26 07:08 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-04-10 07:12 - 2019-03-26 07:08 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-04-10 07:12 - 2019-03-26 07:07 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-04-10 07:12 - 2019-03-26 07:06 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-04-10 07:12 - 2019-03-26 07:05 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-10 07:12 - 2019-03-26 07:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-04-10 07:12 - 2019-03-26 07:00 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-04-10 07:12 - 2019-03-26 06:51 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-04-10 07:12 - 2019-03-26 06:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-04-10 07:12 - 2019-03-26 06:50 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-04-10 07:12 - 2019-03-26 06:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-04-10 07:12 - 2019-03-26 06:50 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-04-10 07:12 - 2019-03-26 06:48 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-04-10 07:12 - 2019-03-26 06:48 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-04-10 07:12 - 2019-03-26 06:46 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-04-10 07:12 - 2019-03-26 06:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-04-10 07:12 - 2019-03-26 06:44 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-04-10 07:12 - 2019-03-26 06:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-04-10 07:12 - 2019-03-26 06:43 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-10 07:12 - 2019-03-26 06:43 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-04-10 07:12 - 2019-03-26 06:36 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-10 07:12 - 2019-03-26 06:36 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-04-10 07:12 - 2019-03-26 06:33 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-04-10 07:12 - 2019-03-26 06:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-04-10 07:12 - 2019-03-26 06:32 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-04-10 07:12 - 2019-03-26 06:31 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-04-10 07:12 - 2019-03-26 06:29 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-10 07:12 - 2019-03-26 06:29 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-04-10 07:12 - 2019-03-26 06:29 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-04-10 07:12 - 2019-03-26 06:28 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-04-10 07:12 - 2019-03-26 06:24 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-04-10 07:12 - 2019-03-26 06:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-04-10 07:12 - 2019-03-26 06:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-04-10 07:12 - 2019-03-26 06:21 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-04-10 07:12 - 2019-03-26 06:21 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-04-10 07:12 - 2019-03-26 06:08 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-04-10 07:12 - 2019-03-26 06:04 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-04-10 07:12 - 2019-03-26 06:02 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-04-10 07:12 - 2019-03-21 04:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-10 07:12 - 2019-03-21 04:13 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-04-10 07:12 - 2019-03-21 04:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-04-10 07:12 - 2019-03-21 04:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-04-10 07:12 - 2019-03-21 04:13 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-04-10 07:12 - 2019-03-21 04:12 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-04-10 07:12 - 2019-03-21 04:12 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-04-10 07:12 - 2019-03-21 04:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:03 - 003961576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-04-10 07:12 - 2019-03-21 04:02 - 004056296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-04-10 07:12 - 2019-03-21 04:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 03:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-04-10 07:12 - 2019-03-21 03:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-04-10 07:12 - 2019-03-21 03:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-04-10 07:12 - 2019-03-21 03:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-04-10 07:12 - 2019-03-21 03:41 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-04-10 07:12 - 2019-03-21 03:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-04-10 07:12 - 2019-03-21 03:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-04-10 07:12 - 2019-03-21 03:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-04-10 07:12 - 2019-03-21 03:40 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-04-10 07:12 - 2019-03-21 03:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-04-10 07:12 - 2019-03-21 03:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-04-10 07:12 - 2019-03-21 03:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-04-10 07:12 - 2019-03-21 03:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-04-10 07:12 - 2019-03-21 03:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-04-10 07:12 - 2019-03-21 03:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-04-10 07:12 - 2019-03-21 03:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-04-10 07:12 - 2019-03-21 03:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-04-10 07:12 - 2019-03-21 03:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-04-10 07:12 - 2019-03-21 03:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-04-10 07:12 - 2019-03-21 03:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-04-10 07:12 - 2019-03-21 03:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-04-10 07:12 - 2019-03-21 03:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 03:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-04-10 07:12 - 2019-03-16 06:11 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-10 07:12 - 2019-03-16 06:09 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-04-10 07:12 - 2019-03-16 06:08 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-04-10 07:12 - 2019-03-16 06:08 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-04-10 07:12 - 2019-03-16 05:42 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-04-10 07:12 - 2019-03-16 05:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-04-10 07:12 - 2019-03-16 05:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-04-10 07:12 - 2019-03-13 16:35 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-04-10 07:12 - 2019-03-13 16:35 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-04-10 07:12 - 2019-03-12 16:34 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-04-10 07:12 - 2019-03-12 16:34 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-04-10 07:12 - 2019-03-12 16:34 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 001894912 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 000688128 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 001391616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-04-10 07:12 - 2019-02-21 17:48 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2019-04-10 07:12 - 2019-02-21 17:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2019-04-10 07:12 - 2019-02-21 17:37 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-10 07:12 - 2018-11-18 04:44 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-04-10 07:12 - 2018-11-18 04:44 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2019-04-06 15:57 - 2015-07-16 21:12 - 006131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-04-06 15:57 - 2015-07-16 21:12 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2019-04-06 15:57 - 2015-07-16 21:12 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-04-06 15:57 - 2015-07-16 21:11 - 007077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-04-06 15:57 - 2015-07-16 21:11 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2019-04-06 15:57 - 2015-07-16 21:11 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-04-06 15:57 - 2015-07-11 15:15 - 000429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2019-04-06 10:35 - 2014-12-11 19:47 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2019-04-05 14:35 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2019-04-05 14:35 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-04-05 14:35 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2019-04-05 14:35 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2019-04-05 14:35 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-04-05 14:35 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2019-04-05 14:35 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2019-04-05 14:35 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2019-04-05 14:35 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2019-04-05 14:35 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2019-04-05 14:35 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2019-04-05 14:35 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2019-04-05 14:35 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2019-04-05 14:35 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2019-04-05 14:35 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2019-04-05 14:35 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2019-04-05 14:35 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2019-04-05 14:35 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2019-04-05 14:35 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2019-04-05 14:35 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2019-04-05 14:35 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2019-04-05 14:35 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2019-04-05 14:35 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2019-04-05 14:35 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2019-04-05 14:35 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2019-04-05 14:35 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2019-04-05 14:35 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2019-04-05 14:35 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2019-04-05 14:35 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2019-04-05 14:35 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2019-04-05 14:35 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2019-04-05 14:35 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2019-04-05 14:35 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2019-04-05 14:35 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2019-04-05 14:35 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2019-04-05 14:35 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2019-04-05 14:35 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2019-04-05 14:35 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2019-04-05 14:35 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2019-04-05 14:35 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2019-04-05 14:34 - 2019-04-05 14:35 - 000000000 ____D C:\Windows\SysWOW64\directx
2019-04-05 14:20 - 2019-04-07 18:43 - 000000000 ____D C:\Users\KNR\AppData\Roaming\MPC-BE
2019-04-05 14:20 - 2019-04-05 14:20 - 000001742 _____ C:\Users\KNR\Desktop\MPC-BE x64.lnk
2019-04-05 14:20 - 2019-04-05 14:20 - 000000000 ____D C:\Program Files\MPC-BE x64
2019-04-05 11:44 - 2019-04-10 15:26 - 000419312 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-05 11:22 - 2019-04-05 11:22 - 000109688 _____ C:\Users\KNR\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-05 11:01 - 2013-10-02 04:22 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2019-04-05 11:01 - 2013-10-02 04:11 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2019-04-05 11:01 - 2013-10-02 04:08 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2019-04-05 11:01 - 2013-10-02 03:48 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2019-04-05 11:01 - 2013-10-02 03:48 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2019-04-05 11:01 - 2013-10-02 03:10 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2019-04-05 11:01 - 2013-10-02 02:14 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2019-04-05 11:01 - 2013-10-02 02:14 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2019-04-05 11:01 - 2013-10-02 01:31 - 001147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2019-04-05 11:01 - 2013-10-02 00:34 - 001068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2019-04-05 10:59 - 2012-08-23 16:10 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2019-04-05 10:59 - 2012-08-23 13:12 - 000192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2019-04-05 10:59 - 2012-08-23 12:51 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2019-04-05 10:51 - 2019-03-13 17:09 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-04-05 10:51 - 2019-03-13 17:02 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-04-05 10:51 - 2019-02-12 18:08 - 014184448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-04-05 10:51 - 2019-02-12 18:08 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-04-05 10:51 - 2019-02-12 17:58 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-04-05 10:51 - 2019-02-12 17:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-04-05 10:51 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-05 10:51 - 2019-02-08 18:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-04-05 10:51 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2019-04-05 10:51 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2019-04-05 10:51 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2019-04-05 10:51 - 2015-12-16 20:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2019-04-05 10:51 - 2015-12-16 20:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2019-04-05 10:51 - 2015-12-16 20:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 21:39 - 2016-01-15 20:27 - 000010592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-01 21:39 - 2016-01-15 20:20 - 000010592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-01 21:38 - 2009-07-14 17:18 - 000672158 _____ C:\Windows\system32\perfh005.dat
2019-05-01 21:38 - 2009-07-14 17:18 - 000142754 _____ C:\Windows\system32\perfc005.dat
2019-05-01 21:38 - 2009-07-14 07:13 - 001593302 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-01 21:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-05-01 21:37 - 2017-03-18 02:21 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-01 21:37 - 2015-10-17 13:12 - 000000000 ____D C:\Users\KNR\AppData\Roaming\Mozilla
2019-05-01 21:29 - 2015-10-16 14:35 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-05-01 21:28 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-29 16:28 - 2018-12-23 07:39 - 000000000 ____D C:\Users\KNR\AppData\Roaming\Thunderbird
2019-04-29 06:47 - 2015-10-16 20:06 - 000000000 ____D C:\Users\KNR\AppData\Roaming\vlc
2019-04-28 14:08 - 2009-07-14 07:08 - 000032600 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-24 18:36 - 2015-10-16 10:37 - 000476776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-04-24 18:36 - 2015-10-16 10:37 - 000385848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-04-24 18:35 - 2019-02-15 08:16 - 000257832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-04-24 18:35 - 2019-01-14 17:26 - 000254128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-04-24 18:35 - 2019-01-04 19:15 - 000320624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-04-24 18:35 - 2019-01-04 19:15 - 000196000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-04-24 18:35 - 2019-01-04 19:15 - 000057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-04-24 18:35 - 2019-01-04 19:15 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-04-24 18:35 - 2018-10-20 03:21 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-04-24 18:35 - 2017-11-16 13:48 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-04-24 18:35 - 2015-10-16 10:37 - 001031000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-04-24 18:35 - 2015-10-16 10:37 - 000220640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-04-24 18:35 - 2015-10-16 10:37 - 000166848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-04-24 18:35 - 2015-10-16 10:37 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-04-24 18:35 - 2015-10-16 10:37 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-04-22 20:14 - 2015-12-14 11:21 - 000002788 _____ C:\Users\KNR\Documents\startup.txt
2019-04-18 06:47 - 2017-01-10 16:50 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-04-13 19:01 - 2016-01-16 20:50 - 000000000 ____D C:\Users\KNR\AppData\Roaming\MPC-HC
2019-04-13 12:55 - 2015-10-16 20:12 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-13 12:55 - 2015-10-16 20:12 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-12 06:53 - 2016-02-01 18:07 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-10 09:14 - 2015-10-16 09:04 - 000000000 ____D C:\Windows\system32\MRT
2019-04-10 09:10 - 2015-10-16 09:04 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-09 11:43 - 2015-10-16 14:36 - 000003214 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2019-04-09 11:43 - 2015-10-16 14:36 - 000001098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-04-09 11:43 - 2015-10-16 14:36 - 000001086 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-04-07 18:43 - 2015-10-16 20:39 - 000000000 ____D C:\Users\KNR\AppData\Local\CrashDumps
2019-04-07 16:46 - 2015-11-12 12:24 - 000000000 ____D C:\Windows\A5W_DATA
2019-04-07 16:29 - 2015-11-12 12:24 - 000000035 _____ C:\Windows\A5W.INI
2019-04-06 11:48 - 2015-11-22 12:07 - 000000173 _____ C:\Windows\SOFTPEG.INI
2019-04-06 11:48 - 2015-11-12 17:55 - 000037171 _____ C:\Windows\Run32A50.mch
2019-04-05 19:25 - 2009-07-14 07:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2019-04-05 14:40 - 2009-07-14 06:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-04-05 14:34 - 2015-10-23 06:48 - 000000000 ____D C:\temp
2019-04-05 11:23 - 2017-10-13 13:56 - 005013504 _____ C:\Users\KNR\hkcubackup.hiv
2019-04-05 11:23 - 2015-10-16 08:26 - 000000000 ____D C:\Users\KNR
2019-04-05 11:06 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-05 10:56 - 2015-10-16 16:14 - 001568016 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-11-17 08:17 - 2018-01-09 10:12 - 000000543 _____ () C:\Users\KNR\AppData\Roaming\All CPU MeterV3_Settings.ini
2016-10-31 13:47 - 2018-08-22 13:15 - 000035168 _____ () C:\Users\KNR\AppData\Roaming\SLOVA.WAV
2015-11-19 12:49 - 2018-08-22 13:15 - 000034768 _____ () C:\Users\KNR\AppData\Roaming\TMP.WAV
2015-10-18 19:52 - 2016-01-04 13:28 - 000000470 _____ () C:\Users\KNR\AppData\Roaming\Weather Meter_Settings.ini
2016-08-30 12:41 - 2019-02-11 18:22 - 000007168 _____ () C:\Users\KNR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2015-12-10 13:45
==================== End of FRST.txt ============================

A addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by KNR (01-05-2019 21:40:44)
Running from C:\Users\KNR\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-10-16 06:26:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-825402696-3782770724-1342242442-500 - Administrator - Disabled)
Guest (S-1-5-21-825402696-3782770724-1342242442-501 - Limited - Disabled)
KNR (S-1-5-21-825402696-3782770724-1342242442-1000 - Administrator - Enabled) => C:\Users\KNR

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.0.501 - ABBYY Production LLC)
ABBYY PDF Transformer 3.0 (HKLM\...\{FA300000-0001-6400-0000-074957833700}) (Version: 3.00.502.68015 - ABBYY) Hidden
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.502.68015 - ABBYY)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ashampoo Burning Studio 16 v.16.0.0 (HKLM-x32\...\{91B33C97-A730-69CE-7A4F-4ADF378BB993}_is1) (Version: 16.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 12 v.12.00.10 (HKLM-x32\...\{4209F371-15B6-1CE4-15F7-A7BA46F431E3}_is1) (Version: 12.00.10 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.00 - Ashampoo GmbH & Co. KG)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Glary Utilities 5.117 (HKLM-x32\...\Glary Utilities 5) (Version: 5.117.0.142 - Glarysoft Ltd)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel A/V Codecs V2.0 (HKLM-x32\...\CodInstl) (Version: - )
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
K-Lite Mega Codec Pack 11.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP)
Leawo PowerPoint to Video Pro version 2.4.0.62 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: - Leawo Software)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Max Uninstaller version 2.1 (HKLM-x32\...\{C7022C9B-4DE0-4A57-B395-ED3BFDB78D73}_is1) (Version: 2.1 - hxxp://www.maxuninstaller.com/)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
MiVue Manager (HKLM-x32\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.33.30 - Mio Technology Corporation)
Mozilla Firefox 58.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0.2 (x64 en-US)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
Mozilla Thunderbird 60.6.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.6.1 (x86 cs)) (Version: 60.6.1 - Mozilla)
MPC-BE x64 1.3.0.3.3706 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.3.0.3.3706 - MPC-BE Team)
PC Translator verze v14 (HKLM-x32\...\PC Translator_is1) (Version: v14 - )
Pdf2Jpg version 1.2 (HKLM-x32\...\{533D415A-4151-4AC5-858E-4068524C8051}_is1) (Version: 1.2 - Office Necessities inc.)
PerfV350 Uživatelská příručka (HKLM-x32\...\PerfV350 Uživatelská příručka) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8536 - Realtek Semiconductor Corp.)
Registry Repair 5.0.1.101 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.101 - Glarysoft Ltd)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
Ruská - rozložení jako latinka (0.9.1) (HKLM\...\{6109059C-2784-4546-A353-7100A6882DF4}) (Version: 1.0.3.40 - Đonny)
Seznam prohlížeč (HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\Seznam Browser) (Version: 5.1.2 - Seznam.cz a.s.)
Skype verze 8.42 (HKLM-x32\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
SpyHunter (HKLM-x32\...\{AF549236-6258-4AC6-A043-5B5B89C6EB61}) (Version: - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VdhCoApp 1.0.9 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.10 - ZONER software)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1610.2.7 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-825402696-3782770724-1342242442-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\KNR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.3.gadget\CoreTempReader.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-825402696-3782770724-1342242442-1000_Classes\CLSID\{B04BA01D-9128-EDC0-3A6C-C971F6F944EA}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FineReader12ContextMenu] -> [CC]{55344AC6-630B-430C-B292-C7BE21F90061} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [PDFTransformer3ContextMenu] -> [CC]{2DC8E5F2-C89C-4730-82C9-19120DEE5B0A} => -> No File
ContextMenuHandlers1: [SnagItMainShellExt] -> [CC]{CF74B903-3389-469c-B3B6-0204D204FCBD} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [XXX Groove GFS Context Menu Handler XXX] -> [CC]{6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\KNR\Desktop\Firefox Portable 9.0.1 CZ – zástupce.lnk -> C:\Program Files (x86)\FIREFOX\Firefox Portable 9.0.1 CZ.exe (PortableApps.com)

==================== Loaded Modules (Whitelisted) ==============

2012-08-06 12:01 - 2012-08-06 12:01 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2012-08-06 12:01 - 2012-08-06 12:01 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2015-10-16 11:14 - 2015-10-16 11:14 - 000006144 _____ () [File not signed] C:\Users\KNR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.3.gadget\CoreTempReader.dll
2015-10-16 11:14 - 2015-10-16 11:14 - 000008704 _____ () [File not signed] C:\Users\KNR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.3.gadget\GetCoreTempInfoNET.dll
2015-10-16 11:14 - 2015-10-16 11:14 - 000007680 _____ () [File not signed] C:\Users\KNR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.3.gadget\SystemInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\easypdfcombine%20toolbar -> easypdfcombine%20toolbar
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\easypdfcombinetoolbar -> easypdfcombinetoolbar
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\mindspark%20toolbars -> mindspark%20toolbars
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\pricechop -> pricechop
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\targetnet -> targetnet
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\targetnet -> hxxp://targetnet
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\targetnet.com -> targetnet.com
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\targetnet.com -> hxxps://targetnet.com
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\webtrendslive -> webtrendslive

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 10:03 - 000000727 ____N C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.langsoft.cz
127.0.0.1 iws.intranet.cz
127.0.0.1 www.pctranslator.cz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-825402696-3782770724-1342242442-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KNR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 12.lnk => C:\Windows\pss\Snagit 12.lnk.CommonStartup
MSCONFIG\startupreg: ABBYY Screenshot Reader Bonus => "C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe" -autorun
MSCONFIG\startupreg: Bonus.SSR.FR12 => "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 18\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7B382646-1E5D-4BDE-A865-BC07170810A1}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{6DF73621-D756-49C9-BEC6-3DCD2A7CAAC3}] => (Allow) LPort=8298
FirewallRules: [{3D3042EA-1560-40D8-96F6-22F1090BFEB2}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{7E99FE10-A6FB-4987-8227-588731C5CE67}] => (Allow) C:\Users\KNR\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{95EE80E0-8455-403B-B35D-C6F3FCB72C5C}] => (Allow) C:\Users\KNR\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{FD4D6FB6-38FD-4561-AFE2-FBA1BDCB6E8A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{C572AC79-FA40-4125-91F4-BBFBB1EC2667}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{1CD6C6D5-8D78-4BB2-8750-DBFE7D86A8DF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{52C76692-4451-47B6-B6CD-1AACD1C01A38}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{4BA99206-804C-47DA-BBA1-6C17A6778D8F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{DCA6BCFE-B30C-41AB-AF8D-BC61BE7EBB70}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{2194FEEA-E56E-4E36-8AE9-6D9B43D2F438}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6C2AC8AF-DA03-486A-A780-29D355241174}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4367CFB5-3290-4E6B-8623-8E0D54696138}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{EE81175D-B416-4FA0-BF41-22C0556902B5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{518CB196-1883-49B9-A7B1-245261BB2D49}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69BD7016-6AF8-405E-995C-6E8BD0828DE4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

22-04-2019 20:09:10 OB1
22-04-2019 20:11:03 OS2
22-04-2019 20:16:22 bod3

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/10/2019 09:14:37 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\servicing\TrustedInstaller.exe; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (04/10/2019 09:10:24 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x80070422).

Error: (04/06/2019 04:18:33 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\servicing\TrustedInstaller.exe; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (04/06/2019 04:18:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x80070422).

Error: (04/06/2019 11:57:09 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\servicing\TrustedInstaller.exe; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (04/06/2019 11:57:06 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\servicing\TrustedInstaller.exe; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (04/06/2019 11:57:04 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\servicing\TrustedInstaller.exe; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (04/06/2019 11:57:04 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x80070422).


System errors:
=============
Error: (05/01/2019 09:28:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
TsDefenseBt

Error: (04/29/2019 05:18:58 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (04/29/2019 05:00:41 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (04/29/2019 04:33:44 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (04/29/2019 04:28:42 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (04/29/2019 04:27:43 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (04/29/2019 04:26:31 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (04/29/2019 04:25:49 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10


CodeIntegrity:
===================================

Date: 2018-03-25 15:58:49.966
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-25 15:58:49.919
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-25 10:23:15.778
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-25 10:23:15.732
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-25 05:58:47.012
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-25 05:58:46.950
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-24 15:52:50.044
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-24 15:52:49.981
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1002 12/12/2011
Motherboard: ASUSTeK COMPUTER INC. F1A55-M LX
Processor: AMD A4-3400 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 70%
Total physical RAM: 4075.5 MB
Available physical RAM: 1188.71 MB
Total Virtual: 8149.15 MB
Available Virtual: 5322.07 MB

==================== Drives ================================

Drive c: (system) (Fixed) (Total:223.37 GB) (Free:107.63 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:223.57 GB) (Free:102.2 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:14.4 GB) (Free:0.99 GB) FAT32

\\?\Volume{26164b99-131f-11e9-ab11-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: B19980DC)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 14.4 GB) (Disk ID: 3C622F4B)
Partition 1: (Active) - (Size=14.4 GB) - (Type=0B)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: E-maily odeslané přes TB na Gmail padají do spamu

#3 Příspěvek od Rudy »

Zdravím!

Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

funkymusic
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 402
Registrován: 07 pro 2004 15:16

Re: E-maily odeslané přes TB na Gmail padají do spamu

#4 Příspěvek od funkymusic »

Díky za rychlou odpověď!

Tady je ADWCleaner log:
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-01-2019
# Duration: 00:00:11
# OS: Windows 7 Professional
# Cleaned: 81
# Failed: 1


***** [ Services ] *****

Deleted QQPCRTP

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Enigma Software Group
Deleted C:\Program Files (x86)\IOBIT\Driver Booster
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files\Enigma Software Group
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\Users\KNR\AppData\Local\Seznam.cz
Deleted C:\Users\KNR\AppData\Local\slimware utilities inc
Deleted C:\Users\KNR\AppData\Roaming\IOBIT\Driver Booster
Deleted C:\Users\KNR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\spyhunter
Deleted C:\Users\KNR\Start Menu\Programs\SpyHunter
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Windows\GJFix
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

Deleted C:\Users\KNR\AppData\Roaming\Mozilla\Firefox\Profiles\2u4cs7g4.default\searchplugins\yahoo-lavasoft.xml
Deleted C:\Users\KNR\Desktop\SpyHunter.lnk
Deleted C:\Windows\SysWOW64\EsgScanner.sys
Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted C:\Windows\System32\LavasoftTcpService64.dll
Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted C:\Windows\System32\drivers\EsgScanner.sys
Deleted C:\Windows\System32\drivers\TFsFltX64.sys
Deleted C:\Windows\System32\drivers\TSSKX64.sys
Deleted C:\Windows\System32\drivers\swdumon.sys
Deleted C:\spyhunter.log

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\7f828ce78bc4ad3018cbbea48fe2cacc
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5D5DBD-C857-4377-A755-06E50B4AC2B0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639B74F1-0594-432C-97C8-68C8C17A1E1D}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{29B6CFD5-0064-411A-8C42-9890C83F9921}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50F4150A-48B2-417A-BE4C-C83F580FB904}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\STA
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\SlimWare Utilities Inc
Deleted HKLM\SOFTWARE\CLASSES\APPID\{93469602-4134-4012-A6BC-D46FF1C671E9}
Deleted HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\SOFTWARE\Classes\AppID\QMContextScan.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\QMContextUninstall.DLL
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
Deleted HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
Deleted HKLM\Software\Classes\AppID\{1E9BD312-7C8C-4422-906D-897F6D7714F2}
Deleted HKLM\Software\Classes\AppID\{278029E0-2347-4254-A65E-204AC55E2508}
Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Classes\AppID\{7A30415C-ABEE-4674-B64B-4CA145EEB0CA}
Deleted HKLM\Software\Classes\Interface\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
Deleted HKLM\Software\Classes\Interface\{E52EB753-1F56-4DF7-BE53-2C314AC5F8A1}
Deleted HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7BD8146798CEA704D860BE01414B8E51
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-825402696-3782770724-1342242442-1000\Products\632945FA85266CA40A34B5B5986CBE16
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{63332668-8CE1-445D-A5EE-25929176714E}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{CBDECEF7-7A29-4CBF-A009-2673D82C7BF9}
Deleted HKLM\Software\Wow6432Node\Auslogics\BoostSpeed
Deleted HKLM\Software\Wow6432Node\EnigmaSoftwareGroup
Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster
Deleted HKLM\Software\Wow6432Node\\CLASSES\APPID\{93469602-4134-4012-A6BC-D46FF1C671E9}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\QMContextScan.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\QMContextUninstall.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{1E9BD312-7C8C-4422-906D-897F6D7714F2}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{278029E0-2347-4254-A65E-204AC55E2508}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{7A30415C-ABEE-4674-B64B-4CA145EEB0CA}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{754DF2CE-51E8-4895-B53C-6381418B84AE}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AF549236-6258-4AC6-A043-5B5B89C6EB61}

***** [ Chromium (and derivatives) ] *****

Not Deleted ????????

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted SaveFrom.net helper

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] remove_folder_Auslogics
[+] remove_folder_Auslogics(2)
[+] remove_folder_Auslogics(3)
[+] remove_folder_Auslogics(4)
[+] remove_regKey_Auslogics
[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9058 octets] - [01/05/2019 22:03:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: E-maily odeslané přes TB na Gmail padají do spamu

#5 Příspěvek od Rudy »

Poprosím o nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

funkymusic
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 402
Registrován: 07 pro 2004 15:16

Re: E-maily odeslané přes TB na Gmail padají do spamu

#6 Příspěvek od funkymusic »

Díky, zde nový log:

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by KNR (administrator) on KNR-PC (02-05-2019 15:50:21)
Running from C:\Users\KNR\Desktop
Loaded Profiles: KNR (Available Profiles: KNR)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2019-04-09] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3571200 2015-02-28] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [182272 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\i263_32.drv [391168 1997-08-27] (Intel Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.I263] => C:\Windows\SysWOW64\I263_32.drv [391168 1997-08-27] (Intel Corporation) [File not signed]
HKLM\...\Drivers32-x32: [VIDC.IV41] => ir41_32.ax
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [110592 2003-04-16] (TechSmith Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3591680 2015-02-28] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
BootExecute: autocheck autochk *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23A3B95D-AF13-41D4-BC00-3AE9B9B8737C} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [915952 2019-04-09] (Glarysoft LTD -> Glarysoft Ltd)
Task: {2D99A041-82C6-4E1E-A061-66E7CA27A202} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2F4C5F89-8EC3-428B-9C77-8B70BB44A0CC} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56640 2015-08-11] (TechSmith Corporation -> TechSmith Corporation)
Task: {3AAC6D83-DCE5-42AD-8A0D-BDE983BFF65B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {40F3551A-31A8-4724-86E0-5A174C030838} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {657B2C15-CE1A-4519-A15F-F5D4A4CF4BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-16] (Google Inc -> Google Inc.)
Task: {9E33096D-9E66-4E19-A209-298E8E02C7CC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-07-03] (Piriform Ltd -> Piriform Ltd)
Task: {B561885A-8DF8-457E-92C2-316646B881A1} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {BB3D5B36-6BE7-4E84-94BE-A1CC1CFD8EB8} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [135672 2019-04-09] (Glarysoft LTD -> Glarysoft Ltd)
Task: {D17C3B59-745A-4578-96D7-7D483A351265} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [533200 2018-07-03] (Piriform Ltd -> Piriform Ltd)
Task: {D83EFD96-0E14-4FFF-8A1E-5BF29D14D6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-16] (Google Inc -> Google Inc.)
Task: {F63DBC30-9B83-4DC4-8DB8-72F64D444A7C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.240.163.170 62.204.224.2
Tcpip\..\Interfaces\{67C6155D-1900-46C9-8FFB-D4A4D5235374}: [DhcpNameServer] 62.240.163.170 62.204.224.2
HKLM\System\...\Parameters\PersistentRoutes: [23.218.212.69,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [204.160.124.125,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [8.254.25.126,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [198.78.194.252,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [198.78.209.253,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [8.254.23.254,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [157.56.91.82,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [104.79.147.136,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [23.61.72.70,255.255.255.255,127.0.0.1,1]
HKLM\System\...\Parameters\PersistentRoutes: [134.170.185.126,255.255.255.255,127.0.0.1,1]
PersistentRoutes: There are 63 PersistentRoutes.


Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-825402696-3782770724-1342242442-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {2E71F9A1-DAEC-477D-9EEA-41C60E5BBC76} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {81F8BC81-3EE7-489A-81C0-D046CB910FE1} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {8D42ADE1-89E5-4570-8A9F-1D5469EC5AAD} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {A888AE94-6EE9-496E-89CE-560C8688C9FF} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {A8E42571-D589-42A7-BD74-79C51C907A92} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {C7DE935C-C096-4025-BF10-BDBCD3CB08C1} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {CBDE38DD-AA81-48DB-8087-01C3B61C726E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {EEF1609F-A1CC-4E18-A5F9-8B29E6256628} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-825402696-3782770724-1342242442-1000 -> {F233CB0B-ABC2-41DD-B0D3-EC69795EF6DC} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-07] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File

FireFox:
========
FF DefaultProfile: 2u4cs7g4.default
FF ProfilePath: C:\Users\KNR\AppData\Roaming\Mozilla\Firefox\Profiles\2u4cs7g4.default [2019-04-21]
FF Homepage: Mozilla\Firefox\Profiles\2u4cs7g4.default -> hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0626__yaff
FF NewTab: Mozilla\Firefox\Profiles\2u4cs7g4.default -> hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0626__yaff
FF Extension: (Avast Online Security) - C:\Users\KNR\AppData\Roaming\Mozilla\Firefox\Profiles\2u4cs7g4.default\Extensions\wrc@avast.com.xpi [2018-07-17]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-13] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-13] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default [2019-04-21]
CHR Extension: (Docs) - C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-16]
CHR Extension: (YouTube) - C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (电脑管家上网防护) - C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-03-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [296448 2015-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
S3 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [799240 2019-01-08] (ICEpower a/s -> ICEpower)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S3 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2015-10-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R3 amdiox64; C:\Windows\System32\DRIVERS\amdiox64.sys [46136 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21516800 2015-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [483840 2015-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [90560 2018-02-07] (Alcorlink Corp. -> Alcorlink Corp.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254128 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320624 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57888 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [257832 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1031000 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476776 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220640 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-06-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [42536 2016-06-21] (IVT CORPORATION -> IVT Corporation.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [60928 2015-10-22] (Microsoft Windows Hardware Compatibility Publisher -> GenesysLogic)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-07-13] (Glarysoft LTD -> Glarysoft Ltd)
S3 GUMHFilter; C:\Windows\System32\DRIVERS\GUMHFilter.sys [20096 2016-02-18] (Glarysoft LTD -> GlarySoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-07-14] (Martin Malik - REALiX -> REALiX(tm))
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
U3 DfSdkS; no ImagePath
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMUdisk64.sys [X]
S1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\softaal64.sys [X]
S1 SRepairDrv; \??\C:\Windows\GJFix\SRepairDrv [X]
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
S1 TsDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [X]
S3 TSSKX64; System32\drivers\tsskx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 15:50 - 2019-05-02 15:51 - 000021205 _____ C:\Users\KNR\Desktop\FRST.txt
2019-05-01 22:03 - 2019-05-01 22:03 - 000000000 ____D C:\AdwCleaner
2019-05-01 22:02 - 2019-05-01 22:02 - 007025360 _____ (Malwarebytes) C:\Users\KNR\Desktop\adwcleaner_7.3.exe
2019-05-01 21:39 - 2019-05-02 15:50 - 000000000 ____D C:\FRST
2019-05-01 21:37 - 2019-05-01 21:37 - 000000000 ____D C:\rsit
2019-05-01 21:37 - 2019-05-01 21:37 - 000000000 ____D C:\Program Files\trend micro
2019-05-01 21:37 - 2019-05-01 21:36 - 002430464 _____ (Farbar) C:\Users\KNR\Desktop\FRST64.exe
2019-05-01 21:37 - 2019-05-01 21:36 - 001222144 _____ C:\Users\KNR\Desktop\RSITx64.exe
2019-04-24 18:35 - 2019-04-24 18:35 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-04-13 12:57 - 2019-04-13 12:57 - 000002192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-04-13 12:57 - 2019-04-13 12:57 - 000002180 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-04-13 12:56 - 2019-04-13 12:56 - 000000000 ____D C:\Program Files\Google
2019-04-12 18:15 - 2019-04-24 18:36 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-10 07:12 - 2019-04-02 03:57 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-04-10 07:12 - 2019-03-29 03:36 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-10 07:12 - 2019-03-28 05:35 - 000348776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-04-10 07:12 - 2019-03-28 03:55 - 000397120 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-04-10 07:12 - 2019-03-27 02:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-10 07:12 - 2019-03-26 08:14 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-10 07:12 - 2019-03-26 08:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-04-10 07:12 - 2019-03-26 08:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-04-10 07:12 - 2019-03-26 07:52 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-10 07:12 - 2019-03-26 07:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-04-10 07:12 - 2019-03-26 07:51 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-04-10 07:12 - 2019-03-26 07:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-10 07:12 - 2019-03-26 07:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-04-10 07:12 - 2019-03-26 07:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-04-10 07:12 - 2019-03-26 07:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-04-10 07:12 - 2019-03-26 07:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-04-10 07:12 - 2019-03-26 07:41 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-04-10 07:12 - 2019-03-26 07:40 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-10 07:12 - 2019-03-26 07:40 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-10 07:12 - 2019-03-26 07:40 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-10 07:12 - 2019-03-26 07:40 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-04-10 07:12 - 2019-03-26 07:40 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-04-10 07:12 - 2019-03-26 07:35 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-04-10 07:12 - 2019-03-26 07:31 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-04-10 07:12 - 2019-03-26 07:26 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-04-10 07:12 - 2019-03-26 07:26 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-04-10 07:12 - 2019-03-26 07:25 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-04-10 07:12 - 2019-03-26 07:22 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-04-10 07:12 - 2019-03-26 07:22 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-04-10 07:12 - 2019-03-26 07:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-04-10 07:12 - 2019-03-26 07:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-04-10 07:12 - 2019-03-26 07:12 - 020280832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-04-10 07:12 - 2019-03-26 07:10 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-04-10 07:12 - 2019-03-26 07:08 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-04-10 07:12 - 2019-03-26 07:08 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-04-10 07:12 - 2019-03-26 07:07 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-04-10 07:12 - 2019-03-26 07:06 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-04-10 07:12 - 2019-03-26 07:05 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-10 07:12 - 2019-03-26 07:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-04-10 07:12 - 2019-03-26 07:00 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-04-10 07:12 - 2019-03-26 06:51 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-04-10 07:12 - 2019-03-26 06:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-04-10 07:12 - 2019-03-26 06:50 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-04-10 07:12 - 2019-03-26 06:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-04-10 07:12 - 2019-03-26 06:50 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-04-10 07:12 - 2019-03-26 06:48 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-04-10 07:12 - 2019-03-26 06:48 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-04-10 07:12 - 2019-03-26 06:46 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-04-10 07:12 - 2019-03-26 06:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-04-10 07:12 - 2019-03-26 06:44 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-04-10 07:12 - 2019-03-26 06:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-04-10 07:12 - 2019-03-26 06:43 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-10 07:12 - 2019-03-26 06:43 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-04-10 07:12 - 2019-03-26 06:36 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-10 07:12 - 2019-03-26 06:36 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-04-10 07:12 - 2019-03-26 06:33 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-04-10 07:12 - 2019-03-26 06:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-04-10 07:12 - 2019-03-26 06:32 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-04-10 07:12 - 2019-03-26 06:31 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-04-10 07:12 - 2019-03-26 06:29 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-10 07:12 - 2019-03-26 06:29 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-04-10 07:12 - 2019-03-26 06:29 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-04-10 07:12 - 2019-03-26 06:28 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-04-10 07:12 - 2019-03-26 06:24 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-04-10 07:12 - 2019-03-26 06:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-04-10 07:12 - 2019-03-26 06:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-04-10 07:12 - 2019-03-26 06:21 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-04-10 07:12 - 2019-03-26 06:21 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-04-10 07:12 - 2019-03-26 06:08 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-04-10 07:12 - 2019-03-26 06:04 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-04-10 07:12 - 2019-03-26 06:02 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-04-10 07:12 - 2019-03-21 04:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-10 07:12 - 2019-03-21 04:13 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-04-10 07:12 - 2019-03-21 04:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-04-10 07:12 - 2019-03-21 04:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-04-10 07:12 - 2019-03-21 04:13 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-04-10 07:12 - 2019-03-21 04:12 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-04-10 07:12 - 2019-03-21 04:12 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-04-10 07:12 - 2019-03-21 04:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-04-10 07:12 - 2019-03-21 04:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:03 - 003961576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-04-10 07:12 - 2019-03-21 04:02 - 004056296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-04-10 07:12 - 2019-03-21 04:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 04:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 03:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-04-10 07:12 - 2019-03-21 03:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-04-10 07:12 - 2019-03-21 03:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-04-10 07:12 - 2019-03-21 03:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-04-10 07:12 - 2019-03-21 03:41 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-04-10 07:12 - 2019-03-21 03:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-04-10 07:12 - 2019-03-21 03:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-04-10 07:12 - 2019-03-21 03:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-04-10 07:12 - 2019-03-21 03:40 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-04-10 07:12 - 2019-03-21 03:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-04-10 07:12 - 2019-03-21 03:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-04-10 07:12 - 2019-03-21 03:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-04-10 07:12 - 2019-03-21 03:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-04-10 07:12 - 2019-03-21 03:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-04-10 07:12 - 2019-03-21 03:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-04-10 07:12 - 2019-03-21 03:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-04-10 07:12 - 2019-03-21 03:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-04-10 07:12 - 2019-03-21 03:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-04-10 07:12 - 2019-03-21 03:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-04-10 07:12 - 2019-03-21 03:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-04-10 07:12 - 2019-03-21 03:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-04-10 07:12 - 2019-03-21 03:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-04-10 07:12 - 2019-03-21 03:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 03:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 03:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-04-10 07:12 - 2019-03-21 03:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-04-10 07:12 - 2019-03-16 06:11 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-10 07:12 - 2019-03-16 06:09 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-04-10 07:12 - 2019-03-16 06:09 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-04-10 07:12 - 2019-03-16 06:08 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-04-10 07:12 - 2019-03-16 06:08 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-04-10 07:12 - 2019-03-16 05:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-04-10 07:12 - 2019-03-16 05:42 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-04-10 07:12 - 2019-03-16 05:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-04-10 07:12 - 2019-03-16 05:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-04-10 07:12 - 2019-03-13 16:35 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-04-10 07:12 - 2019-03-13 16:35 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-04-10 07:12 - 2019-03-12 16:34 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-04-10 07:12 - 2019-03-12 16:34 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-04-10 07:12 - 2019-03-12 16:34 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 001894912 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 000688128 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-04-10 07:12 - 2019-03-11 23:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 001391616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-04-10 07:12 - 2019-03-11 23:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-04-10 07:12 - 2019-02-21 17:48 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2019-04-10 07:12 - 2019-02-21 17:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2019-04-10 07:12 - 2019-02-21 17:37 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-10 07:12 - 2018-11-18 04:44 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-04-10 07:12 - 2018-11-18 04:44 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2019-04-06 15:57 - 2015-07-16 21:12 - 006131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-04-06 15:57 - 2015-07-16 21:12 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2019-04-06 15:57 - 2015-07-16 21:12 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-04-06 15:57 - 2015-07-16 21:11 - 007077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-04-06 15:57 - 2015-07-16 21:11 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2019-04-06 15:57 - 2015-07-16 21:11 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-04-06 15:57 - 2015-07-11 15:15 - 000429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2019-04-06 10:35 - 2014-12-11 19:47 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2019-04-05 14:35 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2019-04-05 14:35 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-04-05 14:35 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2019-04-05 14:35 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2019-04-05 14:35 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-04-05 14:35 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-04-05 14:35 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2019-04-05 14:35 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2019-04-05 14:35 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2019-04-05 14:35 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2019-04-05 14:35 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2019-04-05 14:35 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2019-04-05 14:35 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2019-04-05 14:35 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2019-04-05 14:35 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2019-04-05 14:35 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2019-04-05 14:35 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2019-04-05 14:35 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2019-04-05 14:35 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2019-04-05 14:35 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2019-04-05 14:35 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2019-04-05 14:35 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2019-04-05 14:35 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2019-04-05 14:35 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2019-04-05 14:35 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2019-04-05 14:35 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2019-04-05 14:35 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2019-04-05 14:35 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2019-04-05 14:35 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2019-04-05 14:35 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2019-04-05 14:35 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2019-04-05 14:35 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2019-04-05 14:35 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2019-04-05 14:35 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2019-04-05 14:35 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2019-04-05 14:35 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2019-04-05 14:35 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2019-04-05 14:35 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2019-04-05 14:35 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2019-04-05 14:35 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2019-04-05 14:35 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2019-04-05 14:35 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2019-04-05 14:35 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2019-04-05 14:35 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2019-04-05 14:35 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2019-04-05 14:35 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2019-04-05 14:35 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2019-04-05 14:35 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2019-04-05 14:35 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2019-04-05 14:34 - 2019-04-05 14:35 - 000000000 ____D C:\Windows\SysWOW64\directx
2019-04-05 14:20 - 2019-04-07 18:43 - 000000000 ____D C:\Users\KNR\AppData\Roaming\MPC-BE
2019-04-05 14:20 - 2019-04-05 14:20 - 000001742 _____ C:\Users\KNR\Desktop\MPC-BE x64.lnk
2019-04-05 14:20 - 2019-04-05 14:20 - 000000000 ____D C:\Program Files\MPC-BE x64
2019-04-05 11:44 - 2019-04-10 15:26 - 000419312 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-05 11:22 - 2019-04-05 11:22 - 000109688 _____ C:\Users\KNR\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-05 11:01 - 2013-10-02 04:22 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2019-04-05 11:01 - 2013-10-02 04:11 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2019-04-05 11:01 - 2013-10-02 04:08 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2019-04-05 11:01 - 2013-10-02 03:48 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2019-04-05 11:01 - 2013-10-02 03:48 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2019-04-05 11:01 - 2013-10-02 03:10 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2019-04-05 11:01 - 2013-10-02 02:14 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2019-04-05 11:01 - 2013-10-02 02:14 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2019-04-05 11:01 - 2013-10-02 01:31 - 001147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2019-04-05 11:01 - 2013-10-02 00:34 - 001068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2019-04-05 10:59 - 2012-08-23 16:10 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2019-04-05 10:59 - 2012-08-23 13:12 - 000192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2019-04-05 10:59 - 2012-08-23 12:51 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2019-04-05 10:51 - 2019-03-13 17:09 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-04-05 10:51 - 2019-03-13 17:02 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-04-05 10:51 - 2019-02-12 18:08 - 014184448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-04-05 10:51 - 2019-02-12 18:08 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-04-05 10:51 - 2019-02-12 17:58 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-04-05 10:51 - 2019-02-12 17:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-04-05 10:51 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-05 10:51 - 2019-02-08 18:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-04-05 10:51 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2019-04-05 10:51 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2019-04-05 10:51 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2019-04-05 10:51 - 2015-12-16 20:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2019-04-05 10:51 - 2015-12-16 20:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2019-04-05 10:51 - 2015-12-16 20:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 15:51 - 2015-10-16 14:35 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-05-02 15:49 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-01 22:37 - 2017-03-18 02:21 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-01 22:12 - 2016-01-15 20:27 - 000010592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-01 22:12 - 2016-01-15 20:20 - 000010592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-01 22:10 - 2015-10-17 13:12 - 000000000 ____D C:\Users\KNR\AppData\Roaming\Mozilla
2019-05-01 22:08 - 2009-07-14 17:18 - 000672158 _____ C:\Windows\system32\perfh005.dat
2019-05-01 22:08 - 2009-07-14 17:18 - 000142754 _____ C:\Windows\system32\perfc005.dat
2019-05-01 22:08 - 2009-07-14 07:13 - 001593302 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-01 22:08 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-05-01 22:03 - 2017-07-14 21:00 - 000000000 ____D C:\Users\KNR\AppData\Roaming\IObit
2019-05-01 22:03 - 2015-10-16 14:50 - 000000000 ____D C:\Program Files (x86)\IObit
2019-04-29 16:28 - 2018-12-23 07:39 - 000000000 ____D C:\Users\KNR\AppData\Roaming\Thunderbird
2019-04-29 06:47 - 2015-10-16 20:06 - 000000000 ____D C:\Users\KNR\AppData\Roaming\vlc
2019-04-28 14:08 - 2009-07-14 07:08 - 000032600 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-24 18:36 - 2015-10-16 10:37 - 000476776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-04-24 18:36 - 2015-10-16 10:37 - 000385848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-04-24 18:35 - 2019-02-15 08:16 - 000257832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-04-24 18:35 - 2019-01-14 17:26 - 000254128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-04-24 18:35 - 2019-01-04 19:15 - 000320624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-04-24 18:35 - 2019-01-04 19:15 - 000196000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-04-24 18:35 - 2019-01-04 19:15 - 000057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-04-24 18:35 - 2019-01-04 19:15 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-04-24 18:35 - 2018-10-20 03:21 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-04-24 18:35 - 2017-11-16 13:48 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-04-24 18:35 - 2015-10-16 10:37 - 001031000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-04-24 18:35 - 2015-10-16 10:37 - 000220640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-04-24 18:35 - 2015-10-16 10:37 - 000166848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-04-24 18:35 - 2015-10-16 10:37 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-04-24 18:35 - 2015-10-16 10:37 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-04-22 20:14 - 2015-12-14 11:21 - 000002788 _____ C:\Users\KNR\Documents\startup.txt
2019-04-18 06:47 - 2017-01-10 16:50 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-04-13 19:01 - 2016-01-16 20:50 - 000000000 ____D C:\Users\KNR\AppData\Roaming\MPC-HC
2019-04-13 12:55 - 2015-10-16 20:12 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-13 12:55 - 2015-10-16 20:12 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-12 06:53 - 2016-02-01 18:07 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-10 09:14 - 2015-10-16 09:04 - 000000000 ____D C:\Windows\system32\MRT
2019-04-10 09:10 - 2015-10-16 09:04 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-09 11:43 - 2015-10-16 14:36 - 000003214 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2019-04-09 11:43 - 2015-10-16 14:36 - 000001098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-04-09 11:43 - 2015-10-16 14:36 - 000001086 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-04-07 18:43 - 2015-10-16 20:39 - 000000000 ____D C:\Users\KNR\AppData\Local\CrashDumps
2019-04-07 16:46 - 2015-11-12 12:24 - 000000000 ____D C:\Windows\A5W_DATA
2019-04-07 16:29 - 2015-11-12 12:24 - 000000035 _____ C:\Windows\A5W.INI
2019-04-06 11:48 - 2015-11-22 12:07 - 000000173 _____ C:\Windows\SOFTPEG.INI
2019-04-06 11:48 - 2015-11-12 17:55 - 000037171 _____ C:\Windows\Run32A50.mch
2019-04-05 19:25 - 2009-07-14 07:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2019-04-05 14:40 - 2009-07-14 06:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-04-05 14:34 - 2015-10-23 06:48 - 000000000 ____D C:\temp
2019-04-05 11:23 - 2017-10-13 13:56 - 005013504 _____ C:\Users\KNR\hkcubackup.hiv
2019-04-05 11:23 - 2015-10-16 08:26 - 000000000 ____D C:\Users\KNR
2019-04-05 11:06 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-05 10:56 - 2015-10-16 16:14 - 001568016 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-11-17 08:17 - 2018-01-09 10:12 - 000000543 _____ () C:\Users\KNR\AppData\Roaming\All CPU MeterV3_Settings.ini
2016-10-31 13:47 - 2018-08-22 13:15 - 000035168 _____ () C:\Users\KNR\AppData\Roaming\SLOVA.WAV
2015-11-19 12:49 - 2018-08-22 13:15 - 000034768 _____ () C:\Users\KNR\AppData\Roaming\TMP.WAV
2015-10-18 19:52 - 2016-01-04 13:28 - 000000470 _____ () C:\Users\KNR\AppData\Roaming\Weather Meter_Settings.ini
2016-08-30 12:41 - 2019-02-11 18:22 - 000007168 _____ () C:\Users\KNR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2015-12-10 13:45
==================== End of FRST.txt ============================

funkymusic
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 402
Registrován: 07 pro 2004 15:16

Re: E-maily odeslané přes TB na Gmail padají do spamu

#7 Příspěvek od funkymusic »

A Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by KNR (02-05-2019 15:52:01)
Running from C:\Users\KNR\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-10-16 06:26:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-825402696-3782770724-1342242442-500 - Administrator - Disabled)
Guest (S-1-5-21-825402696-3782770724-1342242442-501 - Limited - Disabled)
KNR (S-1-5-21-825402696-3782770724-1342242442-1000 - Administrator - Enabled) => C:\Users\KNR

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.0.501 - ABBYY Production LLC)
ABBYY PDF Transformer 3.0 (HKLM\...\{FA300000-0001-6400-0000-074957833700}) (Version: 3.00.502.68015 - ABBYY) Hidden
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.502.68015 - ABBYY)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ashampoo Burning Studio 16 v.16.0.0 (HKLM-x32\...\{91B33C97-A730-69CE-7A4F-4ADF378BB993}_is1) (Version: 16.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 12 v.12.00.10 (HKLM-x32\...\{4209F371-15B6-1CE4-15F7-A7BA46F431E3}_is1) (Version: 12.00.10 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 14 (HKLM-x32\...\{4209F371-DEAB-BE89-2E8A-9643100258DD}_is1) (Version: 14.00.00 - Ashampoo GmbH & Co. KG)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Glary Utilities 5.117 (HKLM-x32\...\Glary Utilities 5) (Version: 5.117.0.142 - Glarysoft Ltd)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel A/V Codecs V2.0 (HKLM-x32\...\CodInstl) (Version: - )
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
K-Lite Mega Codec Pack 11.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP)
Leawo PowerPoint to Video Pro version 2.4.0.62 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: - Leawo Software)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Max Uninstaller version 2.1 (HKLM-x32\...\{C7022C9B-4DE0-4A57-B395-ED3BFDB78D73}_is1) (Version: 2.1 - hxxp://www.maxuninstaller.com/)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
MiVue Manager (HKLM-x32\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.33.30 - Mio Technology Corporation)
Mozilla Firefox 58.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0.2 (x64 en-US)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
Mozilla Thunderbird 60.6.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.6.1 (x86 cs)) (Version: 60.6.1 - Mozilla)
MPC-BE x64 1.3.0.3.3706 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.3.0.3.3706 - MPC-BE Team)
PC Translator verze v14 (HKLM-x32\...\PC Translator_is1) (Version: v14 - )
Pdf2Jpg version 1.2 (HKLM-x32\...\{533D415A-4151-4AC5-858E-4068524C8051}_is1) (Version: 1.2 - Office Necessities inc.)
PerfV350 Uživatelská příručka (HKLM-x32\...\PerfV350 Uživatelská příručka) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8536 - Realtek Semiconductor Corp.)
Registry Repair 5.0.1.101 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.101 - Glarysoft Ltd)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
Ruská - rozložení jako latinka (0.9.1) (HKLM\...\{6109059C-2784-4546-A353-7100A6882DF4}) (Version: 1.0.3.40 - Đonny)
Seznam prohlížeč (HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\Seznam Browser) (Version: 5.1.2 - Seznam.cz a.s.)
Skype verze 8.42 (HKLM-x32\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VdhCoApp 1.0.9 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.10 - ZONER software)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1610.2.7 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-825402696-3782770724-1342242442-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\KNR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.3.gadget\CoreTempReader.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-825402696-3782770724-1342242442-1000_Classes\CLSID\{B04BA01D-9128-EDC0-3A6C-C971F6F944EA}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FineReader12ContextMenu] -> [CC]{55344AC6-630B-430C-B292-C7BE21F90061} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [PDFTransformer3ContextMenu] -> [CC]{2DC8E5F2-C89C-4730-82C9-19120DEE5B0A} => -> No File
ContextMenuHandlers1: [SnagItMainShellExt] -> [CC]{CF74B903-3389-469c-B3B6-0204D204FCBD} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [XXX Groove GFS Context Menu Handler XXX] -> [CC]{6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-01-23] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\KNR\Desktop\Firefox Portable 9.0.1 CZ – zástupce.lnk -> C:\Program Files (x86)\FIREFOX\Firefox Portable 9.0.1 CZ.exe (PortableApps.com)

==================== Loaded Modules (Whitelisted) ==============

2015-10-16 11:14 - 2015-10-16 11:14 - 000006144 _____ () [File not signed] C:\Users\KNR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.3.gadget\CoreTempReader.dll
2015-10-16 11:14 - 2015-10-16 11:14 - 000008704 _____ () [File not signed] C:\Users\KNR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.3.gadget\GetCoreTempInfoNET.dll
2015-10-16 11:14 - 2015-10-16 11:14 - 000007680 _____ () [File not signed] C:\Users\KNR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.3.gadget\SystemInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\easypdfcombine%20toolbar -> easypdfcombine%20toolbar
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\easypdfcombinetoolbar -> easypdfcombinetoolbar
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\mindspark%20toolbars -> mindspark%20toolbars
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\pricechop -> pricechop
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\targetnet -> targetnet
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\targetnet -> hxxp://targetnet
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\targetnet.com -> targetnet.com
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\targetnet.com -> hxxps://targetnet.com
IE restricted site: HKU\S-1-5-21-825402696-3782770724-1342242442-1000\...\webtrendslive -> webtrendslive

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 10:03 - 000000727 ____N C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.langsoft.cz
127.0.0.1 iws.intranet.cz
127.0.0.1 www.pctranslator.cz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-825402696-3782770724-1342242442-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\KNR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.240.163.170 - 62.204.224.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 12.lnk => C:\Windows\pss\Snagit 12.lnk.CommonStartup
MSCONFIG\startupreg: ABBYY Screenshot Reader Bonus => "C:\Program Files (x86)\ABBYY PDF Transformer 3.0\Bonus.ScreenshotReader.exe" -autorun
MSCONFIG\startupreg: Bonus.SSR.FR12 => "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 18\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7B382646-1E5D-4BDE-A865-BC07170810A1}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{6DF73621-D756-49C9-BEC6-3DCD2A7CAAC3}] => (Allow) LPort=8298
FirewallRules: [{3D3042EA-1560-40D8-96F6-22F1090BFEB2}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{7E99FE10-A6FB-4987-8227-588731C5CE67}] => (Allow) C:\Users\KNR\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{95EE80E0-8455-403B-B35D-C6F3FCB72C5C}] => (Allow) C:\Users\KNR\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{FD4D6FB6-38FD-4561-AFE2-FBA1BDCB6E8A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe No File
FirewallRules: [{C572AC79-FA40-4125-91F4-BBFBB1EC2667}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe No File
FirewallRules: [{1CD6C6D5-8D78-4BB2-8750-DBFE7D86A8DF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe No File
FirewallRules: [{52C76692-4451-47B6-B6CD-1AACD1C01A38}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe No File
FirewallRules: [{4BA99206-804C-47DA-BBA1-6C17A6778D8F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe No File
FirewallRules: [{DCA6BCFE-B30C-41AB-AF8D-BC61BE7EBB70}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe No File
FirewallRules: [{2194FEEA-E56E-4E36-8AE9-6D9B43D2F438}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6C2AC8AF-DA03-486A-A780-29D355241174}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4367CFB5-3290-4E6B-8623-8E0D54696138}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{EE81175D-B416-4FA0-BF41-22C0556902B5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{518CB196-1883-49B9-A7B1-245261BB2D49}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69BD7016-6AF8-405E-995C-6E8BD0828DE4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

22-04-2019 20:09:10 OB1
22-04-2019 20:11:03 OS2
22-04-2019 20:16:22 bod3

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/10/2019 09:14:37 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\servicing\TrustedInstaller.exe; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (04/10/2019 09:10:24 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x80070422).

Error: (04/06/2019 04:18:33 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\servicing\TrustedInstaller.exe; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (04/06/2019 04:18:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x80070422).

Error: (04/06/2019 11:57:09 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\servicing\TrustedInstaller.exe; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (04/06/2019 11:57:06 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\servicing\TrustedInstaller.exe; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (04/06/2019 11:57:04 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\servicing\TrustedInstaller.exe; Popis = Instalační služba modulů systému Windows; Chyba = 0x80070422).

Error: (04/06/2019 11:57:04 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x80070422).


System errors:
=============
Error: (05/02/2019 03:49:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
TsDefenseBt

Error: (05/01/2019 10:04:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
TsDefenseBt

Error: (05/01/2019 10:03:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (05/01/2019 09:28:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
TsDefenseBt

Error: (04/29/2019 05:18:58 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (04/29/2019 05:00:41 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (04/29/2019 04:33:44 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (04/29/2019 04:28:42 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10


CodeIntegrity:
===================================

Date: 2018-03-25 15:58:49.966
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-25 15:58:49.919
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-25 10:23:15.778
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-25 10:23:15.732
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-25 05:58:47.012
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-25 05:58:46.950
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-24 15:52:50.044
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-24 15:52:49.981
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1002 12/12/2011
Motherboard: ASUSTeK COMPUTER INC. F1A55-M LX
Processor: AMD A4-3400 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 68%
Total physical RAM: 4075.5 MB
Available physical RAM: 1291.99 MB
Total Virtual: 8149.15 MB
Available Virtual: 5454.55 MB

==================== Drives ================================

Drive c: (system) (Fixed) (Total:223.37 GB) (Free:107.2 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:223.57 GB) (Free:102.2 GB) NTFS
Drive f: () (Removable) (Total:7.48 GB) (Free:7.48 GB) FAT32

\\?\Volume{26164b99-131f-11e9-ab11-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: B19980DC)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 500A0DFF)
No partition Table on disk 2.

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: E-maily odeslané přes TB na Gmail padají do spamu

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers1: [FineReader12ContextMenu] -> [CC]{55344AC6-630B-430C-B292-C7BE21F90061} => -> No File
ContextMenuHandlers1: [PDFTransformer3ContextMenu] -> [CC]{2DC8E5F2-C89C-4730-82C9-19120DEE5B0A} => -> No File
ContextMenuHandlers1: [SnagItMainShellExt] -> [CC]{CF74B903-3389-469c-B3B6-0204D204FCBD} => -> No File
ContextMenuHandlers1: [XXX Groove GFS Context Menu Handler XXX] -> [CC]{6C467336-8281-4E60-8204-430CED96822D} => -> No File
FirewallRules: [{FD4D6FB6-38FD-4561-AFE2-FBA1BDCB6E8A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe No File
FirewallRules: [{C572AC79-FA40-4125-91F4-BBFBB1EC2667}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe No File
FirewallRules: [{1CD6C6D5-8D78-4BB2-8750-DBFE7D86A8DF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe No File
FirewallRules: [{52C76692-4451-47B6-B6CD-1AACD1C01A38}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe No File
FirewallRules: [{4BA99206-804C-47DA-BBA1-6C17A6778D8F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe No File
FirewallRules: [{DCA6BCFE-B30C-41AB-AF8D-BC61BE7EBB70}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {657B2C15-CE1A-4519-A15F-F5D4A4CF4BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-16] (Google Inc -> Google Inc.)
Task: {D83EFD96-0E14-4FFF-8A1E-5BF29D14D6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-16] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (电脑管家上网防护) - C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-03-09]
U3 DfSdkS; no ImagePath
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMUdisk64.sys [X]
S1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\softaal64.sys [X]
S1 SRepairDrv; \??\C:\Windows\GJFix\SRepairDrv [X]
S1 TsDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [X]
S3 TSSKX64; System32\drivers\tsskx64.sys [X]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\KNR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

funkymusic
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 402
Registrován: 07 pro 2004 15:16

Re: E-maily odeslané přes TB na Gmail padají do spamu

#9 Příspěvek od funkymusic »

Zde fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by KNR (02-05-2019 16:44:20) Run:1
Running from C:\Users\KNR\Desktop
Loaded Profiles: KNR (Available Profiles: KNR)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [FineReader12ContextMenu] -> [CC]{55344AC6-630B-430C-B292-C7BE21F90061} => -> No File
ContextMenuHandlers1: [PDFTransformer3ContextMenu] -> [CC]{2DC8E5F2-C89C-4730-82C9-19120DEE5B0A} => -> No File
ContextMenuHandlers1: [SnagItMainShellExt] -> [CC]{CF74B903-3389-469c-B3B6-0204D204FCBD} => -> No File
ContextMenuHandlers1: [XXX Groove GFS Context Menu Handler XXX] -> [CC]{6C467336-8281-4E60-8204-430CED96822D} => -> No File
FirewallRules: [{FD4D6FB6-38FD-4561-AFE2-FBA1BDCB6E8A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe No File
FirewallRules: [{C572AC79-FA40-4125-91F4-BBFBB1EC2667}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe No File
FirewallRules: [{1CD6C6D5-8D78-4BB2-8750-DBFE7D86A8DF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe No File
FirewallRules: [{52C76692-4451-47B6-B6CD-1AACD1C01A38}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe No File
FirewallRules: [{4BA99206-804C-47DA-BBA1-6C17A6778D8F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe No File
FirewallRules: [{DCA6BCFE-B30C-41AB-AF8D-BC61BE7EBB70}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {657B2C15-CE1A-4519-A15F-F5D4A4CF4BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-16] (Google Inc -> Google Inc.)
Task: {D83EFD96-0E14-4FFF-8A1E-5BF29D14D6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-16] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (????????) - C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-03-09]
U3 DfSdkS; no ImagePath
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QMUdisk64.sys [X]
S1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\softaal64.sys [X]
S1 SRepairDrv; \??\C:\Windows\GJFix\SRepairDrv [X]
S1 TsDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsDefenseBT64.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [X]
S3 TSSKX64; System32\drivers\tsskx64.sys [X]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\KNR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\FineReader12ContextMenu => removed successfully
HKLM\Software\Classes\CLSID\[CC]{55344AC6-630B-430C-B292-C7BE21F90061} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFTransformer3ContextMenu => removed successfully
HKLM\Software\Classes\CLSID\[CC]{2DC8E5F2-C89C-4730-82C9-19120DEE5B0A} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SnagItMainShellExt => removed successfully
HKLM\Software\Classes\CLSID\[CC]{CF74B903-3389-469c-B3B6-0204D204FCBD} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => removed successfully
HKLM\Software\Classes\CLSID\[CC]{6C467336-8281-4E60-8204-430CED96822D} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD4D6FB6-38FD-4561-AFE2-FBA1BDCB6E8A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C572AC79-FA40-4125-91F4-BBFBB1EC2667}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1CD6C6D5-8D78-4BB2-8750-DBFE7D86A8DF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52C76692-4451-47B6-B6CD-1AACD1C01A38}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BA99206-804C-47DA-BBA1-6C17A6778D8F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DCA6BCFE-B30C-41AB-AF8D-BC61BE7EBB70}" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{657B2C15-CE1A-4519-A15F-F5D4A4CF4BA9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{657B2C15-CE1A-4519-A15F-F5D4A4CF4BA9}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D83EFD96-0E14-4FFF-8A1E-5BF29D14D6E7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D83EFD96-0E14-4FFF-8A1E-5BF29D14D6E7}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
CHR Extension: (????????) - C:\Users\KNR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-03-09] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\DfSdkS => removed successfully
DfSdkS => service removed successfully
HKLM\System\CurrentControlSet\Services\esgiguard => removed successfully
esgiguard => service removed successfully
HKLM\System\CurrentControlSet\Services\QMUdisk => removed successfully
QMUdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\softaal => removed successfully
softaal => service removed successfully
HKLM\System\CurrentControlSet\Services\SRepairDrv => removed successfully
SRepairDrv => service removed successfully
HKLM\System\CurrentControlSet\Services\TsDefenseBt => removed successfully
TsDefenseBt => service removed successfully
HKLM\System\CurrentControlSet\Services\tsnethlpx64 => removed successfully
tsnethlpx64 => service removed successfully
HKLM\System\CurrentControlSet\Services\TSSKX64 => removed successfully
TSSKX64 => service removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\KNR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15525668 B
Java, Flash, Steam htmlcache => 1827 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 7168 B
Firefox => 17139406 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 66356 B
LocalService => 128 B
NetworkService => 0 B
KNR => 242593428 B

RecycleBin => 544 B
EmptyTemp: => 270.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:44:41 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: E-maily odeslané přes TB na Gmail padají do spamu

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

funkymusic
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 402
Registrován: 07 pro 2004 15:16

Re: E-maily odeslané přes TB na Gmail padají do spamu

#11 Příspěvek od funkymusic »

Díky. Bohužel, zatím stále nic. Na některé gmailové adresy odejdou a skočí do spamu (moje firemní, která jede na gsuite) a některé se na gmail vůbec nedoručí, viz report:

This is the mail system at host backmx.iol.cz.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The mail system

<adam.zakravsky<zavinac>gmail.com>: host alt1.gmail-smtp-in.l.google.com[74.125.205.27]
said: 421-4.7.0 This message does not have authentication information or
fails to pass 421-4.7.0 authentication checks. To best protect our users
from spam, the 421-4.7.0 message has been blocked. Please visit 421-4.7.0
https://support.google.com/mail/answer/ ... entication for more 421
4.7.0 information. q13si26334691lfh.48 - gsmtp (in reply to end of DATA
command)


Reporting-MTA: dns; backmx.iol.cz
X-Postfix-Queue-ID: 7063855A61
X-Postfix-Sender: rfc822; dawidek<zavinac>volny.cz
Arrival-Date: Mon, 29 Apr 2019 16:32:00 +0200 (CEST)

Final-Recipient: rfc822; adam.zakravsky<zavinac>gmail.com
Original-Recipient: rfc822;adam.zakravsky<zavinac>gmail.com
Action: failed
Status: 4.7.0
Remote-MTA: dns; alt1.gmail-smtp-in.l.google.com
Diagnostic-Code: smtp; 421-4.7.0 This message does not have authentication
information or fails to pass 421-4.7.0 authentication checks. To best
protect our users from spam, the 421-4.7.0 message has been blocked. Please
visit 421-4.7.0
https://support.google.com/mail/answer/ ... entication for more 421
4.7.0 information. q13si26334691lfh.48 - gsmtp
Naposledy upravil(a) altrok dne 05 kvě 2019 19:36, celkem upraveno 1 x.
Důvod: nahrazen znak zavinace

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: E-maily odeslané přes TB na Gmail padají do spamu

#12 Příspěvek od Rudy »

Pokud to není nastavením spamového filtru schránky, udělejte ještě kompletní sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde. Restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

funkymusic
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 402
Registrován: 07 pro 2004 15:16

Re: E-maily odeslané přes TB na Gmail padají do spamu

#13 Příspěvek od funkymusic »

Bohužel bez výsledku. Nastavením spam filtru cílové e-mailové schránky to není, některé maily se vracejí jako nedoručitelné, zatímco při odeslání přes webové prostředí vše funguje jak má...

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: E-maily odeslané přes TB na Gmail padají do spamu

#14 Příspěvek od Rudy »

Pak nevím, čím to může být, ale malwarem to není. Poslední pokus je přeinstalovat mailového klienta.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

caRrrnifex.
Přítel fóra
Přítel fóra
Příspěvky: 236
Registrován: 31 črc 2008 20:21

Re: E-maily odeslané přes TB na Gmail padají do spamu

#15 Příspěvek od caRrrnifex. »

<<< omluva za vstup >>>

zdravím :)

v Thundebirdu přejděte do nastavení poštovního účtu --> Server odchozí pošty (SMTP) --> pomocí tl. Přidat... nakonfigurujte nový odchozí server (SMTP):

Název serveru: smtp.volny.cz
Adresa serveru: smtp.volny.cz
Port: 465

Zabezpečení spojení: TLS/SSL
Způsob autentizace: Heslo, zabezpečený přenos
Jméno uživatele: dawidek<zavináč>volny.cz

--> tl OK --> nakonec pomocí tl. Nastavit jako výchozí nastavte nově vytvořený SMTP server jako výchozí --> zavřete konfiguraci účtu a zkuste odeslat mail

podařilo se? :)

pozn. upravte v předchozích odpovědích tvary mailových adres, zvyšujete riziko budoucího spamu

Odpovědět