Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

notebook se seká,nereaguje

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
DaytonC
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 08 lis 2014 17:07

notebook se seká,nereaguje

#1 Příspěvek od DaytonC »

Zdravím...
prosím o pomoc,...notebook se mi seká nereaguje často v záhlaví okna vypisuje v závorce text neodpovídá...
co jsem již zkoušel
krystaldisk ...nejde o vadu HW disk je dobrý
avast virový test...bez nálezu
Adwarecleaner... taky bez nálezu
zde jsou logy FRST a Additional...sám si netroufám dát něco do fixlistu ...nevím co by se stalo kdybych smazal něco omylem.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2020
Ran by Roman (administrator) on ROMAN-PC (LENOVO IdeaPad Z580) (29-04-2020 17:49:56)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\YOUCAM\YCMMirage.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation - Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\ENERGY MANAGEMENT\Energy Management.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\ENERGY MANAGEMENT\utility.exe
(LENOVO) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
(Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sunplus Innovation Technology Inc. -> ) [File not signed] C:\Program Files (x86)\LENOVO EASYCAMERA\Monitor.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [408872 2011-11-10] (Synaptics Incorporated -> Synaptics)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1096480 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [UpdatePRCShortCut1] => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM\...\Run: [HotKeysCmds1] => C:\Windows\system32\hkcmd.exe [411056 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [Persistence1] => C:\Windows\system32\igfxpers.exe [453552 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [IgfxTray1] => C:\Windows\system32\igfxtray.exe [183216 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [RtHDVBg_Dolby1] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2011-11-10] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-08] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-08] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [343040 2012-02-04] (Lenovo) [File not signed]
HKLM-x32\...\Run: [CAPOSD] => C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe [1876992 2012-02-09] (LENOVO) [File not signed]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink -> CyberLink Corp.) [File not signed]
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [Lenovo EasyCamera_Monitor] => C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [258936 2012-02-06] (Sunplus Innovation Technology Inc. -> ) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Policies\...\system: [disablecmd] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-24] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.1.3901.162\Installer\chrmstp.exe [2020-04-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [AutorunsDisabled] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll [2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
BootExecute: autocheck autochk * 耀��vøᤠ �ᰀ‘�钘š�
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A9A16C4-C566-48ED-97FD-4A7B797528E8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {0CE30B04-CACF-4987-97D1-E4322176C267} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
Task: {2F7BDA6C-8167-4BB3-97A0-9B43E62B32EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {31069FF3-3825-4C94-AAA7-A07D93D792E7} - System32\Tasks\{1B833707-741D-47B8-BDDE-2010BF9BE397} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{200F62A0-CB7C-4F57-8E79-45D92E901DA2}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {39964426-A2DF-44CF-8184-89767D3BBC60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-18] (Adobe Inc. -> Adobe)
Task: {63FE8DE6-D57B-4F18-BBD6-0EBE9B81E23F} - System32\Tasks\{C333A024-D2D3-4785-8F1C-D8AC05B107D2} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {7E1DA85E-C581-4F88-AA30-3FC5FC9A7741} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7F2A7E0D-91B2-4667-98AD-18113A65EDE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-12] (Google LLC -> Google LLC)
Task: {83B36471-B189-46DF-AB93-63F2116CD160} - System32\Tasks\{A10DAF0C-F2C5-442E-877E-929B1EA0310D} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\setup.exe
Task: {8E5F37E3-0D59-42A1-92E9-A21D1F2957EA} - System32\Tasks\{D4A3B536-CA7B-457E-86A4-7949292469A1} => C:\Users\Roman\Documents\emulate\I4A.EXE [1800 2018-09-01] () [File not signed]
Task: {92ACC8E5-EE82-4BEB-8C78-30EE840903AF} - System32\Tasks\{3C565B93-7FFE-47C3-9DD4-A81596C1A0C0} => C:\Windows\system32\pcalua.exe -a C:\MeProgramy\DAEMONtools\daemon4304-lite.exe -d C:\MeProgramy\DAEMONtools
Task: {93D90012-EFC7-4797-A971-90D0E4893095} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A185EBF2-F87B-4F1B-9BFA-6EC6765CBF21} - System32\Tasks\{AF78792E-48B4-44DF-91D9-B26A64689DEF} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\_main.exe
Task: {A381A7FE-0A8C-4D43-BB73-375123DE99FC} - System32\Tasks\{DAC154C7-6423-4668-BE03-E04215A3C3C8} => C:\Users\Roman\Documents\emulate\I4A.EXE [1800 2018-09-01] () [File not signed]
Task: {AD266255-85DB-4506-BAC4-03E5D0EE5FDC} - System32\Tasks\{3C9F6374-6E28-40DE-B178-39D446460088} => C:\Windows\system32\pcalua.exe -a C:\MeProgramy\JTAG\urjtag-0.10.exe -d C:\MeProgramy\JTAG
Task: {AF3DC2E1-4C62-4A7E-A8AE-FE4D6539D662} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-12] (Google LLC -> Google LLC)
Task: {B75D31B9-CA73-40A5-A6ED-839C179DD280} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
Task: {B9D35FB0-4608-415F-9CEF-2C59A974B1C8} - System32\Tasks\{0F731421-C889-4536-A6DC-90BED2CB20EE} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {D87CC72E-1C8A-45F1-82A7-464AD0B6FBDB} - System32\Tasks\{CBEF9D86-18ED-4D17-84B9-D0706EBF61DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Roman\Downloads\sa2520_02_pal_eng.exe -d C:\Users\Roman\Downloads
Task: {DEDB057F-4D59-4F15-A2DC-27F71A1ACD8D} - System32\Tasks\{DBA6A7E7-AD58-4BAC-B458-D2AD7CF64774} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {E3A5ECC8-322C-4AA9-9C51-85DF8D6309C9} - System32\Tasks\{BB0EDB1E-5B0C-4326-B64D-122D7A4ACEA2} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\_main.exe
Task: {EB058A3C-BC05-433E-B298-B48788895A33} - System32\Tasks\{7E97F875-7619-4918-AAB1-B8AE23BC214B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Lenovo\Boot Optimizer\DeleteUninstall.exe" -d "C:\Program Files (x86)\Lenovo\Boot Optimizer"
Task: {F2354A8C-C4D1-42F6-9BD8-C240B5135159} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F363389C-DA12-4806-ACB1-DCDAC8C76A2D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-18] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1F004AE9-736A-4A9E-A206-DE238301C1BF}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DD39D036-017D-4A2E-B4A8-4BC12D6F774B}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.centrum.cz/
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... OH_csCZ565
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... OH_csCZ565
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]

FireFox:
========
FF DefaultProfile: v2gkibd2.default-1476296225807-1525766073953
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 [2020-04-29]
FF Homepage: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> about:home
FF NewTab: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> hxxps://sledujufilmy.cz; hxxps://www.planetlagu.online; hxxps://badoo.com; hxxps://tinder.com; hxxps://forums.anandtech.com; hxxps://www.lide.cz
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
FF Extension: (No Name) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-18] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-18] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-06-21] (Nitro PDF Software -> )
FF Plugin HKU\S-1-5-21-683440959-2606681586-737459993-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default [2020-04-29]
CHR Notifications: Default -> hxxps://badoo.com
CHR StartupUrls: Default -> "hxxps://mail.centrum.cz/?restart=2","hxxps://www.youtube.com/","hxxps://aukro.cz/pri ... ebook.com/"
CHR Extension: (Prezentace) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-26]
CHR Extension: (Dokumenty) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-26]
CHR Extension: (Disk Google) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-26]
CHR Extension: (YouTube) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-26]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-04-26]
CHR Extension: (Tabulky) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-26]
CHR Extension: (Gmail) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.1.3901.162\elevation_service.exe [973760 2020-04-02] (Avast Software s.r.o. -> AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] (Intel Corporation -> )
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] (Intel Corporation - Mobile Wireless Group -> )
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-06-21] (Nitro PDF Software -> Nitro PDF Software)
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [69640 2012-06-21] (Nitro PDF Software -> Nalpeiron Ltd.)
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-24] (Lenovo (Beijing) Limited -> Lenovo)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel Corporation - Mobile Wireless Group -> Intel® Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] (ChengDu AoMei Tech Co., Ltd -> ) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [500960 2020-04-20] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459408 2020-04-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31088 2011-01-29] (CyberLink -> CyberLink Corporation)
S3 CyFwLoad; C:\Windows\System32\Drivers\usb2demon.sys [55600 2011-01-26] (Macraigor Systems LLC -> Cypress Semiconductor)
S3 CYUSB; C:\Windows\System32\Drivers\usb2demon.sys [55600 2011-01-26] (Macraigor Systems LLC -> Cypress Semiconductor)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [95168 2016-03-16] (Future Technology Devices International Ltd -> FTDI Ltd.)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2016-07-31] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2015-04-17] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
S3 jlink; C:\Windows\System32\DRIVERS\jlinkx64.sys [45200 2017-03-10] (SEGGER Microcontroller GmbH & Co. KG -> SEGGER Microcontroller GmbH & Co. KG)
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-24] (Lenovo (Beijing) Limited -> Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-22] (Lenovo (Beijing) Limited -> Lenovo Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
S4 portio; C:\Windows\System32\DRIVERS\WP800IO.sys [8664 2007-09-05] (TestCertforWDK -> WinPic800) [File not signed]
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2002-10-16] () [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-03-27] () [File not signed]
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo LTD -> Jungo)
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-29 17:49 - 2020-04-29 17:56 - 000035273 _____ C:\Users\Roman\Desktop\FRST.txt
2020-04-29 17:47 - 2020-04-29 17:47 - 000000179 _____ C:\Users\Roman\Desktop\Fixlog.txt
2020-04-29 17:37 - 2020-04-29 17:42 - 002283008 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2020-04-26 16:13 - 2020-04-26 16:13 - 000000000 ____D C:\8a84e995d3007edc059bb8
2020-04-26 15:57 - 2019-02-21 06:10 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-26 15:57 - 2019-02-21 06:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-26 15:57 - 2019-02-21 06:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-04-26 15:57 - 2019-02-21 06:08 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:59 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-04-26 15:57 - 2019-02-21 05:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2020-04-26 15:57 - 2019-02-21 05:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-04-26 15:57 - 2019-02-21 05:56 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-04-26 15:57 - 2019-02-21 05:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-04-26 15:57 - 2019-02-21 05:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-04-26 15:57 - 2019-02-21 05:41 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-04-26 15:57 - 2019-02-21 05:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-04-26 15:57 - 2019-02-21 05:39 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-04-26 15:57 - 2019-02-21 05:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-04-26 15:57 - 2019-02-21 05:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-04-26 15:57 - 2019-02-21 05:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2020-04-26 15:57 - 2019-02-21 05:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-26 15:57 - 2019-02-21 05:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-04-26 15:57 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2020-04-26 15:57 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2020-04-26 15:57 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2020-04-26 15:57 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2020-04-26 15:57 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2020-04-26 15:57 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2020-04-26 15:57 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2020-04-26 15:57 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2020-04-26 15:57 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2020-04-26 15:57 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2020-04-26 15:57 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2020-04-26 15:57 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-04-26 15:57 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-04-26 15:57 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-04-26 15:57 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2020-04-26 15:56 - 2019-02-21 06:12 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-04-26 15:56 - 2019-02-21 06:10 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-26 15:56 - 2019-02-21 06:09 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-04-26 15:56 - 2019-02-21 06:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-04-26 15:56 - 2019-02-21 06:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-04-26 15:56 - 2019-02-21 06:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-04-26 15:56 - 2019-02-21 05:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2020-04-26 15:56 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2020-04-26 15:56 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-04-26 15:56 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2020-04-26 15:56 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2020-04-26 15:56 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2020-04-26 15:56 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-04-26 15:56 - 2018-11-18 04:56 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-04-26 15:56 - 2018-11-18 04:44 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-26 15:56 - 2018-11-18 04:43 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-04-26 09:26 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-04-19 06:22 - 2020-04-19 06:22 - 022267336 _____ (Piriform Software Ltd) C:\Users\Roman\Downloads\ccsetup565.exe
2020-04-06 18:37 - 2020-04-06 18:37 - 008196784 _____ (Malwarebytes) C:\Users\Roman\Downloads\adwcleaner_8.0.4.exe
2020-04-05 09:34 - 2020-04-28 21:54 - 000003292 _____ C:\Windows\system32\Tasks\{1B833707-741D-47B8-BDDE-2010BF9BE397}
2020-04-05 09:26 - 2020-04-05 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Philips Digital Audio Player
2020-04-05 09:23 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{AF78792E-48B4-44DF-91D9-B26A64689DEF}
2020-04-05 09:17 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{BB0EDB1E-5B0C-4326-B64D-122D7A4ACEA2}
2020-04-05 09:17 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{A10DAF0C-F2C5-442E-877E-929B1EA0310D}
2020-04-05 09:06 - 2020-04-05 09:06 - 000000000 ____D C:\Users\Roman\AppData\Roaming\CoSoSys
2020-04-05 08:57 - 2020-04-05 08:57 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-04-05 08:56 - 2020-04-05 08:56 - 000000000 ____D C:\Program Files\EaseUS
2020-04-04 17:54 - 2020-04-20 16:53 - 000500960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000337048 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-04-04 17:54 - 2020-04-04 17:54 - 000235696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000175920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-29 17:55 - 2018-04-22 09:06 - 000000000 ____D C:\FRST
2020-04-29 17:18 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-29 17:18 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-29 17:16 - 2017-03-01 19:39 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-04-29 17:00 - 2014-03-29 23:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-29 17:00 - 2012-08-08 09:52 - 000539831 _____ C:\Windows\system32\fastboot.set
2020-04-29 16:59 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-28 22:11 - 2012-08-08 09:29 - 001560204 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-04-28 22:11 - 2012-08-08 08:43 - 000669116 _____ C:\Windows\system32\perfh005.dat
2020-04-28 22:11 - 2012-08-08 08:43 - 000141744 _____ C:\Windows\system32\perfc005.dat
2020-04-28 22:11 - 2009-07-14 07:13 - 001560204 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-28 22:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-28 21:54 - 2020-03-07 12:31 - 000003142 _____ C:\Windows\system32\Tasks\{CBEF9D86-18ED-4D17-84B9-D0706EBF61DE}
2020-04-28 21:54 - 2020-03-01 16:34 - 000003142 _____ C:\Windows\system32\Tasks\{3C565B93-7FFE-47C3-9DD4-A81596C1A0C0}
2020-04-28 21:54 - 2020-01-12 17:51 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-28 21:54 - 2020-01-12 17:51 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-28 21:54 - 2019-04-13 19:06 - 000003106 _____ C:\Windows\system32\Tasks\{3C9F6374-6E28-40DE-B178-39D446460088}
2020-04-28 21:54 - 2018-09-01 18:35 - 000002946 _____ C:\Windows\system32\Tasks\{DAC154C7-6423-4668-BE03-E04215A3C3C8}
2020-04-28 21:54 - 2018-09-01 18:35 - 000002946 _____ C:\Windows\system32\Tasks\{D4A3B536-CA7B-457E-86A4-7949292469A1}
2020-04-28 21:54 - 2018-08-16 11:39 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-28 21:54 - 2018-08-16 11:39 - 000002790 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{DBA6A7E7-AD58-4BAC-B458-D2AD7CF64774}
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{C333A024-D2D3-4785-8F1C-D8AC05B107D2}
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{0F731421-C889-4536-A6DC-90BED2CB20EE}
2020-04-28 21:54 - 2018-03-17 18:55 - 000004528 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-28 21:54 - 2015-12-03 22:39 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-27 22:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2020-04-26 18:59 - 2013-12-10 19:00 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-04-26 18:59 - 2013-12-10 19:00 - 000000000 ____D C:\Windows\system32\MRT
2020-04-26 16:23 - 2013-12-07 06:18 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-04-26 16:23 - 2013-12-07 06:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2020-04-26 16:13 - 2013-12-07 06:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-04-26 15:38 - 2013-12-06 21:23 - 000000000 ____D C:\MeProgramy
2020-04-26 09:12 - 2018-04-20 21:20 - 000000000 ____D C:\zoek_backup
2020-04-26 08:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-04-25 10:14 - 2012-08-08 09:03 - 000000000 ____D C:\Windows\softwaredistribution.bak
2020-04-24 20:39 - 2013-12-06 21:09 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-24 17:28 - 2020-01-12 17:53 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-24 17:28 - 2020-01-12 17:53 - 000002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-24 17:28 - 2020-01-12 17:53 - 000002194 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-19 06:28 - 2014-05-02 18:27 - 000000000 ____D C:\Windows\Minidump
2020-04-19 06:25 - 2018-08-16 11:38 - 000000793 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-19 06:25 - 2018-08-16 11:38 - 000000793 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-04-18 16:06 - 2018-12-23 20:25 - 000000000 ____D C:\Users\Roman\AppData\Local\ElevatedDiagnostics
2020-04-18 08:52 - 2013-12-06 22:36 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-04-18 08:52 - 2013-12-06 22:36 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-04-18 08:52 - 2013-12-06 22:36 - 000004398 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-18 08:52 - 2013-12-06 22:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-04-18 08:52 - 2013-12-06 22:35 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2020-04-18 08:52 - 2012-08-08 09:43 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-16 20:04 - 2018-04-05 19:15 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-04-16 20:04 - 2018-04-05 19:15 - 000002397 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-04-16 20:04 - 2018-04-05 19:15 - 000002397 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-04-16 19:28 - 2013-12-06 21:12 - 000459408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-04-05 09:36 - 2018-05-08 09:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-05 09:35 - 2012-08-08 09:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-05 09:34 - 2020-03-07 12:25 - 000000000 ____D C:\Philips
2020-04-04 17:54 - 2018-10-14 17:55 - 000042984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000317280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000109480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000085056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-04-04 17:53 - 2019-01-14 17:55 - 000234776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000178968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000060696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000037856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-04-04 17:53 - 2017-11-09 19:31 - 000206120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-04-04 17:53 - 2013-12-06 21:12 - 000851808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories ========

2019-07-21 10:55 - 2019-07-21 10:55 - 000003584 _____ () C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-08 19:38 - 2014-05-05 00:47 - 000007597 _____ () C:\Users\Roman\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-04-27 22:38
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2020
Ran by Roman (29-04-2020 18:00:12)
Running from C:\Users\Roman\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-06 18:28:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-683440959-2606681586-737459993-500 - Administrator - Disabled)
Guest (S-1-5-21-683440959-2606681586-737459993-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-683440959-2606681586-737459993-1003 - Limited - Enabled)
Roman (S-1-5-21-683440959-2606681586-737459993-1001 - Administrator - Enabled) => C:\Users\Roman

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{36381D51-CC5E-4698-A0CC-E939C75EC9D8}) (Version: 1.5 - Eyeo GmbH)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
AOMEI Partition Assistant Standard Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ASIX UP v.3-30 (HKLM-x32\...\ASIX UP_is1) (Version: - ASIX s.r.o.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.1.3901.162 - Autoři prohlížeče Avast Secure Browser)
AVR Jungo USB (HKLM-x32\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 10.4 - Atmel)
AVR QTouch Studio (HKLM-x32\...\{7BE9E558-BE53-4939-9565-A0BEA2F839D0}) (Version: 4.4.1 - Atmel)
AVR Studio 5.1 (HKLM-x32\...\{D574D18C-9D52-4B4B-9647-AE6B89FD3F70}) (Version: 5.1.208 - Atmel)
Balíček ovladače systému Windows - KEIL - Tools By ARM (WinUSB) USB (08/29/2013 1.0.0.3) (HKLM\...\C96E78AFEDFD4529DF572369E6FD81679F49E548) (Version: 08/29/2013 1.0.0.3 - KEIL - Tools By ARM)
Balíček ovladače systému Windows - KEIL - Tools By ARM USBDevice (12/12/2017 1.0.1.0) (HKLM\...\54D3313C65675EDD5FC15BEE546C5E6E20229BE8) (Version: 12/12/2017 1.0.1.0 - KEIL - Tools By ARM)
Balíček ovladače systému Windows - Segger (jlink) USB (01/26/2017 2.70.08.0) (HKLM\...\D12F44630DF6CA437A5B43B0F1A4C5A54E130B0D) (Version: 01/26/2017 2.70.08.0 - Segger)
Balíček ovladače systému Windows - Segger (jlink) USB (07/28/2014 2.6.8.1) (HKLM\...\468237BA12C6D9DD0125166A16609C632EE9CF1C) (Version: 07/28/2014 2.6.8.1 - Segger)
Balíček ovladače systému Windows - SEGGER (JLinkCDC_x64) Ports (08/28/2014 6.0.2601.5) (HKLM\...\ED80E3D3A350D18BFD3D3D8DAED8E2B19105763A) (Version: 08/28/2014 6.0.2601.5 - SEGGER)
Borland C++Builder 6 (HKLM-x32\...\{2864C41B-EF2D-4640-95A2-526276524519}) (Version: 6.0 - Borland Software Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
EAGLE 5.11.0 (HKLM-x32\...\EAGLE 5.11.0) (Version: 5.11.0 - CadSoft Computer GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
J-Link V4.94i (HKLM-x32\...\J-Link V4.94i) (Version: V4.94i - SEGGER Microcontroller Systeme GmbH)
Keil µVision4 (HKLM-x32\...\Keil µVision4) (Version: 5.27.1.0 - ARM Ltd)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
mikroC (remove only) (HKLM-x32\...\mikroC) (Version: - )
mikroC PRO for ARM (remove only) (HKLM-x32\...\mikroC PRO for ARM) (Version: 6.2.0.0 - mikroElektronika)
mikroPascal (remove only) (HKLM-x32\...\mikroPascal) (Version: - )
mikroPascal for AVR (remove only) (HKLM-x32\...\mikroPascal for AVR) (Version: - )
MPLAB X IDE v4.05 (HKLM-x32\...\MPLAB X IDE v4.05 v4.05) (Version: v4.05 - Microchip)
MPLAB XC16 C Compiler (HKLM-x32\...\MPLAB XC16 C Compiler v1.33) (Version: v1.33 - Microchip)
MPLAB XC32 Compiler (HKLM-x32\...\MPLAB XC32 Compiler v1.44) (Version: v1.44 - Microchip)
MPLAB XC8 C Compiler (HKLM-x32\...\MPLAB XC8 C Compiler v1.44) (Version: v1.44 - Microchip)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA Ovladače grafiky 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
OpenOffice 4.1.4 (HKLM-x32\...\{6CA4F7F3-B909-4292-B791-AAA959155DE0}) (Version: 4.14.9788 - Apache Software Foundation)
Ovládací panel NVIDIA 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 345.20 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PuTTY release 0.70 (HKLM-x32\...\{0B06C05B-0069-4FE8-AC19-AAF6678FD0A8}) (Version: 0.70.0.0 - Simon Tatham)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.48.823.2011 - Realtek)
Red Alert 2 (HKLM-x32\...\Red Alert 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
State of War (HKLM-x32\...\State of War) (Version: - )
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Windows Driver Package - ASIX s.r.o. ASIX Development Tools Driver Package (07/10/2015 2.12.06) (HKLM\...\63179435CD5991EB4724264B890E0ED379471EE7) (Version: 07/10/2015 2.12.06 - ASIX s.r.o.)
Windows Driver Package - ASIX s.r.o. ASIX Development Tools Driver Package (09/28/2016 2.12.24) (HKLM\...\5378E6D0AF40C93BBB4559D6D163139BADD54A56) (Version: 09/28/2016 2.12.24 - ASIX s.r.o.)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [NPShellExtension] -> {D7ECBD0E-B8E3-4a0c-9E84-514298EFA583} => C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll [2012-06-21] (Nitro PDF Software -> )
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [IkeyShlExt] -> {F1E551D1-822B-40e6-B4D8-A9B4A48AA07A} => C:\Windows\system32\SimpleExt.dll [2012-08-08] (Lenovo (Beijing) Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\POWER2GO\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Roman\Desktop\test.lnk -> C:\Program Files (x86)\SEGGER\JLink_V494i\test.bat ()
ShortcutWithArgument: C:\Users\Roman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2011-06-28 08:28 - 2011-06-28 08:28 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll
2012-08-08 09:30 - 2012-05-21 09:24 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2011-11-22 23:00 - 2011-11-22 23:00 - 000498176 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
2011-12-08 18:53 - 2011-12-08 18:53 - 000168448 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2011-12-08 18:55 - 2011-12-08 18:55 - 000283648 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2011-12-08 18:54 - 2011-12-08 18:54 - 003280896 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2011-12-08 18:54 - 2011-12-08 18:54 - 000102400 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2011-12-08 18:56 - 2011-12-08 18:56 - 000093696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2011-12-08 18:55 - 2011-12-08 18:55 - 000052224 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2011-12-08 19:01 - 2011-12-08 19:01 - 000518656 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2011-12-08 19:03 - 2011-12-08 19:03 - 000290304 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\panihvint.dll
2011-12-08 18:59 - 2011-12-08 18:59 - 000978432 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2011-12-08 19:04 - 2011-12-08 19:04 - 000160256 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
2011-12-08 18:52 - 2011-12-08 18:52 - 000020992 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2011-12-08 19:00 - 2011-12-08 19:00 - 002394112 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2013-12-07 11:45 - 2013-12-07 11:45 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
2011-12-08 18:12 - 2011-12-08 18:12 - 001830912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com

There are 4746 more sites.

IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4748 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-10-05 11:01 - 2020-04-26 08:27 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\PROGRA~2\Borland\CBUILD~1\Bin;C:\PROGRA~2\Borland\CBUILD~1\Projects\Bpl;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files\Lenovo\Bluetooth Software;C:\Program Files\Lenovo\Bluetooth Software\syswow64;;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone;C:\Program Files (x86)\PuTTY\
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.Startup
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Intelligent Touchpad => C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
MSCONFIG\startupreg: OnekeyStudio => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6D014DEC-A2C5-4995-8BE3-584F89BED619}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{511220C7-6FE3-469E-9342-7B31C15B43E1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AB3BFA7-F5E8-49DA-BAB0-BF56820DA0C7}] => (Allow) LPort=2869
FirewallRules: [{672D39F5-5497-4838-9C24-0505855D2D82}] => (Allow) LPort=1900
FirewallRules: [{27BDB785-6C1D-459E-BA81-43EC041108D0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B8705A8-1F40-435A-983F-0EB88EAD91FD}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4237FF2-88A1-4282-A51B-64DE1253886F}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation -> Intel Corporation)
FirewallRules: [{435580A1-E9DF-4F55-910A-3CD8305F6DE4}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{A7120233-09C2-4DB3-8BC6-9EAD6211DC4D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{8CD5A8B6-4568-4FBA-B23A-906340B6439C}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{0BC86A65-947E-4630-8691-C8F60948361D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{2534CB2A-36C1-4C04-8C34-015E5FF6FC49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14440D45-10C1-4161-B9BE-B5534F1146E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6D690019-471C-448C-961F-4F6D386478D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F07C5053-29A5-4329-95FC-5A3027463983}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BCB4B38-000C-4037-A2ED-E2F1BF551388}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E30B0B5-CBAD-4357-92E5-D513C7C7576C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C2695A0-8C9B-437F-8E27-29F969AE79F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{010BA73D-0163-4CA0-AEEE-9B1EDF7376A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0D3B6BE-9517-45A4-8D91-9BC3510A9095}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD5C6A9F-A570-410E-89A4-B144B6C2B9C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{642EF558-4E2E-4A81-A3E3-989C1242AB69}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [UDP Query User{4FBAE129-654C-469E-B31D-5F2B1808F654}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [TCP Query User{0872E1DA-B38E-4E70-A3E7-5D1738A0CB69}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [UDP Query User{E0B07BF2-E711-4749-B20B-C3E521B8D32E}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [TCP Query User{418B447E-E4FB-4F5E-AB50-C8B64CB379EE}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [UDP Query User{6BB3BD3B-C72A-49EE-AFC0-30043AA8674D}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [TCP Query User{1A6DC258-F77B-46D4-BDCF-5486D44C1BDE}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{5BF82198-ECA5-4A59-820C-594BB8C6D30A}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{8A079D9E-9E18-4231-9156-3B3257C8FF8D}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{07D8685D-8BC0-47B5-B6E3-9C1DB91FBE19}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{559C282C-3770-4269-9C40-56C5ACB297DB}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{13FB9306-FE1C-4F50-B17F-D4FAAB8A2E73}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{4E6E04D5-F468-41C0-B911-4AD0A709B97C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AD8904D0-85F3-4222-8696-C7523D51EC55}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9D71F414-6F86-4A45-8874-CCB6F3E46163}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2F3A74D1-C766-4D24-9D76-B6C4E9F2A7DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{45B1D901-F80A-4D57-8953-D1C58B65718B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7BFE13B1-9D20-4DBC-B0CC-B6C0881B96DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{85976001-D918-440B-A760-E4985BA38D73}C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe] => (Allow) C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe (SEGGER Microcontroller GmbH & Co. KG -> )
FirewallRules: [UDP Query User{93ADFE7F-E431-4B40-A4E9-FDE6618726F5}C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe] => (Allow) C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe (SEGGER Microcontroller GmbH & Co. KG -> )
FirewallRules: [TCP Query User{849AAAF1-99B0-42E6-8338-B9300E6FF27E}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{CB68EBC7-A034-41C8-BED5-FA8D03025766}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [TCP Query User{E7F9C9F2-F8D9-4615-BF00-8072C7C4FC27}C:\program files (x86)\r.g. mechanics\red alert 2\game.exe] => (Block) C:\program files (x86)\r.g. mechanics\red alert 2\game.exe (Westwood Studios) [File not signed]
FirewallRules: [UDP Query User{76F8009A-1364-49E7-AF7A-9E84922B8D85}C:\program files (x86)\r.g. mechanics\red alert 2\game.exe] => (Block) C:\program files (x86)\r.g. mechanics\red alert 2\game.exe (Westwood Studios) [File not signed]
FirewallRules: [{2AB11DE4-3FC5-45D6-83C2-2660F7AD39DA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06902E9A-BBC3-411E-A344-6E043623B74A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{242342BA-953E-4595-9A12-B66BC44896E2}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{33A63E42-FA83-415A-A273-A1BEB5D9912F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

05-04-2020 09:17:52 Installed GoGear SA3MXX Device Manager
05-04-2020 09:19:40 Instalace balíčku ovladače zařízení: Fuzhou Rockchip
05-04-2020 09:26:12 Installed SA22xx Device Manager
05-04-2020 09:33:57 Removed SA22xx Device Manager
05-04-2020 09:34:56 Removed GoGear SA3MXX Device Manager
05-04-2020 09:46:31 Installed MalvaStyle Disk Repair.
05-04-2020 09:58:11 Removed MalvaStyle Disk Repair.
18-04-2020 05:48:55 Naplánovaný kontrolní bod
25-04-2020 07:23:12 Naplánovaný kontrolní bod
26-04-2020 15:58:48 Windows Update
26-04-2020 16:55:02 Windows Update
26-04-2020 17:21:06 Windows Update
26-04-2020 18:37:59 Windows Update
26-04-2020 20:22:09 Windows Update
28-04-2020 22:03:24 Windows Update
29-04-2020 17:46:05 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/29/2020 05:02:10 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---�).

Error: (04/29/2020 05:01:40 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---WSearch failed with 0, The Code is:0x710.).

Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).


System errors:
=============
Error: (04/29/2020 05:51:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80092004): 2020-01, kum. akt. zab. a kval. pro .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 pro Windows 7 a Server 2008 R2 pro x64 (KB4535102).

Error: (04/29/2020 05:11:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (04/29/2020 05:05:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.

Error: (04/29/2020 05:05:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.

Error: (04/29/2020 05:05:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.

Error: (04/28/2020 10:06:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80092004): 2020-01, kum. akt. zab. a kval. pro .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 pro Windows 7 a Server 2008 R2 pro x64 (KB4535102).

Error: (04/28/2020 05:18:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.

Error: (04/28/2020 05:18:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.


Windows Defender:
===================================
Date: 2015-09-13 08:14:24.894
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{301918C8-B984-43D8-88AE-8C4422055A16}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-03-06 07:50:19.295
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2016-03-06 07:50:18.598
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.213.6009.0
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.11701.0
Předchozí verze modulu:
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2016-03-06 07:50:18.557
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.11701.0
Předchozí verze modulu:
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2014-11-08 04:00:08.978
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2014-11-08 03:53:11.962
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-11-29 17:32:10.765
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-29 17:32:10.671
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-28 18:36:42.123
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-28 18:36:42.030
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-27 07:42:54.231
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-27 07:42:54.137
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-26 17:26:20.853
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-26 17:26:20.759
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: LENOVO 5FCN34WW 06/11/2012
Motherboard: LENOVO Lenovo
Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 93%
Total physical RAM: 3955.32 MB
Available physical RAM: 252.37 MB
Total Virtual: 7908.77 MB
Available Virtual: 2535.95 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:886.32 GB) (Free:504.85 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:20.87 GB) NTFS

\\?\Volume{876e86c6-e126-11e1-b8e6-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C70BA6D4)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15647
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: notebook se seká,nereaguje

#2 Příspěvek od JaRon »

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin HKU\S-1-5-21-683440959-2606681586-737459993-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
AlternateDataStreams: C:\Windows:nlsPreferences [0]
FirewallRules: [{435580A1-E9DF-4F55-910A-3CD8305F6DE4}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{A7120233-09C2-4DB3-8BC6-9EAD6211DC4D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{8CD5A8B6-4568-4FBA-B23A-906340B6439C}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{0BC86A65-947E-4630-8691-C8F60948361D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [TCP Query User{0872E1DA-B38E-4E70-A3E7-5D1738A0CB69}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [UDP Query User{E0B07BF2-E711-4749-B20B-C3E521B8D32E}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)



Hosts:
EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
DaytonC
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 08 lis 2014 17:07

Re: notebook se seká,nereaguje

#3 Příspěvek od DaytonC »

pořád stejný problém + tyhle další navíc:-(((
1.dlooouho se připojuje k wifi síti
2.W7 hlásí že nemůžou nainstalovat aktualizace
3.fixlog je níže hlásí že to všechno smazal ale asi ne úplně...
4.Mozillu Firefox jsem odinstaloval před rokem nevím co ještě dělá v registrech...
5. udělal jsem nový scan(níže pod fixlogem ) ...i u programu FRST se několikrát objevilo "neodpovídá"
6. udělal jsem znovu adwarecleaner test a opět bez nálezu...
nechci zatracovat FRST ale možná by stálo za to zkusit něco jiného...
-------------------------------------------------------------------------------------------------------------------------------------
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-04-2020
Ran by Roman (30-04-2020 17:20:47) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin HKU\S-1-5-21-683440959-2606681586-737459993-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
AlternateDataStreams: C:\Windows:nlsPreferences [0]
FirewallRules: [{435580A1-E9DF-4F55-910A-3CD8305F6DE4}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{A7120233-09C2-4DB3-8BC6-9EAD6211DC4D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{8CD5A8B6-4568-4FBA-B23A-906340B6439C}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{0BC86A65-947E-4630-8691-C8F60948361D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [TCP Query User{0872E1DA-B38E-4E70-A3E7-5D1738A0CB69}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [UDP Query User{E0B07BF2-E711-4749-B20B-C3E521B8D32E}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)



Hosts:
EmptyTemp:
Reboot:
End
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 => removed successfully
"C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll" => not found
HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully
SWDUMon => service removed successfully
C:\Windows => ":nlsPreferences" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{435580A1-E9DF-4F55-910A-3CD8305F6DE4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7120233-09C2-4DB3-8BC6-9EAD6211DC4D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CD5A8B6-4568-4FBA-B23A-906340B6439C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BC86A65-947E-4630-8691-C8F60948361D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0872E1DA-B38E-4E70-A3E7-5D1738A0CB69}C:\program files (x86)\icq7.7\icq.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E0B07BF2-E711-4749-B20B-C3E521B8D32E}C:\program files (x86)\icq7.7\icq.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5869884 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 110253625 B
Edge => 0 B
Chrome => 419809950 B
Firefox => 13902939 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
UpdatusUser => 256 B
Roman => 36670181 B

RecycleBin => 120414 B
EmptyTemp: => 567.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:22:48 ====
----------------------------------------------------------------------------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-04-2020
Ran by Roman (administrator) on ROMAN-PC (LENOVO IdeaPad Z580) (30-04-2020 18:18:56)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\YOUCAM\YCMMirage.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation - Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\ENERGY MANAGEMENT\Energy Management.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\ENERGY MANAGEMENT\utility.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo\Nsd\startup.exe
(LENOVO) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
(Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sunplus Innovation Technology Inc. -> ) [File not signed] C:\Program Files (x86)\LENOVO EASYCAMERA\Monitor.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [408872 2011-11-10] (Synaptics Incorporated -> Synaptics)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1096480 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [UpdatePRCShortCut1] => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM\...\Run: [HotKeysCmds1] => C:\Windows\system32\hkcmd.exe [411056 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [Persistence1] => C:\Windows\system32\igfxpers.exe [453552 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [IgfxTray1] => C:\Windows\system32\igfxtray.exe [183216 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [RtHDVBg_Dolby1] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2011-11-10] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-08] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-08] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [343040 2012-02-04] (Lenovo) [File not signed]
HKLM-x32\...\Run: [CAPOSD] => C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe [1876992 2012-02-09] (LENOVO) [File not signed]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink -> CyberLink Corp.) [File not signed]
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [Lenovo EasyCamera_Monitor] => C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [258936 2012-02-06] (Sunplus Innovation Technology Inc. -> ) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Policies\...\system: [disablecmd] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-24] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.1.3901.162\Installer\chrmstp.exe [2020-04-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [AutorunsDisabled] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll [2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
BootExecute: autocheck autochk * 耀��vøᤠ �ᰀ‘�钘š�
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A9A16C4-C566-48ED-97FD-4A7B797528E8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {0CE30B04-CACF-4987-97D1-E4322176C267} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
Task: {2F7BDA6C-8167-4BB3-97A0-9B43E62B32EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {31069FF3-3825-4C94-AAA7-A07D93D792E7} - System32\Tasks\{1B833707-741D-47B8-BDDE-2010BF9BE397} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{200F62A0-CB7C-4F57-8E79-45D92E901DA2}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {39964426-A2DF-44CF-8184-89767D3BBC60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-18] (Adobe Inc. -> Adobe)
Task: {63FE8DE6-D57B-4F18-BBD6-0EBE9B81E23F} - System32\Tasks\{C333A024-D2D3-4785-8F1C-D8AC05B107D2} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {7E1DA85E-C581-4F88-AA30-3FC5FC9A7741} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7F2A7E0D-91B2-4667-98AD-18113A65EDE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-12] (Google LLC -> Google LLC)
Task: {83B36471-B189-46DF-AB93-63F2116CD160} - System32\Tasks\{A10DAF0C-F2C5-442E-877E-929B1EA0310D} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\setup.exe
Task: {8E5F37E3-0D59-42A1-92E9-A21D1F2957EA} - System32\Tasks\{D4A3B536-CA7B-457E-86A4-7949292469A1} => C:\Users\Roman\Documents\emulate\I4A.EXE [1800 2018-09-01] () [File not signed]
Task: {92ACC8E5-EE82-4BEB-8C78-30EE840903AF} - System32\Tasks\{3C565B93-7FFE-47C3-9DD4-A81596C1A0C0} => C:\Windows\system32\pcalua.exe -a C:\MeProgramy\DAEMONtools\daemon4304-lite.exe -d C:\MeProgramy\DAEMONtools
Task: {93D90012-EFC7-4797-A971-90D0E4893095} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A185EBF2-F87B-4F1B-9BFA-6EC6765CBF21} - System32\Tasks\{AF78792E-48B4-44DF-91D9-B26A64689DEF} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\_main.exe
Task: {A381A7FE-0A8C-4D43-BB73-375123DE99FC} - System32\Tasks\{DAC154C7-6423-4668-BE03-E04215A3C3C8} => C:\Users\Roman\Documents\emulate\I4A.EXE [1800 2018-09-01] () [File not signed]
Task: {AD266255-85DB-4506-BAC4-03E5D0EE5FDC} - System32\Tasks\{3C9F6374-6E28-40DE-B178-39D446460088} => C:\Windows\system32\pcalua.exe -a C:\MeProgramy\JTAG\urjtag-0.10.exe -d C:\MeProgramy\JTAG
Task: {AF3DC2E1-4C62-4A7E-A8AE-FE4D6539D662} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-12] (Google LLC -> Google LLC)
Task: {B75D31B9-CA73-40A5-A6ED-839C179DD280} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
Task: {B9D35FB0-4608-415F-9CEF-2C59A974B1C8} - System32\Tasks\{0F731421-C889-4536-A6DC-90BED2CB20EE} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {D87CC72E-1C8A-45F1-82A7-464AD0B6FBDB} - System32\Tasks\{CBEF9D86-18ED-4D17-84B9-D0706EBF61DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Roman\Downloads\sa2520_02_pal_eng.exe -d C:\Users\Roman\Downloads
Task: {DEDB057F-4D59-4F15-A2DC-27F71A1ACD8D} - System32\Tasks\{DBA6A7E7-AD58-4BAC-B458-D2AD7CF64774} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {E3A5ECC8-322C-4AA9-9C51-85DF8D6309C9} - System32\Tasks\{BB0EDB1E-5B0C-4326-B64D-122D7A4ACEA2} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\_main.exe
Task: {EB058A3C-BC05-433E-B298-B48788895A33} - System32\Tasks\{7E97F875-7619-4918-AAB1-B8AE23BC214B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Lenovo\Boot Optimizer\DeleteUninstall.exe" -d "C:\Program Files (x86)\Lenovo\Boot Optimizer"
Task: {F2354A8C-C4D1-42F6-9BD8-C240B5135159} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F363389C-DA12-4806-ACB1-DCDAC8C76A2D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-18] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1F004AE9-736A-4A9E-A206-DE238301C1BF}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DD39D036-017D-4A2E-B4A8-4BC12D6F774B}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.centrum.cz/
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... OH_csCZ565
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... OH_csCZ565
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]

FireFox:
========
FF DefaultProfile: v2gkibd2.default-1476296225807-1525766073953
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 [2020-04-30]
FF Homepage: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> about:home
FF NewTab: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> hxxps://sledujufilmy.cz; hxxps://www.planetlagu.online; hxxps://badoo.com; hxxps://tinder.com; hxxps://forums.anandtech.com; hxxps://www.lide.cz
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
FF Extension: (No Name) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-18] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-18] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-06-21] (Nitro PDF Software -> )

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default [2020-04-30]
CHR Notifications: Default -> hxxps://badoo.com
CHR StartupUrls: Default -> "hxxps://mail.centrum.cz/?restart=2","hxxps://www.youtube.com/","hxxps://aukro.cz/pri ... ebook.com/"
CHR Extension: (Prezentace) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-26]
CHR Extension: (Dokumenty) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-26]
CHR Extension: (Disk Google) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-26]
CHR Extension: (YouTube) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-26]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-04-26]
CHR Extension: (Tabulky) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-26]
CHR Extension: (Gmail) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.1.3901.162\elevation_service.exe [973760 2020-04-02] (Avast Software s.r.o. -> AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] (Intel Corporation -> )
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] (Intel Corporation - Mobile Wireless Group -> )
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-06-21] (Nitro PDF Software -> Nitro PDF Software)
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [69640 2012-06-21] (Nitro PDF Software -> Nalpeiron Ltd.)
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-24] (Lenovo (Beijing) Limited -> Lenovo)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel Corporation - Mobile Wireless Group -> Intel® Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] (ChengDu AoMei Tech Co., Ltd -> ) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [500960 2020-04-20] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459408 2020-04-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31088 2011-01-29] (CyberLink -> CyberLink Corporation)
S3 CyFwLoad; C:\Windows\System32\Drivers\usb2demon.sys [55600 2011-01-26] (Macraigor Systems LLC -> Cypress Semiconductor)
S3 CYUSB; C:\Windows\System32\Drivers\usb2demon.sys [55600 2011-01-26] (Macraigor Systems LLC -> Cypress Semiconductor)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [95168 2016-03-16] (Future Technology Devices International Ltd -> FTDI Ltd.)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2016-07-31] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2015-04-17] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
S3 jlink; C:\Windows\System32\DRIVERS\jlinkx64.sys [45200 2017-03-10] (SEGGER Microcontroller GmbH & Co. KG -> SEGGER Microcontroller GmbH & Co. KG)
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-24] (Lenovo (Beijing) Limited -> Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-22] (Lenovo (Beijing) Limited -> Lenovo Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
S4 portio; C:\Windows\System32\DRIVERS\WP800IO.sys [8664 2007-09-05] (TestCertforWDK -> WinPic800) [File not signed]
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2002-10-16] () [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-03-27] () [File not signed]
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo LTD -> Jungo)
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-30 18:18 - 2020-04-30 18:22 - 000034557 _____ C:\Users\Roman\Desktop\FRST.txt
2020-04-30 18:17 - 2020-04-30 18:18 - 002283520 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2020-04-30 17:20 - 2020-04-30 17:22 - 000004179 _____ C:\Users\Roman\Desktop\Fixlog.txt
2020-04-26 16:13 - 2020-04-26 16:13 - 000000000 ____D C:\8a84e995d3007edc059bb8
2020-04-26 15:57 - 2019-02-21 06:10 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-26 15:57 - 2019-02-21 06:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-26 15:57 - 2019-02-21 06:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-04-26 15:57 - 2019-02-21 06:08 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:59 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-04-26 15:57 - 2019-02-21 05:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2020-04-26 15:57 - 2019-02-21 05:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-04-26 15:57 - 2019-02-21 05:56 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-04-26 15:57 - 2019-02-21 05:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-04-26 15:57 - 2019-02-21 05:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-04-26 15:57 - 2019-02-21 05:41 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-04-26 15:57 - 2019-02-21 05:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-04-26 15:57 - 2019-02-21 05:39 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-04-26 15:57 - 2019-02-21 05:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-04-26 15:57 - 2019-02-21 05:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-04-26 15:57 - 2019-02-21 05:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2020-04-26 15:57 - 2019-02-21 05:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-26 15:57 - 2019-02-21 05:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-04-26 15:57 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2020-04-26 15:57 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2020-04-26 15:57 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2020-04-26 15:57 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2020-04-26 15:57 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2020-04-26 15:57 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2020-04-26 15:57 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2020-04-26 15:57 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2020-04-26 15:57 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2020-04-26 15:57 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2020-04-26 15:57 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2020-04-26 15:57 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-04-26 15:57 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-04-26 15:57 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-04-26 15:57 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2020-04-26 15:56 - 2019-02-21 06:12 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-04-26 15:56 - 2019-02-21 06:10 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-26 15:56 - 2019-02-21 06:09 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-04-26 15:56 - 2019-02-21 06:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-04-26 15:56 - 2019-02-21 06:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-04-26 15:56 - 2019-02-21 06:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-04-26 15:56 - 2019-02-21 05:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2020-04-26 15:56 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2020-04-26 15:56 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-04-26 15:56 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2020-04-26 15:56 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2020-04-26 15:56 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2020-04-26 15:56 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-04-26 15:56 - 2018-11-18 04:56 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-04-26 15:56 - 2018-11-18 04:44 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-26 15:56 - 2018-11-18 04:43 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-04-26 09:26 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-04-19 06:22 - 2020-04-19 06:22 - 022267336 _____ (Piriform Software Ltd) C:\Users\Roman\Downloads\ccsetup565.exe
2020-04-06 18:37 - 2020-04-06 18:37 - 008196784 _____ (Malwarebytes) C:\Users\Roman\Downloads\adwcleaner_8.0.4.exe
2020-04-05 09:34 - 2020-04-28 21:54 - 000003292 _____ C:\Windows\system32\Tasks\{1B833707-741D-47B8-BDDE-2010BF9BE397}
2020-04-05 09:26 - 2020-04-05 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Philips Digital Audio Player
2020-04-05 09:23 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{AF78792E-48B4-44DF-91D9-B26A64689DEF}
2020-04-05 09:17 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{BB0EDB1E-5B0C-4326-B64D-122D7A4ACEA2}
2020-04-05 09:17 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{A10DAF0C-F2C5-442E-877E-929B1EA0310D}
2020-04-05 09:06 - 2020-04-05 09:06 - 000000000 ____D C:\Users\Roman\AppData\Roaming\CoSoSys
2020-04-05 08:57 - 2020-04-05 08:57 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-04-05 08:56 - 2020-04-05 08:56 - 000000000 ____D C:\Program Files\EaseUS
2020-04-04 17:54 - 2020-04-20 16:53 - 000500960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000337048 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-04-04 17:54 - 2020-04-04 17:54 - 000235696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000175920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-30 18:22 - 2018-04-22 09:06 - 000000000 ____D C:\FRST
2020-04-30 18:19 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-30 18:19 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-30 18:08 - 2014-03-29 23:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-30 18:08 - 2012-08-08 09:52 - 000132443 _____ C:\Windows\system32\fastboot.set
2020-04-30 18:07 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-30 17:29 - 2017-03-01 19:39 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-04-28 22:11 - 2012-08-08 09:29 - 001560204 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-04-28 22:11 - 2012-08-08 08:43 - 000669116 _____ C:\Windows\system32\perfh005.dat
2020-04-28 22:11 - 2012-08-08 08:43 - 000141744 _____ C:\Windows\system32\perfc005.dat
2020-04-28 22:11 - 2009-07-14 07:13 - 001560204 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-28 22:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-28 21:54 - 2020-03-07 12:31 - 000003142 _____ C:\Windows\system32\Tasks\{CBEF9D86-18ED-4D17-84B9-D0706EBF61DE}
2020-04-28 21:54 - 2020-03-01 16:34 - 000003142 _____ C:\Windows\system32\Tasks\{3C565B93-7FFE-47C3-9DD4-A81596C1A0C0}
2020-04-28 21:54 - 2020-01-12 17:51 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-28 21:54 - 2020-01-12 17:51 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-28 21:54 - 2019-04-13 19:06 - 000003106 _____ C:\Windows\system32\Tasks\{3C9F6374-6E28-40DE-B178-39D446460088}
2020-04-28 21:54 - 2018-09-01 18:35 - 000002946 _____ C:\Windows\system32\Tasks\{DAC154C7-6423-4668-BE03-E04215A3C3C8}
2020-04-28 21:54 - 2018-09-01 18:35 - 000002946 _____ C:\Windows\system32\Tasks\{D4A3B536-CA7B-457E-86A4-7949292469A1}
2020-04-28 21:54 - 2018-08-16 11:39 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-28 21:54 - 2018-08-16 11:39 - 000002790 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{DBA6A7E7-AD58-4BAC-B458-D2AD7CF64774}
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{C333A024-D2D3-4785-8F1C-D8AC05B107D2}
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{0F731421-C889-4536-A6DC-90BED2CB20EE}
2020-04-28 21:54 - 2018-03-17 18:55 - 000004528 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-28 21:54 - 2015-12-03 22:39 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-27 22:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2020-04-26 18:59 - 2013-12-10 19:00 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-04-26 18:59 - 2013-12-10 19:00 - 000000000 ____D C:\Windows\system32\MRT
2020-04-26 16:23 - 2013-12-07 06:18 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-04-26 16:23 - 2013-12-07 06:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2020-04-26 16:13 - 2013-12-07 06:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-04-26 15:38 - 2013-12-06 21:23 - 000000000 ____D C:\MeProgramy
2020-04-26 09:12 - 2018-04-20 21:20 - 000000000 ____D C:\zoek_backup
2020-04-26 08:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-04-25 10:14 - 2012-08-08 09:03 - 000000000 ____D C:\Windows\softwaredistribution.bak
2020-04-24 20:39 - 2013-12-06 21:09 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-24 17:28 - 2020-01-12 17:53 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-24 17:28 - 2020-01-12 17:53 - 000002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-24 17:28 - 2020-01-12 17:53 - 000002194 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-19 06:28 - 2014-05-02 18:27 - 000000000 ____D C:\Windows\Minidump
2020-04-19 06:25 - 2018-08-16 11:38 - 000000793 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-19 06:25 - 2018-08-16 11:38 - 000000793 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-04-18 16:06 - 2018-12-23 20:25 - 000000000 ____D C:\Users\Roman\AppData\Local\ElevatedDiagnostics
2020-04-18 08:52 - 2013-12-06 22:36 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-04-18 08:52 - 2013-12-06 22:36 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-04-18 08:52 - 2013-12-06 22:36 - 000004398 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-18 08:52 - 2013-12-06 22:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-04-18 08:52 - 2013-12-06 22:35 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2020-04-18 08:52 - 2012-08-08 09:43 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-16 20:04 - 2018-04-05 19:15 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-04-16 20:04 - 2018-04-05 19:15 - 000002397 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-04-16 20:04 - 2018-04-05 19:15 - 000002397 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-04-16 19:28 - 2013-12-06 21:12 - 000459408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-04-05 09:36 - 2018-05-08 09:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-05 09:35 - 2012-08-08 09:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-05 09:34 - 2020-03-07 12:25 - 000000000 ____D C:\Philips
2020-04-04 17:54 - 2018-10-14 17:55 - 000042984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000317280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000109480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000085056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-04-04 17:53 - 2019-01-14 17:55 - 000234776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000178968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000060696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000037856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-04-04 17:53 - 2017-11-09 19:31 - 000206120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-04-04 17:53 - 2013-12-06 21:12 - 000851808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories ========

2019-07-21 10:55 - 2019-07-21 10:55 - 000003584 _____ () C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-08 19:38 - 2014-05-05 00:47 - 000007597 _____ () C:\Users\Roman\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-04-27 22:38
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-04-2020
Ran by Roman (30-04-2020 18:24:08)
Running from C:\Users\Roman\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-06 18:28:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-683440959-2606681586-737459993-500 - Administrator - Disabled)
Guest (S-1-5-21-683440959-2606681586-737459993-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-683440959-2606681586-737459993-1003 - Limited - Enabled)
Roman (S-1-5-21-683440959-2606681586-737459993-1001 - Administrator - Enabled) => C:\Users\Roman

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{36381D51-CC5E-4698-A0CC-E939C75EC9D8}) (Version: 1.5 - Eyeo GmbH)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
AOMEI Partition Assistant Standard Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ASIX UP v.3-30 (HKLM-x32\...\ASIX UP_is1) (Version: - ASIX s.r.o.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.1.3901.162 - Autoři prohlížeče Avast Secure Browser)
AVR Jungo USB (HKLM-x32\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 10.4 - Atmel)
AVR QTouch Studio (HKLM-x32\...\{7BE9E558-BE53-4939-9565-A0BEA2F839D0}) (Version: 4.4.1 - Atmel)
AVR Studio 5.1 (HKLM-x32\...\{D574D18C-9D52-4B4B-9647-AE6B89FD3F70}) (Version: 5.1.208 - Atmel)
Balíček ovladače systému Windows - KEIL - Tools By ARM (WinUSB) USB (08/29/2013 1.0.0.3) (HKLM\...\C96E78AFEDFD4529DF572369E6FD81679F49E548) (Version: 08/29/2013 1.0.0.3 - KEIL - Tools By ARM)
Balíček ovladače systému Windows - KEIL - Tools By ARM USBDevice (12/12/2017 1.0.1.0) (HKLM\...\54D3313C65675EDD5FC15BEE546C5E6E20229BE8) (Version: 12/12/2017 1.0.1.0 - KEIL - Tools By ARM)
Balíček ovladače systému Windows - Segger (jlink) USB (01/26/2017 2.70.08.0) (HKLM\...\D12F44630DF6CA437A5B43B0F1A4C5A54E130B0D) (Version: 01/26/2017 2.70.08.0 - Segger)
Balíček ovladače systému Windows - Segger (jlink) USB (07/28/2014 2.6.8.1) (HKLM\...\468237BA12C6D9DD0125166A16609C632EE9CF1C) (Version: 07/28/2014 2.6.8.1 - Segger)
Balíček ovladače systému Windows - SEGGER (JLinkCDC_x64) Ports (08/28/2014 6.0.2601.5) (HKLM\...\ED80E3D3A350D18BFD3D3D8DAED8E2B19105763A) (Version: 08/28/2014 6.0.2601.5 - SEGGER)
Borland C++Builder 6 (HKLM-x32\...\{2864C41B-EF2D-4640-95A2-526276524519}) (Version: 6.0 - Borland Software Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
EAGLE 5.11.0 (HKLM-x32\...\EAGLE 5.11.0) (Version: 5.11.0 - CadSoft Computer GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
J-Link V4.94i (HKLM-x32\...\J-Link V4.94i) (Version: V4.94i - SEGGER Microcontroller Systeme GmbH)
Keil µVision4 (HKLM-x32\...\Keil µVision4) (Version: 5.27.1.0 - ARM Ltd)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
mikroC (remove only) (HKLM-x32\...\mikroC) (Version: - )
mikroC PRO for ARM (remove only) (HKLM-x32\...\mikroC PRO for ARM) (Version: 6.2.0.0 - mikroElektronika)
mikroPascal (remove only) (HKLM-x32\...\mikroPascal) (Version: - )
mikroPascal for AVR (remove only) (HKLM-x32\...\mikroPascal for AVR) (Version: - )
MPLAB X IDE v4.05 (HKLM-x32\...\MPLAB X IDE v4.05 v4.05) (Version: v4.05 - Microchip)
MPLAB XC16 C Compiler (HKLM-x32\...\MPLAB XC16 C Compiler v1.33) (Version: v1.33 - Microchip)
MPLAB XC32 Compiler (HKLM-x32\...\MPLAB XC32 Compiler v1.44) (Version: v1.44 - Microchip)
MPLAB XC8 C Compiler (HKLM-x32\...\MPLAB XC8 C Compiler v1.44) (Version: v1.44 - Microchip)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA Ovladače grafiky 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
OpenOffice 4.1.4 (HKLM-x32\...\{6CA4F7F3-B909-4292-B791-AAA959155DE0}) (Version: 4.14.9788 - Apache Software Foundation)
Ovládací panel NVIDIA 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 345.20 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PuTTY release 0.70 (HKLM-x32\...\{0B06C05B-0069-4FE8-AC19-AAF6678FD0A8}) (Version: 0.70.0.0 - Simon Tatham)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.48.823.2011 - Realtek)
Red Alert 2 (HKLM-x32\...\Red Alert 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
State of War (HKLM-x32\...\State of War) (Version: - )
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Windows Driver Package - ASIX s.r.o. ASIX Development Tools Driver Package (07/10/2015 2.12.06) (HKLM\...\63179435CD5991EB4724264B890E0ED379471EE7) (Version: 07/10/2015 2.12.06 - ASIX s.r.o.)
Windows Driver Package - ASIX s.r.o. ASIX Development Tools Driver Package (09/28/2016 2.12.24) (HKLM\...\5378E6D0AF40C93BBB4559D6D163139BADD54A56) (Version: 09/28/2016 2.12.24 - ASIX s.r.o.)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [NPShellExtension] -> {D7ECBD0E-B8E3-4a0c-9E84-514298EFA583} => C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll [2012-06-21] (Nitro PDF Software -> )
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [IkeyShlExt] -> {F1E551D1-822B-40e6-B4D8-A9B4A48AA07A} => C:\Windows\system32\SimpleExt.dll [2012-08-08] (Lenovo (Beijing) Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\POWER2GO\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Roman\Desktop\test.lnk -> C:\Program Files (x86)\SEGGER\JLink_V494i\test.bat ()
ShortcutWithArgument: C:\Users\Roman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2011-06-28 08:28 - 2011-06-28 08:28 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll
2012-08-08 09:30 - 2012-05-21 09:24 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2011-11-22 23:00 - 2011-11-22 23:00 - 000498176 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
2011-12-08 18:53 - 2011-12-08 18:53 - 000168448 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2011-12-08 18:55 - 2011-12-08 18:55 - 000283648 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2011-12-08 18:54 - 2011-12-08 18:54 - 003280896 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2011-12-08 18:54 - 2011-12-08 18:54 - 000102400 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2011-12-08 18:56 - 2011-12-08 18:56 - 000093696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2011-12-08 18:55 - 2011-12-08 18:55 - 000052224 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2011-12-08 19:01 - 2011-12-08 19:01 - 000518656 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2011-12-08 19:03 - 2011-12-08 19:03 - 000290304 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\panihvint.dll
2011-12-08 18:59 - 2011-12-08 18:59 - 000978432 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2011-12-08 19:04 - 2011-12-08 19:04 - 000160256 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
2011-12-08 18:52 - 2011-12-08 18:52 - 000020992 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2011-12-08 19:00 - 2011-12-08 19:00 - 002394112 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2013-12-07 11:45 - 2013-12-07 11:45 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
2011-12-08 18:12 - 2011-12-08 18:12 - 001830912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com

There are 4746 more sites.

IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4748 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-10-05 11:01 - 2020-04-30 17:20 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\PROGRA~2\Borland\CBUILD~1\Bin;C:\PROGRA~2\Borland\CBUILD~1\Projects\Bpl;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files\Lenovo\Bluetooth Software;C:\Program Files\Lenovo\Bluetooth Software\syswow64;;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone;C:\Program Files (x86)\PuTTY\
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.Startup
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Intelligent Touchpad => C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
MSCONFIG\startupreg: OnekeyStudio => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6D014DEC-A2C5-4995-8BE3-584F89BED619}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{511220C7-6FE3-469E-9342-7B31C15B43E1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AB3BFA7-F5E8-49DA-BAB0-BF56820DA0C7}] => (Allow) LPort=2869
FirewallRules: [{672D39F5-5497-4838-9C24-0505855D2D82}] => (Allow) LPort=1900
FirewallRules: [{27BDB785-6C1D-459E-BA81-43EC041108D0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B8705A8-1F40-435A-983F-0EB88EAD91FD}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4237FF2-88A1-4282-A51B-64DE1253886F}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation -> Intel Corporation)
FirewallRules: [{2534CB2A-36C1-4C04-8C34-015E5FF6FC49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14440D45-10C1-4161-B9BE-B5534F1146E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6D690019-471C-448C-961F-4F6D386478D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F07C5053-29A5-4329-95FC-5A3027463983}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BCB4B38-000C-4037-A2ED-E2F1BF551388}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E30B0B5-CBAD-4357-92E5-D513C7C7576C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C2695A0-8C9B-437F-8E27-29F969AE79F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{010BA73D-0163-4CA0-AEEE-9B1EDF7376A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0D3B6BE-9517-45A4-8D91-9BC3510A9095}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD5C6A9F-A570-410E-89A4-B144B6C2B9C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{642EF558-4E2E-4A81-A3E3-989C1242AB69}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [UDP Query User{4FBAE129-654C-469E-B31D-5F2B1808F654}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [TCP Query User{418B447E-E4FB-4F5E-AB50-C8B64CB379EE}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [UDP Query User{6BB3BD3B-C72A-49EE-AFC0-30043AA8674D}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [TCP Query User{1A6DC258-F77B-46D4-BDCF-5486D44C1BDE}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{5BF82198-ECA5-4A59-820C-594BB8C6D30A}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{8A079D9E-9E18-4231-9156-3B3257C8FF8D}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{07D8685D-8BC0-47B5-B6E3-9C1DB91FBE19}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{559C282C-3770-4269-9C40-56C5ACB297DB}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{13FB9306-FE1C-4F50-B17F-D4FAAB8A2E73}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{4E6E04D5-F468-41C0-B911-4AD0A709B97C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AD8904D0-85F3-4222-8696-C7523D51EC55}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9D71F414-6F86-4A45-8874-CCB6F3E46163}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2F3A74D1-C766-4D24-9D76-B6C4E9F2A7DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{45B1D901-F80A-4D57-8953-D1C58B65718B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7BFE13B1-9D20-4DBC-B0CC-B6C0881B96DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{85976001-D918-440B-A760-E4985BA38D73}C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe] => (Allow) C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe (SEGGER Microcontroller GmbH & Co. KG -> )
FirewallRules: [UDP Query User{93ADFE7F-E431-4B40-A4E9-FDE6618726F5}C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe] => (Allow) C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe (SEGGER Microcontroller GmbH & Co. KG -> )
FirewallRules: [TCP Query User{849AAAF1-99B0-42E6-8338-B9300E6FF27E}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{CB68EBC7-A034-41C8-BED5-FA8D03025766}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [TCP Query User{E7F9C9F2-F8D9-4615-BF00-8072C7C4FC27}C:\program files (x86)\r.g. mechanics\red alert 2\game.exe] => (Block) C:\program files (x86)\r.g. mechanics\red alert 2\game.exe (Westwood Studios) [File not signed]
FirewallRules: [UDP Query User{76F8009A-1364-49E7-AF7A-9E84922B8D85}C:\program files (x86)\r.g. mechanics\red alert 2\game.exe] => (Block) C:\program files (x86)\r.g. mechanics\red alert 2\game.exe (Westwood Studios) [File not signed]
FirewallRules: [{2AB11DE4-3FC5-45D6-83C2-2660F7AD39DA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06902E9A-BBC3-411E-A344-6E043623B74A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{242342BA-953E-4595-9A12-B66BC44896E2}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{33A63E42-FA83-415A-A273-A1BEB5D9912F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

05-04-2020 09:33:57 Removed SA22xx Device Manager
05-04-2020 09:34:56 Removed GoGear SA3MXX Device Manager
05-04-2020 09:46:31 Installed MalvaStyle Disk Repair.
05-04-2020 09:58:11 Removed MalvaStyle Disk Repair.
18-04-2020 05:48:55 Naplánovaný kontrolní bod
25-04-2020 07:23:12 Naplánovaný kontrolní bod
26-04-2020 15:58:48 Windows Update
26-04-2020 16:55:02 Windows Update
26-04-2020 17:21:06 Windows Update
26-04-2020 18:37:59 Windows Update
26-04-2020 20:22:09 Windows Update
28-04-2020 22:03:24 Windows Update
29-04-2020 17:46:05 Windows Update
30-04-2020 17:45:11 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/30/2020 06:12:28 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---iphlpsvc failed with 1056, The Code is:0x708.).

Error: (04/30/2020 06:12:27 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (04/30/2020 06:12:27 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (04/30/2020 06:12:27 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (04/30/2020 06:12:27 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (04/30/2020 06:12:27 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (04/30/2020 06:12:27 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (04/30/2020 06:12:27 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).


System errors:
=============
Error: (04/30/2020 06:12:29 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (04/30/2020 06:11:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswbIDSAgent neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/30/2020 06:11:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby aswbIDSAgent bylo dosaženo časového limitu (30000 ms).

Error: (04/30/2020 06:11:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/30/2020 06:10:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Dnscache bylo dosaženo časového limitu (30000 ms).

Error: (04/30/2020 06:10:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/30/2020 06:10:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby LanmanWorkstation bylo dosaženo časového limitu (30000 ms).

Error: (04/30/2020 06:09:18 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Nepodařilo se spustit průvodce instalací jazykové sady. Restartujte systém a zkuste znovu spustit průvodce.


Windows Defender:
===================================
Date: 2015-09-13 08:14:24.894
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{301918C8-B984-43D8-88AE-8C4422055A16}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-03-06 07:50:19.295
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2016-03-06 07:50:18.598
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.213.6009.0
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.11701.0
Předchozí verze modulu:
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2016-03-06 07:50:18.557
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.11701.0
Předchozí verze modulu:
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2014-11-08 04:00:08.978
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2014-11-08 03:53:11.962
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-11-29 17:32:10.765
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-29 17:32:10.671
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-28 18:36:42.123
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-28 18:36:42.030
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-27 07:42:54.231
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-27 07:42:54.137
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-26 17:26:20.853
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-26 17:26:20.759
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: LENOVO 5FCN34WW 06/11/2012
Motherboard: LENOVO Lenovo
Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 85%
Total physical RAM: 3955.32 MB
Available physical RAM: 565.48 MB
Total Virtual: 7908.77 MB
Available Virtual: 4240.25 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:886.32 GB) (Free:505.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:20.87 GB) NTFS

\\?\Volume{876e86c6-e126-11e1-b8e6-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C70BA6D4)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)

==================== End of Addition.txt =======================
Naposledy upravil(a) DaytonC dne 30 dub 2020 17:57, celkem upraveno 1 x.
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15647
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: notebook se seká,nereaguje

#4 Příspěvek od JaRon »

S prikazoveho riadku s admin pravami postupne spust
Chkdsk /r
a po restarte
Sfc / scannow
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
DaytonC
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 08 lis 2014 17:07

Re: notebook se seká,nereaguje

#5 Příspěvek od DaytonC »

OK již jsem jej přidal v předchozí zprávě tak ještě jednou...
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-04-2020
Ran by Roman (30-04-2020 17:20:47) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin HKU\S-1-5-21-683440959-2606681586-737459993-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
AlternateDataStreams: C:\Windows:nlsPreferences [0]
FirewallRules: [{435580A1-E9DF-4F55-910A-3CD8305F6DE4}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{A7120233-09C2-4DB3-8BC6-9EAD6211DC4D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{8CD5A8B6-4568-4FBA-B23A-906340B6439C}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{0BC86A65-947E-4630-8691-C8F60948361D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [TCP Query User{0872E1DA-B38E-4E70-A3E7-5D1738A0CB69}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [UDP Query User{E0B07BF2-E711-4749-B20B-C3E521B8D32E}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)



Hosts:
EmptyTemp:
Reboot:
End
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 => removed successfully
"C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll" => not found
HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully
SWDUMon => service removed successfully
C:\Windows => ":nlsPreferences" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{435580A1-E9DF-4F55-910A-3CD8305F6DE4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7120233-09C2-4DB3-8BC6-9EAD6211DC4D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CD5A8B6-4568-4FBA-B23A-906340B6439C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BC86A65-947E-4630-8691-C8F60948361D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0872E1DA-B38E-4E70-A3E7-5D1738A0CB69}C:\program files (x86)\icq7.7\icq.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E0B07BF2-E711-4749-B20B-C3E521B8D32E}C:\program files (x86)\icq7.7\icq.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5869884 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 110253625 B
Edge => 0 B
Chrome => 419809950 B
Firefox => 13902939 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
UpdatusUser => 256 B
Roman => 36670181 B

RecycleBin => 120414 B
EmptyTemp: => 567.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:22:48 ====
Nahoru
DaytonC
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 08 lis 2014 17:07

Re: notebook se seká,nereaguje

#6 Příspěvek od DaytonC »

žádné narušení integrity....
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15647
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: notebook se seká,nereaguje

#7 Příspěvek od JaRon »

prescanuj PC s Avptool
no nevidim to na AV problem, skor posahany system ,,,
mozes skusobne odinstalovat Avast, vypnut aut. aktualizacie, vypnut fastboot
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
DaytonC
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 08 lis 2014 17:07

Re: notebook se seká,nereaguje

#8 Příspěvek od DaytonC »

no zatím jsem AVPtool nepoužil,
-doinstalovali se mi všechny aktualizace takže mám W7 aktuální,
-něco jsem dočistil ccleanerem(registry cca 91 nálezů nějakých chyb-bylo mi doporučeno to smazat)
-ted ještě defragmentuju disk, ale žádné sekání nepozoruju...
prozatím bych to nechal ...jak se něco objeví hned sem napíšu
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15647
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: notebook se seká,nereaguje

#9 Příspěvek od JaRon »

OK
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
DaytonC
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 08 lis 2014 17:07

Re: notebook se seká,nereaguje

#10 Příspěvek od DaytonC »

tak stále se to objevuje...někdy jen při přepínaní oken v prohlížeči , někdy při rolování obsahu www stránky...vždy to vypadne tak na 3-5sekund ...je to dost nepříjemné (okno vždy zobrazí "neodpovídá")
krystaldisk mi nechce zobrazovat informace o disku zkusil jsem tedy HD-tune-Pro nějako starou verzi...disk je bez vadných sektorů(vše je zelené) pouze signalizuje tohle varování viz screenshot...
může být tedy disk poškozený nebo je chyba někde jinde?
díky za odpověd
Přílohy
ERR.jpg
ERR.jpg (72.37 KiB) Zobrazeno 2644 x
Naposledy upravil(a) DaytonC dne 12 kvě 2020 16:32, celkem upraveno 1 x.
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15647
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: notebook se seká,nereaguje

#11 Příspěvek od JaRon »

plati, co som pisal 1.5. 9:14
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
DaytonC
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 08 lis 2014 17:07

Re: notebook se seká,nereaguje

#12 Příspěvek od DaytonC »

Kašpersky taky bez nálezu... co ten nález při kontrole disku viz screenshot?
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15647
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: notebook se seká,nereaguje

#13 Příspěvek od JaRon »

Vloz z HDTune obrazok benchmark
Predtym nespustaj ziadne aplikacie - iba Win :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
DaytonC
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 08 lis 2014 17:07

Re: notebook se seká,nereaguje

#14 Příspěvek od DaytonC »

no ten konec od 800G se mě teda nelíbí..
Přílohy
Bench.jpg
Bench.jpg (95.29 KiB) Zobrazeno 2634 x
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15647
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: notebook se seká,nereaguje

#15 Příspěvek od JaRon »

No to rozhodne nie je dobre ,,,
Skus este 1-2 kontroly v roznom case, ak budu vysledky podobne bude treba zvazovat vymenu disku
Obcas vsak mozu vysledky ovplyvnit ine aplikacie, preto treba test zopakovat
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“