Zdravím, potřeboval bych pomoct s NB Lenovo. Bude to asi komplet zavirované - vyskakují různá okna, spouští se internet s hromadou oken - hry, sázkaři atd. Zjistil jsem že byl vypnut antivir a zakázáno spuštění v registru, to jsem odstranil, ale ani po skenu se to nezlepšilo.
Předem děkujiza pomoc
Vkládám log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015 (ATTENTION: ====> FRST version is 1121 days old and could be outdated)
Ran by Pavel (administrator) on ZYP-NB on 05-03-2018 07:58:32
Running from D:\INSTAL\viry
Loaded Profiles: UpdatusUser & Pavel (Available profiles: UpdatusUser & Pavel)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\Temp\gB97D.tmp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Users\Pavel\AppData\Local\b1c3ee6aa59242f384f6e7266a4a5b3d\9u11lgiOnEz9es.exe
() C:\ProgramData\cd1d4db3f8d64fa7a4512d47ad1ab5da\Cd3fAJmwOmt.exe
() C:\ProgramData\268aa99843f84690902aa6416f5c47d2\LSGEEUUMSR.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2014-03-14] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2014-03-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2388325176-3897423459-1596443417-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [AnyDeskApp] => C:\Users\Pavel\AppData\Roaming\AnyDeskApp\AnyDeskApp.exe [454144 2018-01-25] ()
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [Webhost] => C:\Users\Pavel\AppData\Roaming\Windows\run1.exe
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [Dropbox Update] => C:\Users\Pavel\AppData\Roaming\Microsoft\vdcestcu\jcuhcsva.exe
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [Windows Defender] => "D:\WindowsData\defender.exe"
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [9u11lgiOnEz9es.exe] => C:\Users\Pavel\AppData\Local\b1c3ee6aa59242f384f6e7266a4a5b3d\9u11lgiOnEz9es.exe [441856 2018-02-07] ()
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [Cd3fAJmwOmt.exe] => C:\ProgramData\cd1d4db3f8d64fa7a4512d47ad1ab5da\Cd3fAJmwOmt.exe [441856 2018-02-07] ()
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [LSGEEUUMSR.exe] => C:\ProgramData\268aa99843f84690902aa6416f5c47d2\LSGEEUUMSR.exe [441856 2018-02-07] ()
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [Chromium] => c:\users\pavel\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\636bc4db-15da-428f-8577-2078b57c0aba.vbs ()
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PDISERVICE.vbs ()
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\System Recovery.lnk
InternetURL: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webhost.url -> file:///C:\Users\Pavel\AppData\Roaming\Windows\Bot.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2388325176-3897423459-1596443417-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = https://newtab.club
HKU\S-1-5-21-2388325176-3897423459-1596443417-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://newtab.club
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
URLSearchHook: [S-1-5-21-2388325176-3897423459-1596443417-1001] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-2388325176-3897423459-1596443417-1001 - (No Name) - {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} - No File
SearchScopes: HKU\S-1-5-21-2388325176-3897423459-1596443417-1001 -> DefaultScope {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} URL =
SearchScopes: HKU\S-1-5-21-2388325176-3897423459-1596443417-1002 -> DefaultScope {AF317CD5-FB16-451B-A41B-2F93E2640AB4} URL =
SearchScopes: HKU\S-1-5-21-2388325176-3897423459-1596443417-1002 -> {AF317CD5-FB16-451B-A41B-2F93E2640AB4} URL =
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.5.245 192.168.5.1 192.168.5.1
Tcpip\Parameters: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{56164E7A-CD81-409D-95BC-27704078EDC0}: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{78B9C002-CC48-46B1-841F-E17CBCF9E843}: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{E2F3335C-FA95-4B9E-B9B9-D34AC762EEA8}: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{F02F8F42-B8D6-4210-BB2F-B17A84950533}: [NameServer] 82.163.143.176 82.163.142.178
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\9m3eii2b.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: https://newtab.club
FF Keyword.URL:
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
StartMenuInternet: Firefox-308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AVG Secure Search) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-02-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-22]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [959256 2012-11-15] (Broadcom Corporation.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1628672 2016-08-22] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-06-22] (McAfee, Inc.)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1977592 2017-02-10] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 MpKsl8bc00b11; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{461A0609-5AB9-4F85-B2AD-2585C20F6A11}\MpKsl8bc00b11.sys [58120 2018-03-04] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S1 gpqjtyov; \??\C:\WINDOWS\system32\drivers\gpqjtyov.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2018-03-05 07:58 - 2018-03-05 07:58 - 00000000 ____D () C:\FRST
2018-03-04 16:15 - 2018-03-04 16:15 - 00037947 _____ () C:\Users\Pavel\Desktop\Letenky Porto Letuška.cz.htm
2018-03-04 16:15 - 2018-03-04 16:15 - 00000000 ____D () C:\Users\Pavel\Desktop\Letenky Porto Letuška.cz_soubory
2018-03-04 16:14 - 2018-03-04 16:14 - 00445969 ____T () C:\Users\Pavel\Desktop\Camino.oxps
2018-03-04 13:48 - 2018-03-04 13:48 - 00000077 _____ () C:\WINDOWS\setupact.log
2018-03-04 13:48 - 2018-03-04 13:48 - 00000000 _____ () C:\WINDOWS\setuperr.log
2018-03-03 17:09 - 2018-03-05 07:52 - 00437339 _____ () C:\WINDOWS\WindowsUpdate.log
2018-03-02 19:33 - 2018-03-04 11:38 - 00003728 _____ () C:\WINDOWS\System32\Tasks\{DEFFE4A1-B4CB-2AF7-E97B-07E4FC854132}
2018-03-02 19:33 - 2018-03-02 19:33 - 00000000 ____D () C:\ProgramData\{7414794a-012c-0}
2018-03-02 19:33 - 2018-03-02 19:33 - 00000000 ____D () C:\ProgramData\{0e391fa2-112c-0}
2018-03-01 20:20 - 2018-03-01 20:20 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-27 19:14 - 2018-02-27 19:14 - 00002290 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-27 18:18 - 2018-02-27 18:18 - 01129816 _____ (Google Inc.) C:\Users\Pavel\Downloads\ChromeSetup.exe
2018-02-25 20:32 - 2018-02-25 20:32 - 00000000 ____D () C:\Users\Pavel\AppData\Local\SeleniumHelper
2018-02-25 20:31 - 2018-03-01 21:27 - 00003788 _____ () C:\WINDOWS\System32\Tasks\AzureSDKService
2018-02-25 20:31 - 2018-02-25 20:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Defender
2018-02-22 19:03 - 2018-02-22 19:03 - 00000270 __RSH () C:\Users\Pavel\ntuser.pol
2018-02-21 19:15 - 2018-02-27 18:59 - 00000000 ____D () C:\ProgramData\BOINC
2018-02-21 19:15 - 2018-02-22 19:03 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\BOINC
2018-02-21 19:15 - 2018-02-21 19:15 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\NVIDIA
2018-02-21 19:14 - 2018-02-21 19:14 - 00000000 ____D () C:\Users\Pavel\.VirtualBox
2018-02-21 19:13 - 2018-02-27 19:06 - 00000000 ____D () C:\WINDOWS\System32\Tasks\SyncTask
2018-02-21 19:13 - 2018-02-27 19:05 - 00000000 ____D () C:\Users\Pavel\AppData\Local\chromium
2018-02-21 19:12 - 2018-02-21 19:12 - 00001386 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2018-02-21 19:11 - 2018-02-21 21:20 - 00000000 ____D () C:\Users\Pavel\AppData\Local\uEBMwoFTGuljaihYq
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-7455-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-6a33-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-6241-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-4581-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-3e87-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-22a5-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-1783-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-01c7-1
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-75c7-1
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-62b3-0
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-2395-1
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-0b15-0
2018-02-16 22:00 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-70d5-1
2018-02-16 22:00 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-64b1-0
2018-02-16 22:00 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-5837-0
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-6853-1
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-4e05-1
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-3b33-0
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-2393-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-56c3-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-53c1-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-3cf7-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-3371-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-2093-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-1321-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-12d3-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-0b41-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-08e7-0
2018-02-16 20:42 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-0283-1
2018-02-16 20:42 - 2018-02-16 22:00 - 00000000 ____D () C:\ProgramData\e4077be8-2387-0
2018-02-16 20:41 - 2018-02-16 22:00 - 00000000 ____D () C:\ProgramData\e4077be8-7077-1
2018-02-16 20:41 - 2018-02-16 22:00 - 00000000 ____D () C:\ProgramData\e4077be8-0b27-0
2018-02-16 20:41 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-6fd5-1
2018-02-16 20:41 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-1607-0
2018-02-16 20:40 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-75c5-0
2018-02-16 20:40 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-64f1-0
2018-02-16 20:40 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-5965-0
2018-02-16 20:40 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-6231-0
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-5961-1
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-4d57-0
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-4183-0
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-2af3-1
2018-02-16 20:40 - 2018-02-16 20:41 - 00000000 ____D () C:\ProgramData\e4077be8-4ea5-0
2018-02-16 20:39 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-51e5-0
2018-02-16 20:39 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-05d3-1
2018-02-16 20:39 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-5f33-0
2018-02-16 20:39 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-1225-1
2018-02-16 20:38 - 2018-03-04 11:38 - 00004214 _____ () C:\WINDOWS\System32\Tasks\36ED8558-205D-1255-48BA-014D4F613B76
2018-02-16 20:38 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-7b93-0
2018-02-16 20:38 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-0a07-1
2018-02-16 20:38 - 2018-02-16 20:41 - 00000000 ____D () C:\ProgramData\e4077be8-7fe1-1
2018-02-16 20:38 - 2018-02-16 20:41 - 00000000 ____D () C:\ProgramData\e4077be8-6315-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-6493-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-5983-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-54e3-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-5013-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-3ba3-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-3243-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-1f91-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-1257-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-0ee7-0
2018-02-16 20:38 - 2018-02-16 20:39 - 00000000 ____D () C:\ProgramData\e4077be8-6eb3-0
2018-02-16 20:38 - 2018-02-16 20:39 - 00000000 ____D () C:\ProgramData\e4077be8-2931-1
2018-02-16 20:36 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-5bd1-1
2018-02-16 20:36 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-2ad5-0
2018-02-16 20:36 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-2153-0
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-6fa7-0
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-6c43-1
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-3585-1
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-2177-0
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-0b07-0
2018-02-16 20:35 - 2018-02-16 20:37 - 00000000 ____D () C:\ProgramData\e4077be8-7e73-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-7067-0
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-6f73-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-3871-0
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-35c3-0
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-3275-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-2df1-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-2551-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-7145-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-3661-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-3351-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-2681-1
2018-02-16 20:33 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-79e1-1
2018-02-16 20:33 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-2343-0
2018-02-16 20:33 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-1455-1
2018-02-16 20:32 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-6db7-0
2018-02-16 20:32 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-1341-0
2018-02-16 20:32 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-0711-1
2018-02-16 20:32 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-2977-1
2018-02-16 20:32 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-1055-0
2018-02-16 20:32 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-0ba5-0
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-7aa5-0
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-3fa3-1
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-30f3-1
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-27f3-0
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-6b73-0
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-4317-1
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-3e15-0
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-2d73-1
2018-02-16 20:30 - 2018-02-16 20:31 - 00000000 ____D () C:\ProgramData\e4077be8-6335-1
2018-02-16 20:30 - 2018-02-16 20:31 - 00000000 ____D () C:\ProgramData\e4077be8-3c75-0
2018-02-16 20:29 - 2018-02-16 20:31 - 00000000 ____D () C:\ProgramData\e4077be8-11b1-0
2018-02-16 20:29 - 2018-02-16 20:30 - 00000000 ____D () C:\ProgramData\e4077be8-5863-1
2018-02-16 20:29 - 2018-02-16 20:30 - 00000000 ____D () C:\ProgramData\e4077be8-1113-1
2018-02-16 20:29 - 2018-02-16 20:30 - 00000000 ____D () C:\ProgramData\e4077be8-0ce1-0
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4a93-1
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4565-0
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4021-0
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4013-1
2018-02-16 20:27 - 2018-02-16 20:28 - 00000000 ____D () C:\ProgramData\e4077be8-74e3-1
2018-02-16 20:27 - 2018-02-16 20:28 - 00000000 ____D () C:\ProgramData\e4077be8-5791-0
2018-02-16 20:22 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-76a5-1
2018-02-16 20:22 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-2f21-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-6a87-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-5fb7-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-5415-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-4f77-1
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-4c25-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-1d31-1
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-0fc1-0
2018-02-16 20:20 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-7bd1-1
2018-02-16 20:20 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-0ff3-0
2018-02-16 20:20 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-2af7-1
2018-02-16 20:20 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-1137-0
2018-02-16 20:20 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-0d91-1
2018-02-16 20:20 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-2821-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-7d25-1
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-7507-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-5055-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-44b1-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-3531-1
2018-02-16 20:18 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-7741-1
2018-02-16 20:18 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-6ec5-0
2018-02-16 20:18 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-42e1-0
2018-02-16 20:17 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-62c1-0
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-6b15-0
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-4cf3-0
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-4bc5-1
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-40e1-1
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-1303-1
2018-02-16 20:17 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-77b1-1
2018-02-16 20:17 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-16d3-0
2018-02-16 20:17 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-03d5-0
2018-02-16 20:16 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-4505-1
2018-02-16 20:16 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-3277-0
2018-02-16 20:16 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-69a7-1
2018-02-16 20:16 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-46e1-0
2018-02-16 20:15 - 2018-03-02 19:34 - 00000000 ____D () C:\ProgramData\{2e7407c3-712c-0}
2018-02-16 20:15 - 2018-03-02 19:34 - 00000000 ____D () C:\ProgramData\{0c334d67-412c-1}
2018-02-16 20:15 - 2018-03-02 19:34 - 00000000 ____D () C:\ProgramData\{08d3121e-212c-0}
2018-02-16 20:15 - 2018-03-02 19:33 - 00000000 ____D () C:\ProgramData\{030162a0-112c-1}
2018-02-16 20:15 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-7e77-1
2018-02-16 20:15 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-2501-0
2018-02-13 20:13 - 2018-02-10 09:44 - 25740288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-13 20:13 - 2018-02-10 07:36 - 15283712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-13 20:13 - 2018-02-10 07:20 - 20274176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-13 20:13 - 2018-02-03 00:53 - 07408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-13 20:13 - 2018-01-21 12:09 - 00145080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-13 20:13 - 2018-01-21 07:13 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-13 20:13 - 2018-01-21 07:13 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-13 20:12 - 2018-02-10 08:19 - 02900480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-13 20:12 - 2018-02-10 08:16 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-02-13 20:12 - 2018-02-10 08:16 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-13 20:12 - 2018-02-10 08:09 - 05782016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-13 20:12 - 2018-02-10 08:06 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-02-13 20:12 - 2018-02-10 08:06 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-13 20:12 - 2018-02-10 07:48 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-13 20:12 - 2018-02-10 07:47 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-02-13 20:12 - 2018-02-10 07:46 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-13 20:12 - 2018-02-10 07:41 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-02-13 20:12 - 2018-02-10 07:36 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-02-13 20:12 - 2018-02-10 07:34 - 00807936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-13 20:12 - 2018-02-10 07:32 - 02134528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-13 20:12 - 2018-02-10 07:27 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-13 20:12 - 2018-02-10 07:14 - 01546240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-13 20:12 - 2018-02-10 07:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-02-13 20:12 - 2018-02-10 06:57 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-02-13 20:12 - 2018-02-10 06:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-02-13 20:12 - 2018-02-10 06:54 - 02294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-13 20:12 - 2018-02-10 06:49 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-02-13 20:12 - 2018-02-10 06:49 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 04498944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-13 20:12 - 2018-02-10 06:33 - 13680640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-13 20:12 - 2018-02-10 06:32 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-02-13 20:12 - 2018-02-10 06:29 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-02-13 20:12 - 2018-02-10 06:27 - 02058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-13 20:12 - 2018-02-10 06:27 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-13 20:12 - 2018-02-10 06:14 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-13 20:12 - 2018-02-10 06:10 - 01314304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-13 20:12 - 2018-02-10 06:08 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-02-13 20:12 - 2018-02-03 07:04 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-02-13 20:12 - 2018-02-03 07:03 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-02-13 20:12 - 2018-02-01 19:51 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-13 20:12 - 2018-01-21 12:54 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-13 20:12 - 2018-01-13 02:18 - 02452824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-13 20:12 - 2018-01-12 22:42 - 00376664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-13 20:12 - 2018-01-12 19:31 - 04690944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-13 20:12 - 2018-01-12 18:35 - 03553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-13 20:12 - 2018-01-11 19:19 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-13 20:12 - 2018-01-11 18:56 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-13 20:12 - 2018-01-11 18:07 - 00748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-13 20:12 - 2018-01-09 07:21 - 04168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-02-13 20:12 - 2018-01-09 07:18 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-02-13 20:12 - 2017-12-15 13:23 - 00276312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-02-13 20:12 - 2017-12-05 17:56 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2018-02-13 20:12 - 2017-12-05 17:52 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-02-13 20:12 - 2017-12-05 17:45 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-02-13 20:12 - 2017-12-05 17:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-02-13 20:12 - 2017-12-05 17:32 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-02-13 20:12 - 2017-12-05 17:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2018-02-13 20:12 - 2017-12-05 17:02 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2018-02-13 20:12 - 2017-12-05 16:58 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2018-02-13 20:12 - 2017-12-05 16:24 - 00165376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-02-13 20:12 - 2017-12-02 04:04 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-02-13 20:12 - 2017-11-24 22:58 - 02608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-02-13 20:12 - 2017-11-24 22:56 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2018-02-13 20:12 - 2017-11-24 22:46 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-02-13 20:12 - 2017-11-24 22:44 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2018-02-11 16:22 - 2018-02-27 19:04 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Opera Software
2018-02-11 16:22 - 2018-02-27 19:04 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Opera Software
2018-02-11 16:21 - 2018-02-11 16:21 - 01641288 _____ (Installer ) C:\Users\Pavel\Downloads\adobe_flash_setup_1389474440.exe
2018-02-10 13:34 - 2018-02-10 13:34 - 00000000 ____D () C:\Users\Pavel\AppData\Local\XQtHPMbaINsrktlat
2018-02-07 19:15 - 2018-03-04 11:38 - 00000000 ____D () C:\Users\Pavel\AppData\Local\B6ED7AA4-DE52-0D14-CA74-94E8096E8673
2018-02-07 19:15 - 2018-03-04 11:38 - 00000000 ____D () C:\ProgramData\dd2012cd
2018-02-07 19:15 - 2018-02-27 18:30 - 00000000 ____D () C:\Program Files\Jetmedia
2018-02-07 19:15 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\e4077be8-27a1-0
2018-02-07 19:15 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\e4077be8-1525-1
2018-02-07 19:14 - 2018-02-27 19:51 - 00000000 ____D () C:\Users\Pavel\AppData\Local\193a44d89c0a4bd48f4dd31959a5c06d
2018-02-07 19:14 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\{77546f1d-112c-1}
2018-02-07 19:14 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\{6d2571d7-212c-0}
2018-02-07 19:14 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\{25ad17e7-212c-1}
2018-02-07 19:14 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\{24a135b3-412c-0}
2018-02-07 19:14 - 2018-02-07 19:14 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Jetmedia
2018-02-07 19:14 - 2018-02-07 19:14 - 00000000 ____D () C:\Users\Pavel\AppData\Local\b0193ce95f334a05b036bea0f2cabeff
2018-02-07 19:14 - 2018-02-07 19:14 - 00000000 ____D () C:\ProgramData\cd1d4db3f8d64fa7a4512d47ad1ab5da
2018-02-07 19:11 - 2018-03-04 13:50 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2018-02-07 19:11 - 2018-02-07 19:11 - 00016778 _____ () C:\WINDOWS\System32\Tasks\Sansa Semical Check - Harbour
2018-02-07 19:11 - 2018-02-07 19:11 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\39e83e25a3184482bd8de04fdd93b1f6
2018-02-07 19:11 - 2018-02-07 19:11 - 00000000 ____D () C:\ProgramData\e14b817413da46f28456c47608f83d2f
2018-02-07 19:10 - 2018-02-27 19:51 - 00000000 ____D () C:\Users\Pavel\AppData\Local\84385efcc1164ae9ac8cba6c0da969c5
2018-02-07 19:10 - 2018-02-07 20:34 - 00000000 ____D () C:\ProgramData\a02b8ede10844db1830f524633db30e6
2018-02-07 19:10 - 2018-02-07 19:10 - 00004394 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_SQ
2018-02-07 19:10 - 2018-02-07 19:10 - 00004338 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_KX
2018-02-07 19:10 - 2018-02-07 19:10 - 00004338 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_AU
2018-02-07 19:10 - 2018-02-07 19:10 - 00000000 ____D () C:\Users\Pavel\AppData\Local\b1c3ee6aa59242f384f6e7266a4a5b3d
2018-02-07 19:09 - 2018-02-07 20:47 - 00000000 ____D () C:\ProgramData\268aa99843f84690902aa6416f5c47d2
2018-02-07 19:09 - 2018-02-07 19:09 - 00004394 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_TY
2018-02-07 19:09 - 2018-02-07 19:09 - 00004314 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_GX
2018-02-07 19:09 - 2018-02-07 19:09 - 00000000 ____D () C:\Users\Pavel\AppData\Local\63874cf757b64926bce48592906297ce
2018-02-07 19:09 - 2018-02-07 19:09 - 00000000 ____D () C:\ProgramData\bed23b0ef1634e86b4e001ba1603ca7b
2018-02-07 19:03 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\fcc9423e-4033-1
2018-02-07 19:03 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\fcc9423e-4fc3-0
2018-02-07 19:03 - 2018-02-07 19:03 - 00024496 _____ () C:\WINDOWS\System32\Tasks\{097E0B47-0C7D-7978-0B11-0A0F7E0E1109}
2018-02-07 19:03 - 2018-02-07 19:03 - 00003568 _____ () C:\WINDOWS\System32\Tasks\SystemHealer Task
2018-02-07 19:02 - 2018-02-07 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
2018-02-07 19:02 - 2018-02-07 19:03 - 00000000 ____D () C:\Program Files (x86)\SystemHealer
2018-02-07 19:02 - 2018-02-07 19:02 - 00003312 _____ () C:\WINDOWS\System32\Tasks\System Healer Monitor
2018-02-07 19:02 - 2018-02-07 19:02 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\System Healer
2018-02-07 19:02 - 2018-02-07 19:02 - 00000000 ____D () C:\Users\Pavel\AppData\Local\SystemHealer
2018-02-07 19:01 - 2018-02-07 19:01 - 00000000 ____D () C:\Users\Pavel\AppData\Local\BetaIIS
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2018-03-05 07:58 - 2017-06-29 19:50 - 00000684 ____H () C:\WINDOWS\Tasks\Norton Product InstallerIdle.job
2018-03-05 07:55 - 2014-11-11 21:38 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4CB00716-2D40-47DD-8C53-ACC2AC62373C}
2018-03-04 17:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2018-03-04 16:25 - 2015-06-20 15:20 - 00000932 _____ () C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2388325176-3897423459-1596443417-1002UA.job
2018-03-04 16:14 - 2017-03-07 21:57 - 00073216 ___SH () C:\Users\Pavel\Desktop\Thumbs.db
2018-03-04 15:15 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2018-03-04 14:19 - 2014-11-11 21:28 - 00000000 ____D () C:\Users\Pavel\OneDrive
2018-03-04 13:49 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2018-03-04 13:47 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2018-03-02 20:25 - 2015-06-20 15:20 - 00000880 _____ () C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2388325176-3897423459-1596443417-1002Core.job
2018-03-01 21:27 - 2014-09-06 19:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2388325176-3897423459-1596443417-1002
2018-03-01 20:21 - 2014-08-30 18:52 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Dropbox
2018-02-27 22:46 - 2014-08-30 18:54 - 00000000 ___RD () C:\Users\Pavel\Dropbox
2018-02-27 21:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2018-02-27 21:18 - 2018-01-31 19:51 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\1337
2018-02-27 21:18 - 2018-01-27 18:18 - 00000000 __SHD () C:\Users\Pavel\AppData\Roaming\Folder
2018-02-27 21:18 - 2018-01-27 18:17 - 00000000 __SHD () C:\Users\Pavel\AppData\Roaming\Screenshoter
2018-02-27 20:03 - 2018-01-27 18:18 - 00000000 ____D () C:\ProgramData\dahhService
2018-02-27 19:51 - 2018-01-27 18:18 - 00000000 ____D () C:\WINDOWS\System32\Tasks\System
2018-02-27 19:50 - 2018-01-27 18:19 - 00000004 _____ () C:\ProgramData\lock.dat
2018-02-27 19:14 - 2014-11-22 19:37 - 00002331 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-27 19:09 - 2018-01-27 18:19 - 00000052 _____ () C:\ProgramData\rwi.hhad
2018-02-27 19:08 - 2013-08-22 15:44 - 00337800 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-27 18:30 - 2018-01-27 18:17 - 00000000 ____D () C:\Program Files (x86)\WinSpyAdd
2018-02-27 18:18 - 2014-11-22 19:37 - 00003384 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-27 18:18 - 2014-11-22 19:37 - 00003256 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-25 20:39 - 2018-01-27 18:36 - 00000000 __SHD () C:\Users\Pavel\AppData\Roaming\WindowsDefender
2018-02-25 14:55 - 2014-11-22 19:47 - 00000000 ____D () C:\KMPlayer
2018-02-22 19:03 - 2014-11-11 20:40 - 00000000 ____D () C:\Users\Pavel
2018-02-21 21:20 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2018-02-21 19:14 - 2014-03-14 09:12 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2018-02-21 19:12 - 2014-08-31 07:20 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Adobe
2018-02-18 15:55 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2018-02-18 15:48 - 2014-09-24 17:23 - 01748728 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-18 15:48 - 2014-09-24 16:39 - 00740822 _____ () C:\WINDOWS\system32\perfh005.dat
2018-02-18 15:48 - 2014-09-24 16:39 - 00151948 _____ () C:\WINDOWS\system32\perfc005.dat
2018-02-14 00:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2018-02-13 23:15 - 2015-06-04 19:50 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2018-02-13 23:15 - 2014-09-03 20:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2018-02-13 23:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2018-02-13 23:15 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2018-02-13 23:13 - 2017-10-10 20:51 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-13 23:13 - 2014-09-08 19:28 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-10 19:06 - 2017-10-21 20:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2018-02-10 19:06 - 2017-10-21 20:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-10 14:59 - 2017-10-21 20:51 - 00000959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-07 19:15 - 2018-01-27 18:18 - 00000000 ____D () C:\ProgramData\42d098fa-6bb7-0
2018-02-07 19:14 - 2018-01-27 18:18 - 00000000 ____D () C:\ProgramData\42d098fa-0be7-1
2018-02-07 19:09 - 2014-11-11 20:32 - 00000000 ____D () C:\Program Files\Synaptics
2018-02-07 19:09 - 2014-09-24 20:02 - 00000000 ____D () C:\Program Files\Embedded Lockdown Manager
2018-02-07 19:09 - 2014-09-06 22:30 - 00000000 ____D () C:\Program Files\CCleaner
2018-02-07 19:01 - 2018-01-27 18:18 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\ThreatDataBase
2018-02-05 21:38 - 2018-01-10 00:54 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-05 21:38 - 2018-01-10 00:54 - 00177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2014-03-14 08:48 - 2014-03-14 08:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2018-01-27 18:19 - 2018-02-27 19:50 - 0000004 _____ () C:\ProgramData\lock.dat
2018-01-27 18:19 - 2018-02-27 19:09 - 0000052 _____ () C:\ProgramData\rwi.hhad
Files to move or delete:
====================
C:\ProgramData\lock.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-03-04 14:02
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zavirované Lenovo
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zavirované Lenovo
- Přílohy
-
- Addition.zip
- (10.34 KiB) Staženo 51 x
Re: Zavirované Lenovo
ahoj,
vycisti PC s CureIT https://forum.viry.cz/viewtopic.php?f=29&t=151000
vycisti PC s CureIT https://forum.viry.cz/viewtopic.php?f=29&t=151000
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Zavirované Lenovo
Tak jsem stáhnul, spustil kontrolu a nechal vyřešit problémy. Po ukončení byl požadován restart. Vyskočila na mě jěště nějaké hláška od Windows, také přikládám. Jestli nebudete vědět co s tím?!
Jinak se teď NB už začal opět chovat korektně.
Jinak se teď NB už začal opět chovat korektně.
- Přílohy
-
- Screenshot 2018-03-05 09.23.49.JPG (19.33 KiB) Zobrazeno 2418 x
Re: Zavirované Lenovo
vloz aktualny log FRST - docistime 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Zavirované Lenovo
Hledal jsem hledal a nešel jsem ve správci úloh v záložce Po spuštění je PDISERVICE a tak jsem změnil stav na Zakázáno. Také mi vyskočila jakási System Healer Cleanup Console - mám zato, že to je také k ničemu a tak jsem dohledal místo na HD a spustil její Unistal.
Porestartu už se tam hláška neukazuje. Doufám, že jsem tím něco neprovedl
Porestartu už se tam hláška neukazuje. Doufám, že jsem tím něco neprovedl
Re: Zavirované Lenovo
v pohode vloz ten log
vloz ten logFRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Zavirované Lenovo
Tak jsem spustil FRST a po dokončení na mě vyskočila hláška od Windows Defender - nalezena hrozba, a byl požadován restart. Tak doufám, že bude tento log k něčemu, nemám udělat raději nový?
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015 (ATTENTION: ====> FRST version is 1121 days old and could be outdated)
Ran by Pavel (administrator) on ZYP-NB on 05-03-2018 10:36:11
Running from D:\INSTAL\viry
Loaded Profiles: UpdatusUser & Pavel (Available profiles: UpdatusUser & Pavel)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Users\Pavel\AppData\Roaming\WindowsApps\taskhost.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Users\Pavel\AppData\Roaming\WindowsApps\CPU\intel.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2014-03-14] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2014-03-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2388325176-3897423459-1596443417-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [AnyDeskApp] => C:\Users\Pavel\AppData\Roaming\AnyDeskApp\AnyDeskApp.exe [454144 2018-01-25] ()
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [Chromium] => c:\users\pavel\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\636bc4db-15da-428f-8577-2078b57c0aba.vbs ()
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PDISERVICE.vbs ()
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\System Recovery.lnk
InternetURL: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webhost.url -> file:///C:\Users\Pavel\AppData\Roaming\Windows\Bot.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2388325176-3897423459-1596443417-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = https://newtab.club
HKU\S-1-5-21-2388325176-3897423459-1596443417-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://newtab.club
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
URLSearchHook: [S-1-5-21-2388325176-3897423459-1596443417-1001] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-2388325176-3897423459-1596443417-1001 - (No Name) - {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} - No File
SearchScopes: HKU\S-1-5-21-2388325176-3897423459-1596443417-1001 -> DefaultScope {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} URL =
SearchScopes: HKU\S-1-5-21-2388325176-3897423459-1596443417-1002 -> DefaultScope {AF317CD5-FB16-451B-A41B-2F93E2640AB4} URL =
SearchScopes: HKU\S-1-5-21-2388325176-3897423459-1596443417-1002 -> {AF317CD5-FB16-451B-A41B-2F93E2640AB4} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.5.245 192.168.5.1 192.168.5.1
Tcpip\Parameters: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{56164E7A-CD81-409D-95BC-27704078EDC0}: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{78B9C002-CC48-46B1-841F-E17CBCF9E843}: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{E2F3335C-FA95-4B9E-B9B9-D34AC762EEA8}: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{F02F8F42-B8D6-4210-BB2F-B17A84950533}: [NameServer] 82.163.143.176 82.163.142.178
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\9m3eii2b.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: https://newtab.club
FF Keyword.URL:
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
StartMenuInternet: Firefox-308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AVG Secure Search) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-02-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-22]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [959256 2012-11-15] (Broadcom Corporation.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1628672 2016-08-22] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-06-22] (McAfee, Inc.)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1977592 2017-02-10] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S1 gpqjtyov; \??\C:\WINDOWS\system32\drivers\gpqjtyov.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2018-03-05 10:23 - 2018-03-05 10:29 - 00000154 _____ () C:\WINDOWS\setupact.log
2018-03-05 10:23 - 2018-03-05 10:23 - 00000000 _____ () C:\WINDOWS\setuperr.log
2018-03-05 10:12 - 2018-03-05 10:28 - 00019631 _____ () C:\WINDOWS\WindowsUpdate.log
2018-03-05 08:55 - 2018-03-05 09:15 - 00000000 ____D () C:\Users\Pavel\Doctor Web
2018-03-05 08:55 - 2018-03-05 08:55 - 00000000 ____D () C:\ProgramData\Doctor Web
2018-03-05 07:58 - 2018-03-05 10:36 - 00000000 ____D () C:\FRST
2018-03-04 16:15 - 2018-03-04 16:15 - 00037947 _____ () C:\Users\Pavel\Desktop\Letenky Porto Letuška.cz.htm
2018-03-04 16:15 - 2018-03-04 16:15 - 00000000 ____D () C:\Users\Pavel\Desktop\Letenky Porto Letuška.cz_soubory
2018-03-04 16:14 - 2018-03-04 16:14 - 00445969 ____T () C:\Users\Pavel\Desktop\Camino.oxps
2018-03-02 19:33 - 2018-03-04 11:38 - 00003728 _____ () C:\WINDOWS\System32\Tasks\{DEFFE4A1-B4CB-2AF7-E97B-07E4FC854132}
2018-03-02 19:33 - 2018-03-02 19:33 - 00000000 ____D () C:\ProgramData\{7414794a-012c-0}
2018-03-02 19:33 - 2018-03-02 19:33 - 00000000 ____D () C:\ProgramData\{0e391fa2-112c-0}
2018-03-01 20:20 - 2018-03-01 20:20 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-27 19:14 - 2018-02-27 19:14 - 00002290 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-27 18:18 - 2018-02-27 18:18 - 01129816 _____ (Google Inc.) C:\Users\Pavel\Downloads\ChromeSetup.exe
2018-02-25 20:32 - 2018-02-25 20:32 - 00000000 ____D () C:\Users\Pavel\AppData\Local\SeleniumHelper
2018-02-25 20:31 - 2018-03-01 21:27 - 00003788 _____ () C:\WINDOWS\System32\Tasks\AzureSDKService
2018-02-25 20:31 - 2018-02-25 20:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Defender
2018-02-22 19:03 - 2018-02-22 19:03 - 00000270 __RSH () C:\Users\Pavel\ntuser.pol
2018-02-21 19:15 - 2018-02-27 18:59 - 00000000 ____D () C:\ProgramData\BOINC
2018-02-21 19:15 - 2018-02-22 19:03 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\BOINC
2018-02-21 19:15 - 2018-02-21 19:15 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\NVIDIA
2018-02-21 19:14 - 2018-02-21 19:14 - 00000000 ____D () C:\Users\Pavel\.VirtualBox
2018-02-21 19:13 - 2018-02-27 19:06 - 00000000 ____D () C:\WINDOWS\System32\Tasks\SyncTask
2018-02-21 19:13 - 2018-02-27 19:05 - 00000000 ____D () C:\Users\Pavel\AppData\Local\chromium
2018-02-21 19:12 - 2018-02-21 19:12 - 00001386 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2018-02-21 19:11 - 2018-02-21 21:20 - 00000000 ____D () C:\Users\Pavel\AppData\Local\uEBMwoFTGuljaihYq
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-7455-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-6a33-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-6241-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-4581-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-3e87-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-22a5-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-1783-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-01c7-1
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-75c7-1
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-62b3-0
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-2395-1
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-0b15-0
2018-02-16 22:00 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-70d5-1
2018-02-16 22:00 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-64b1-0
2018-02-16 22:00 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-5837-0
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-6853-1
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-4e05-1
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-3b33-0
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-2393-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-56c3-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-53c1-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-3cf7-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-3371-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-2093-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-1321-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-12d3-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-0b41-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-08e7-0
2018-02-16 20:42 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-0283-1
2018-02-16 20:42 - 2018-02-16 22:00 - 00000000 ____D () C:\ProgramData\e4077be8-2387-0
2018-02-16 20:41 - 2018-02-16 22:00 - 00000000 ____D () C:\ProgramData\e4077be8-7077-1
2018-02-16 20:41 - 2018-02-16 22:00 - 00000000 ____D () C:\ProgramData\e4077be8-0b27-0
2018-02-16 20:41 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-6fd5-1
2018-02-16 20:41 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-1607-0
2018-02-16 20:40 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-75c5-0
2018-02-16 20:40 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-64f1-0
2018-02-16 20:40 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-5965-0
2018-02-16 20:40 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-6231-0
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-5961-1
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-4d57-0
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-4183-0
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-2af3-1
2018-02-16 20:40 - 2018-02-16 20:41 - 00000000 ____D () C:\ProgramData\e4077be8-4ea5-0
2018-02-16 20:39 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-51e5-0
2018-02-16 20:39 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-05d3-1
2018-02-16 20:39 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-5f33-0
2018-02-16 20:39 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-1225-1
2018-02-16 20:38 - 2018-03-04 11:38 - 00004214 _____ () C:\WINDOWS\System32\Tasks\36ED8558-205D-1255-48BA-014D4F613B76
2018-02-16 20:38 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-7b93-0
2018-02-16 20:38 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-0a07-1
2018-02-16 20:38 - 2018-02-16 20:41 - 00000000 ____D () C:\ProgramData\e4077be8-7fe1-1
2018-02-16 20:38 - 2018-02-16 20:41 - 00000000 ____D () C:\ProgramData\e4077be8-6315-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-6493-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-5983-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-54e3-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-5013-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-3ba3-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-3243-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-1f91-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-1257-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-0ee7-0
2018-02-16 20:38 - 2018-02-16 20:39 - 00000000 ____D () C:\ProgramData\e4077be8-6eb3-0
2018-02-16 20:38 - 2018-02-16 20:39 - 00000000 ____D () C:\ProgramData\e4077be8-2931-1
2018-02-16 20:36 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-5bd1-1
2018-02-16 20:36 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-2ad5-0
2018-02-16 20:36 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-2153-0
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-6fa7-0
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-6c43-1
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-3585-1
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-2177-0
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-0b07-0
2018-02-16 20:35 - 2018-02-16 20:37 - 00000000 ____D () C:\ProgramData\e4077be8-7e73-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-7067-0
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-6f73-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-3871-0
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-35c3-0
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-3275-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-2df1-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-2551-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-7145-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-3661-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-3351-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-2681-1
2018-02-16 20:33 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-79e1-1
2018-02-16 20:33 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-2343-0
2018-02-16 20:33 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-1455-1
2018-02-16 20:32 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-6db7-0
2018-02-16 20:32 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-1341-0
2018-02-16 20:32 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-0711-1
2018-02-16 20:32 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-2977-1
2018-02-16 20:32 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-1055-0
2018-02-16 20:32 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-0ba5-0
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-7aa5-0
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-3fa3-1
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-30f3-1
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-27f3-0
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-6b73-0
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-4317-1
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-3e15-0
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-2d73-1
2018-02-16 20:30 - 2018-02-16 20:31 - 00000000 ____D () C:\ProgramData\e4077be8-6335-1
2018-02-16 20:30 - 2018-02-16 20:31 - 00000000 ____D () C:\ProgramData\e4077be8-3c75-0
2018-02-16 20:29 - 2018-02-16 20:31 - 00000000 ____D () C:\ProgramData\e4077be8-11b1-0
2018-02-16 20:29 - 2018-02-16 20:30 - 00000000 ____D () C:\ProgramData\e4077be8-5863-1
2018-02-16 20:29 - 2018-02-16 20:30 - 00000000 ____D () C:\ProgramData\e4077be8-1113-1
2018-02-16 20:29 - 2018-02-16 20:30 - 00000000 ____D () C:\ProgramData\e4077be8-0ce1-0
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4a93-1
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4565-0
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4021-0
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4013-1
2018-02-16 20:27 - 2018-02-16 20:28 - 00000000 ____D () C:\ProgramData\e4077be8-74e3-1
2018-02-16 20:27 - 2018-02-16 20:28 - 00000000 ____D () C:\ProgramData\e4077be8-5791-0
2018-02-16 20:22 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-76a5-1
2018-02-16 20:22 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-2f21-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-6a87-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-5fb7-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-5415-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-4f77-1
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-4c25-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-1d31-1
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-0fc1-0
2018-02-16 20:20 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-7bd1-1
2018-02-16 20:20 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-0ff3-0
2018-02-16 20:20 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-2af7-1
2018-02-16 20:20 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-1137-0
2018-02-16 20:20 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-0d91-1
2018-02-16 20:20 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-2821-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-7d25-1
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-7507-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-5055-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-44b1-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-3531-1
2018-02-16 20:18 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-7741-1
2018-02-16 20:18 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-6ec5-0
2018-02-16 20:18 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-42e1-0
2018-02-16 20:17 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-62c1-0
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-6b15-0
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-4cf3-0
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-4bc5-1
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-40e1-1
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-1303-1
2018-02-16 20:17 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-77b1-1
2018-02-16 20:17 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-16d3-0
2018-02-16 20:17 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-03d5-0
2018-02-16 20:16 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-4505-1
2018-02-16 20:16 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-3277-0
2018-02-16 20:16 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-69a7-1
2018-02-16 20:16 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-46e1-0
2018-02-16 20:15 - 2018-03-02 19:34 - 00000000 ____D () C:\ProgramData\{2e7407c3-712c-0}
2018-02-16 20:15 - 2018-03-02 19:34 - 00000000 ____D () C:\ProgramData\{0c334d67-412c-1}
2018-02-16 20:15 - 2018-03-02 19:34 - 00000000 ____D () C:\ProgramData\{08d3121e-212c-0}
2018-02-16 20:15 - 2018-03-02 19:33 - 00000000 ____D () C:\ProgramData\{030162a0-112c-1}
2018-02-16 20:15 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-7e77-1
2018-02-16 20:15 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-2501-0
2018-02-13 20:13 - 2018-02-10 09:44 - 25740288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-13 20:13 - 2018-02-10 07:36 - 15283712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-13 20:13 - 2018-02-10 07:20 - 20274176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-13 20:13 - 2018-02-03 00:53 - 07408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-13 20:13 - 2018-01-21 12:09 - 00145080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-13 20:13 - 2018-01-21 07:13 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-13 20:13 - 2018-01-21 07:13 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-13 20:12 - 2018-02-10 08:19 - 02900480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-13 20:12 - 2018-02-10 08:16 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-02-13 20:12 - 2018-02-10 08:16 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-13 20:12 - 2018-02-10 08:09 - 05782016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-13 20:12 - 2018-02-10 08:06 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-02-13 20:12 - 2018-02-10 08:06 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-13 20:12 - 2018-02-10 07:48 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-13 20:12 - 2018-02-10 07:47 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-02-13 20:12 - 2018-02-10 07:46 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-13 20:12 - 2018-02-10 07:41 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-02-13 20:12 - 2018-02-10 07:36 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-02-13 20:12 - 2018-02-10 07:34 - 00807936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-13 20:12 - 2018-02-10 07:32 - 02134528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-13 20:12 - 2018-02-10 07:27 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-13 20:12 - 2018-02-10 07:14 - 01546240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-13 20:12 - 2018-02-10 07:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-02-13 20:12 - 2018-02-10 06:57 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-02-13 20:12 - 2018-02-10 06:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-02-13 20:12 - 2018-02-10 06:54 - 02294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-13 20:12 - 2018-02-10 06:49 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-02-13 20:12 - 2018-02-10 06:49 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 04498944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-13 20:12 - 2018-02-10 06:33 - 13680640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-13 20:12 - 2018-02-10 06:32 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-02-13 20:12 - 2018-02-10 06:29 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-02-13 20:12 - 2018-02-10 06:27 - 02058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-13 20:12 - 2018-02-10 06:27 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-13 20:12 - 2018-02-10 06:14 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-13 20:12 - 2018-02-10 06:10 - 01314304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-13 20:12 - 2018-02-10 06:08 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-02-13 20:12 - 2018-02-03 07:04 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-02-13 20:12 - 2018-02-03 07:03 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-02-13 20:12 - 2018-02-01 19:51 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-13 20:12 - 2018-01-21 12:54 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-13 20:12 - 2018-01-13 02:18 - 02452824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-13 20:12 - 2018-01-12 22:42 - 00376664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-13 20:12 - 2018-01-12 19:31 - 04690944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-13 20:12 - 2018-01-12 18:35 - 03553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-13 20:12 - 2018-01-11 19:19 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-13 20:12 - 2018-01-11 18:56 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-13 20:12 - 2018-01-11 18:07 - 00748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-13 20:12 - 2018-01-09 07:21 - 04168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-02-13 20:12 - 2018-01-09 07:18 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-02-13 20:12 - 2017-12-15 13:23 - 00276312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-02-13 20:12 - 2017-12-05 17:56 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2018-02-13 20:12 - 2017-12-05 17:52 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-02-13 20:12 - 2017-12-05 17:45 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-02-13 20:12 - 2017-12-05 17:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-02-13 20:12 - 2017-12-05 17:32 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-02-13 20:12 - 2017-12-05 17:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2018-02-13 20:12 - 2017-12-05 17:02 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2018-02-13 20:12 - 2017-12-05 16:58 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2018-02-13 20:12 - 2017-12-05 16:24 - 00165376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-02-13 20:12 - 2017-12-02 04:04 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-02-13 20:12 - 2017-11-24 22:58 - 02608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-02-13 20:12 - 2017-11-24 22:56 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2018-02-13 20:12 - 2017-11-24 22:46 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-02-13 20:12 - 2017-11-24 22:44 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2018-02-11 16:22 - 2018-02-27 19:04 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Opera Software
2018-02-11 16:22 - 2018-02-27 19:04 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Opera Software
2018-02-11 16:21 - 2018-02-11 16:21 - 01641288 _____ (Installer ) C:\Users\Pavel\Downloads\adobe_flash_setup_1389474440.exe
2018-02-10 13:34 - 2018-02-10 13:34 - 00000000 ____D () C:\Users\Pavel\AppData\Local\XQtHPMbaINsrktlat
2018-02-07 19:15 - 2018-03-04 11:38 - 00000000 ____D () C:\Users\Pavel\AppData\Local\B6ED7AA4-DE52-0D14-CA74-94E8096E8673
2018-02-07 19:15 - 2018-03-04 11:38 - 00000000 ____D () C:\ProgramData\dd2012cd
2018-02-07 19:15 - 2018-02-27 18:30 - 00000000 ____D () C:\Program Files\Jetmedia
2018-02-07 19:15 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\e4077be8-27a1-0
2018-02-07 19:15 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\e4077be8-1525-1
2018-02-07 19:14 - 2018-03-05 09:16 - 00000000 ____D () C:\ProgramData\cd1d4db3f8d64fa7a4512d47ad1ab5da
2018-02-07 19:14 - 2018-02-27 19:51 - 00000000 ____D () C:\Users\Pavel\AppData\Local\193a44d89c0a4bd48f4dd31959a5c06d
2018-02-07 19:14 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\{77546f1d-112c-1}
2018-02-07 19:14 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\{6d2571d7-212c-0}
2018-02-07 19:14 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\{25ad17e7-212c-1}
2018-02-07 19:14 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\{24a135b3-412c-0}
2018-02-07 19:14 - 2018-02-07 19:14 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Jetmedia
2018-02-07 19:14 - 2018-02-07 19:14 - 00000000 ____D () C:\Users\Pavel\AppData\Local\b0193ce95f334a05b036bea0f2cabeff
2018-02-07 19:11 - 2018-03-05 09:16 - 00016778 _____ () C:\WINDOWS\System32\Tasks\Sansa Semical Check - Harbour
2018-02-07 19:11 - 2018-03-04 13:50 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2018-02-07 19:11 - 2018-02-07 19:11 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\39e83e25a3184482bd8de04fdd93b1f6
2018-02-07 19:11 - 2018-02-07 19:11 - 00000000 ____D () C:\ProgramData\e14b817413da46f28456c47608f83d2f
2018-02-07 19:10 - 2018-03-05 09:16 - 00000000 ____D () C:\Users\Pavel\AppData\Local\b1c3ee6aa59242f384f6e7266a4a5b3d
2018-02-07 19:10 - 2018-02-27 19:51 - 00000000 ____D () C:\Users\Pavel\AppData\Local\84385efcc1164ae9ac8cba6c0da969c5
2018-02-07 19:10 - 2018-02-07 20:34 - 00000000 ____D () C:\ProgramData\a02b8ede10844db1830f524633db30e6
2018-02-07 19:10 - 2018-02-07 19:10 - 00004394 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_SQ
2018-02-07 19:10 - 2018-02-07 19:10 - 00004338 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_KX
2018-02-07 19:10 - 2018-02-07 19:10 - 00004338 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_AU
2018-02-07 19:09 - 2018-03-05 09:16 - 00000000 ____D () C:\ProgramData\268aa99843f84690902aa6416f5c47d2
2018-02-07 19:09 - 2018-02-07 19:09 - 00004394 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_TY
2018-02-07 19:09 - 2018-02-07 19:09 - 00004314 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_GX
2018-02-07 19:09 - 2018-02-07 19:09 - 00000000 ____D () C:\Users\Pavel\AppData\Local\63874cf757b64926bce48592906297ce
2018-02-07 19:09 - 2018-02-07 19:09 - 00000000 ____D () C:\ProgramData\bed23b0ef1634e86b4e001ba1603ca7b
2018-02-07 19:03 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\fcc9423e-4033-1
2018-02-07 19:03 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\fcc9423e-4fc3-0
2018-02-07 19:02 - 2018-02-07 19:02 - 00000000 ____D () C:\Users\Pavel\AppData\Local\SystemHealer
2018-02-07 19:01 - 2018-02-07 19:01 - 00000000 ____D () C:\Users\Pavel\AppData\Local\BetaIIS
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2018-03-05 10:34 - 2014-09-06 19:00 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2388325176-3897423459-1596443417-1002
2018-03-05 10:31 - 2014-11-11 21:28 - 00000000 ___RD () C:\Users\Pavel\OneDrive
2018-03-05 10:29 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2018-03-05 10:26 - 2015-06-20 15:20 - 00000932 _____ () C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2388325176-3897423459-1596443417-1002UA.job
2018-03-05 10:22 - 2014-11-11 20:40 - 00000000 ____D () C:\Users\Pavel
2018-03-05 10:22 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2018-03-05 10:19 - 2014-11-22 19:47 - 00000000 ____D () C:\KMPlayer
2018-03-05 10:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2018-03-05 10:01 - 2017-06-29 19:50 - 00000684 ____H () C:\WINDOWS\Tasks\Norton Product InstallerIdle.job
2018-03-05 09:56 - 2017-03-07 21:57 - 00073216 ___SH () C:\Users\Pavel\Desktop\Thumbs.db
2018-03-05 09:20 - 2013-08-22 14:36 - 00000000 ____D () C:\Program Files\Sansa Semical Check - Harbour
2018-03-05 08:58 - 2014-09-24 17:23 - 01748728 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-05 08:58 - 2014-09-24 16:39 - 00740822 _____ () C:\WINDOWS\system32\perfh005.dat
2018-03-05 08:58 - 2014-09-24 16:39 - 00151948 _____ () C:\WINDOWS\system32\perfc005.dat
2018-03-05 08:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2018-03-05 07:55 - 2014-11-11 21:38 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4CB00716-2D40-47DD-8C53-ACC2AC62373C}
2018-03-02 20:25 - 2015-06-20 15:20 - 00000880 _____ () C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2388325176-3897423459-1596443417-1002Core.job
2018-03-01 20:21 - 2014-08-30 18:52 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Dropbox
2018-02-27 22:46 - 2014-08-30 18:54 - 00000000 ___RD () C:\Users\Pavel\Dropbox
2018-02-27 21:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2018-02-27 21:18 - 2018-01-31 19:51 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\1337
2018-02-27 21:18 - 2018-01-27 18:18 - 00000000 __SHD () C:\Users\Pavel\AppData\Roaming\Folder
2018-02-27 21:18 - 2018-01-27 18:17 - 00000000 __SHD () C:\Users\Pavel\AppData\Roaming\Screenshoter
2018-02-27 20:03 - 2018-01-27 18:18 - 00000000 ____D () C:\ProgramData\dahhService
2018-02-27 19:51 - 2018-01-27 18:18 - 00000000 ____D () C:\WINDOWS\System32\Tasks\System
2018-02-27 19:50 - 2018-01-27 18:19 - 00000004 _____ () C:\ProgramData\lock.dat
2018-02-27 19:14 - 2014-11-22 19:37 - 00002331 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-27 19:09 - 2018-01-27 18:19 - 00000052 _____ () C:\ProgramData\rwi.hhad
2018-02-27 19:08 - 2013-08-22 15:44 - 00337800 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-27 18:30 - 2018-01-27 18:17 - 00000000 ____D () C:\Program Files (x86)\WinSpyAdd
2018-02-27 18:18 - 2014-11-22 19:37 - 00003384 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-27 18:18 - 2014-11-22 19:37 - 00003256 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-25 20:39 - 2018-01-27 18:36 - 00000000 __SHD () C:\Users\Pavel\AppData\Roaming\WindowsDefender
2018-02-21 21:20 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2018-02-21 19:14 - 2014-03-14 09:12 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2018-02-21 19:12 - 2014-08-31 07:20 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Adobe
2018-02-18 15:55 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2018-02-14 00:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2018-02-13 23:15 - 2015-06-04 19:50 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2018-02-13 23:15 - 2014-09-03 20:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2018-02-13 23:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2018-02-13 23:15 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2018-02-13 23:13 - 2017-10-10 20:51 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-13 23:13 - 2014-09-08 19:28 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-10 19:06 - 2017-10-21 20:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2018-02-10 19:06 - 2017-10-21 20:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-10 14:59 - 2017-10-21 20:51 - 00000959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-07 19:15 - 2018-01-27 18:18 - 00000000 ____D () C:\ProgramData\42d098fa-6bb7-0
2018-02-07 19:14 - 2018-01-27 18:18 - 00000000 ____D () C:\ProgramData\42d098fa-0be7-1
2018-02-07 19:09 - 2014-11-11 20:32 - 00000000 ____D () C:\Program Files\Synaptics
2018-02-07 19:09 - 2014-09-24 20:02 - 00000000 ____D () C:\Program Files\Embedded Lockdown Manager
2018-02-07 19:09 - 2014-09-06 22:30 - 00000000 ____D () C:\Program Files\CCleaner
2018-02-07 19:01 - 2018-01-27 18:18 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\ThreatDataBase
2018-02-05 21:38 - 2018-01-10 00:54 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-05 21:38 - 2018-01-10 00:54 - 00177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2014-03-14 08:48 - 2014-03-14 08:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2018-01-27 18:19 - 2018-02-27 19:50 - 0000004 _____ () C:\ProgramData\lock.dat
2018-01-27 18:19 - 2018-02-27 19:09 - 0000052 _____ () C:\ProgramData\rwi.hhad
Files to move or delete:
====================
C:\ProgramData\lock.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-03-04 14:02
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015 (ATTENTION: ====> FRST version is 1121 days old and could be outdated)
Ran by Pavel (administrator) on ZYP-NB on 05-03-2018 10:36:11
Running from D:\INSTAL\viry
Loaded Profiles: UpdatusUser & Pavel (Available profiles: UpdatusUser & Pavel)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Users\Pavel\AppData\Roaming\WindowsApps\taskhost.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Users\Pavel\AppData\Roaming\WindowsApps\CPU\intel.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2014-03-14] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2014-03-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2388325176-3897423459-1596443417-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [AnyDeskApp] => C:\Users\Pavel\AppData\Roaming\AnyDeskApp\AnyDeskApp.exe [454144 2018-01-25] ()
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\...\Run: [Chromium] => c:\users\pavel\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\636bc4db-15da-428f-8577-2078b57c0aba.vbs ()
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PDISERVICE.vbs ()
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\System Recovery.lnk
InternetURL: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webhost.url -> file:///C:\Users\Pavel\AppData\Roaming\Windows\Bot.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2388325176-3897423459-1596443417-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = https://newtab.club
HKU\S-1-5-21-2388325176-3897423459-1596443417-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://newtab.club
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2388325176-3897423459-1596443417-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
URLSearchHook: [S-1-5-21-2388325176-3897423459-1596443417-1001] ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKU\S-1-5-21-2388325176-3897423459-1596443417-1001 - (No Name) - {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} - No File
SearchScopes: HKU\S-1-5-21-2388325176-3897423459-1596443417-1001 -> DefaultScope {2C6A44CB-AD42-4731-A544-3FBD3D83AB5B} URL =
SearchScopes: HKU\S-1-5-21-2388325176-3897423459-1596443417-1002 -> DefaultScope {AF317CD5-FB16-451B-A41B-2F93E2640AB4} URL =
SearchScopes: HKU\S-1-5-21-2388325176-3897423459-1596443417-1002 -> {AF317CD5-FB16-451B-A41B-2F93E2640AB4} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.5.245 192.168.5.1 192.168.5.1
Tcpip\Parameters: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{56164E7A-CD81-409D-95BC-27704078EDC0}: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{78B9C002-CC48-46B1-841F-E17CBCF9E843}: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{E2F3335C-FA95-4B9E-B9B9-D34AC762EEA8}: [NameServer] 82.163.143.176 82.163.142.178
Tcpip\..\Interfaces\{F02F8F42-B8D6-4210-BB2F-B17A84950533}: [NameServer] 82.163.143.176 82.163.142.178
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\9m3eii2b.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: https://newtab.club
FF Keyword.URL:
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
StartMenuInternet: Firefox-308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AVG Secure Search) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-02-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-22]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [959256 2012-11-15] (Broadcom Corporation.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1628672 2016-08-22] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-06-22] (McAfee, Inc.)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1977592 2017-02-10] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S1 gpqjtyov; \??\C:\WINDOWS\system32\drivers\gpqjtyov.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2018-03-05 10:23 - 2018-03-05 10:29 - 00000154 _____ () C:\WINDOWS\setupact.log
2018-03-05 10:23 - 2018-03-05 10:23 - 00000000 _____ () C:\WINDOWS\setuperr.log
2018-03-05 10:12 - 2018-03-05 10:28 - 00019631 _____ () C:\WINDOWS\WindowsUpdate.log
2018-03-05 08:55 - 2018-03-05 09:15 - 00000000 ____D () C:\Users\Pavel\Doctor Web
2018-03-05 08:55 - 2018-03-05 08:55 - 00000000 ____D () C:\ProgramData\Doctor Web
2018-03-05 07:58 - 2018-03-05 10:36 - 00000000 ____D () C:\FRST
2018-03-04 16:15 - 2018-03-04 16:15 - 00037947 _____ () C:\Users\Pavel\Desktop\Letenky Porto Letuška.cz.htm
2018-03-04 16:15 - 2018-03-04 16:15 - 00000000 ____D () C:\Users\Pavel\Desktop\Letenky Porto Letuška.cz_soubory
2018-03-04 16:14 - 2018-03-04 16:14 - 00445969 ____T () C:\Users\Pavel\Desktop\Camino.oxps
2018-03-02 19:33 - 2018-03-04 11:38 - 00003728 _____ () C:\WINDOWS\System32\Tasks\{DEFFE4A1-B4CB-2AF7-E97B-07E4FC854132}
2018-03-02 19:33 - 2018-03-02 19:33 - 00000000 ____D () C:\ProgramData\{7414794a-012c-0}
2018-03-02 19:33 - 2018-03-02 19:33 - 00000000 ____D () C:\ProgramData\{0e391fa2-112c-0}
2018-03-01 20:20 - 2018-03-01 20:20 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-27 19:14 - 2018-02-27 19:14 - 00002290 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-27 18:18 - 2018-02-27 18:18 - 01129816 _____ (Google Inc.) C:\Users\Pavel\Downloads\ChromeSetup.exe
2018-02-25 20:32 - 2018-02-25 20:32 - 00000000 ____D () C:\Users\Pavel\AppData\Local\SeleniumHelper
2018-02-25 20:31 - 2018-03-01 21:27 - 00003788 _____ () C:\WINDOWS\System32\Tasks\AzureSDKService
2018-02-25 20:31 - 2018-02-25 20:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Defender
2018-02-22 19:03 - 2018-02-22 19:03 - 00000270 __RSH () C:\Users\Pavel\ntuser.pol
2018-02-21 19:15 - 2018-02-27 18:59 - 00000000 ____D () C:\ProgramData\BOINC
2018-02-21 19:15 - 2018-02-22 19:03 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\BOINC
2018-02-21 19:15 - 2018-02-21 19:15 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\NVIDIA
2018-02-21 19:14 - 2018-02-21 19:14 - 00000000 ____D () C:\Users\Pavel\.VirtualBox
2018-02-21 19:13 - 2018-02-27 19:06 - 00000000 ____D () C:\WINDOWS\System32\Tasks\SyncTask
2018-02-21 19:13 - 2018-02-27 19:05 - 00000000 ____D () C:\Users\Pavel\AppData\Local\chromium
2018-02-21 19:12 - 2018-02-21 19:12 - 00001386 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2018-02-21 19:11 - 2018-02-21 21:20 - 00000000 ____D () C:\Users\Pavel\AppData\Local\uEBMwoFTGuljaihYq
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-7455-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-6a33-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-6241-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-4581-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-3e87-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-22a5-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-1783-1
2018-02-16 22:02 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-01c7-1
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-75c7-1
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-62b3-0
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-2395-1
2018-02-16 22:01 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-0b15-0
2018-02-16 22:00 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-70d5-1
2018-02-16 22:00 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-64b1-0
2018-02-16 22:00 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-5837-0
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-6853-1
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-4e05-1
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-3b33-0
2018-02-16 21:59 - 2018-02-16 22:02 - 00000000 ____D () C:\ProgramData\e4077be8-2393-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-56c3-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-53c1-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-3cf7-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-3371-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-2093-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-1321-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-12d3-1
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-0b41-0
2018-02-16 21:59 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-08e7-0
2018-02-16 20:42 - 2018-02-16 22:01 - 00000000 ____D () C:\ProgramData\e4077be8-0283-1
2018-02-16 20:42 - 2018-02-16 22:00 - 00000000 ____D () C:\ProgramData\e4077be8-2387-0
2018-02-16 20:41 - 2018-02-16 22:00 - 00000000 ____D () C:\ProgramData\e4077be8-7077-1
2018-02-16 20:41 - 2018-02-16 22:00 - 00000000 ____D () C:\ProgramData\e4077be8-0b27-0
2018-02-16 20:41 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-6fd5-1
2018-02-16 20:41 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-1607-0
2018-02-16 20:40 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-75c5-0
2018-02-16 20:40 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-64f1-0
2018-02-16 20:40 - 2018-02-16 21:59 - 00000000 ____D () C:\ProgramData\e4077be8-5965-0
2018-02-16 20:40 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-6231-0
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-5961-1
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-4d57-0
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-4183-0
2018-02-16 20:40 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-2af3-1
2018-02-16 20:40 - 2018-02-16 20:41 - 00000000 ____D () C:\ProgramData\e4077be8-4ea5-0
2018-02-16 20:39 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-51e5-0
2018-02-16 20:39 - 2018-02-16 21:58 - 00000000 ____D () C:\ProgramData\e4077be8-05d3-1
2018-02-16 20:39 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-5f33-0
2018-02-16 20:39 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-1225-1
2018-02-16 20:38 - 2018-03-04 11:38 - 00004214 _____ () C:\WINDOWS\System32\Tasks\36ED8558-205D-1255-48BA-014D4F613B76
2018-02-16 20:38 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-7b93-0
2018-02-16 20:38 - 2018-02-16 20:42 - 00000000 ____D () C:\ProgramData\e4077be8-0a07-1
2018-02-16 20:38 - 2018-02-16 20:41 - 00000000 ____D () C:\ProgramData\e4077be8-7fe1-1
2018-02-16 20:38 - 2018-02-16 20:41 - 00000000 ____D () C:\ProgramData\e4077be8-6315-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-6493-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-5983-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-54e3-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-5013-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-3ba3-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-3243-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-1f91-0
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-1257-1
2018-02-16 20:38 - 2018-02-16 20:40 - 00000000 ____D () C:\ProgramData\e4077be8-0ee7-0
2018-02-16 20:38 - 2018-02-16 20:39 - 00000000 ____D () C:\ProgramData\e4077be8-6eb3-0
2018-02-16 20:38 - 2018-02-16 20:39 - 00000000 ____D () C:\ProgramData\e4077be8-2931-1
2018-02-16 20:36 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-5bd1-1
2018-02-16 20:36 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-2ad5-0
2018-02-16 20:36 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-2153-0
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-6fa7-0
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-6c43-1
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-3585-1
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-2177-0
2018-02-16 20:35 - 2018-02-16 20:38 - 00000000 ____D () C:\ProgramData\e4077be8-0b07-0
2018-02-16 20:35 - 2018-02-16 20:37 - 00000000 ____D () C:\ProgramData\e4077be8-7e73-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-7067-0
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-6f73-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-3871-0
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-35c3-0
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-3275-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-2df1-1
2018-02-16 20:34 - 2018-02-16 20:36 - 00000000 ____D () C:\ProgramData\e4077be8-2551-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-7145-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-3661-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-3351-0
2018-02-16 20:33 - 2018-02-16 20:35 - 00000000 ____D () C:\ProgramData\e4077be8-2681-1
2018-02-16 20:33 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-79e1-1
2018-02-16 20:33 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-2343-0
2018-02-16 20:33 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-1455-1
2018-02-16 20:32 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-6db7-0
2018-02-16 20:32 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-1341-0
2018-02-16 20:32 - 2018-02-16 20:34 - 00000000 ____D () C:\ProgramData\e4077be8-0711-1
2018-02-16 20:32 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-2977-1
2018-02-16 20:32 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-1055-0
2018-02-16 20:32 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-0ba5-0
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-7aa5-0
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-3fa3-1
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-30f3-1
2018-02-16 20:31 - 2018-02-16 20:33 - 00000000 ____D () C:\ProgramData\e4077be8-27f3-0
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-6b73-0
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-4317-1
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-3e15-0
2018-02-16 20:30 - 2018-02-16 20:32 - 00000000 ____D () C:\ProgramData\e4077be8-2d73-1
2018-02-16 20:30 - 2018-02-16 20:31 - 00000000 ____D () C:\ProgramData\e4077be8-6335-1
2018-02-16 20:30 - 2018-02-16 20:31 - 00000000 ____D () C:\ProgramData\e4077be8-3c75-0
2018-02-16 20:29 - 2018-02-16 20:31 - 00000000 ____D () C:\ProgramData\e4077be8-11b1-0
2018-02-16 20:29 - 2018-02-16 20:30 - 00000000 ____D () C:\ProgramData\e4077be8-5863-1
2018-02-16 20:29 - 2018-02-16 20:30 - 00000000 ____D () C:\ProgramData\e4077be8-1113-1
2018-02-16 20:29 - 2018-02-16 20:30 - 00000000 ____D () C:\ProgramData\e4077be8-0ce1-0
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4a93-1
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4565-0
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4021-0
2018-02-16 20:28 - 2018-02-16 20:29 - 00000000 ____D () C:\ProgramData\e4077be8-4013-1
2018-02-16 20:27 - 2018-02-16 20:28 - 00000000 ____D () C:\ProgramData\e4077be8-74e3-1
2018-02-16 20:27 - 2018-02-16 20:28 - 00000000 ____D () C:\ProgramData\e4077be8-5791-0
2018-02-16 20:22 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-76a5-1
2018-02-16 20:22 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-2f21-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-6a87-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-5fb7-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-5415-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-4f77-1
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-4c25-0
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-1d31-1
2018-02-16 20:21 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-0fc1-0
2018-02-16 20:20 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-7bd1-1
2018-02-16 20:20 - 2018-02-16 20:22 - 00000000 ____D () C:\ProgramData\e4077be8-0ff3-0
2018-02-16 20:20 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-2af7-1
2018-02-16 20:20 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-1137-0
2018-02-16 20:20 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-0d91-1
2018-02-16 20:20 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-2821-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-7d25-1
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-7507-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-5055-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-44b1-0
2018-02-16 20:19 - 2018-02-16 20:21 - 00000000 ____D () C:\ProgramData\e4077be8-3531-1
2018-02-16 20:18 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-7741-1
2018-02-16 20:18 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-6ec5-0
2018-02-16 20:18 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-42e1-0
2018-02-16 20:17 - 2018-02-16 20:20 - 00000000 ____D () C:\ProgramData\e4077be8-62c1-0
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-6b15-0
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-4cf3-0
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-4bc5-1
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-40e1-1
2018-02-16 20:17 - 2018-02-16 20:19 - 00000000 ____D () C:\ProgramData\e4077be8-1303-1
2018-02-16 20:17 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-77b1-1
2018-02-16 20:17 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-16d3-0
2018-02-16 20:17 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-03d5-0
2018-02-16 20:16 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-4505-1
2018-02-16 20:16 - 2018-02-16 20:18 - 00000000 ____D () C:\ProgramData\e4077be8-3277-0
2018-02-16 20:16 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-69a7-1
2018-02-16 20:16 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-46e1-0
2018-02-16 20:15 - 2018-03-02 19:34 - 00000000 ____D () C:\ProgramData\{2e7407c3-712c-0}
2018-02-16 20:15 - 2018-03-02 19:34 - 00000000 ____D () C:\ProgramData\{0c334d67-412c-1}
2018-02-16 20:15 - 2018-03-02 19:34 - 00000000 ____D () C:\ProgramData\{08d3121e-212c-0}
2018-02-16 20:15 - 2018-03-02 19:33 - 00000000 ____D () C:\ProgramData\{030162a0-112c-1}
2018-02-16 20:15 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-7e77-1
2018-02-16 20:15 - 2018-02-16 20:17 - 00000000 ____D () C:\ProgramData\e4077be8-2501-0
2018-02-13 20:13 - 2018-02-10 09:44 - 25740288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-13 20:13 - 2018-02-10 07:36 - 15283712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-13 20:13 - 2018-02-10 07:20 - 20274176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-13 20:13 - 2018-02-03 00:53 - 07408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-13 20:13 - 2018-01-21 12:09 - 00145080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-13 20:13 - 2018-01-21 07:13 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-13 20:13 - 2018-01-21 07:13 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-13 20:13 - 2018-01-21 07:13 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-13 20:12 - 2018-02-10 08:19 - 02900480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-13 20:12 - 2018-02-10 08:16 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-02-13 20:12 - 2018-02-10 08:16 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-13 20:12 - 2018-02-10 08:09 - 05782016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-13 20:12 - 2018-02-10 08:06 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-02-13 20:12 - 2018-02-10 08:06 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-13 20:12 - 2018-02-10 07:48 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-13 20:12 - 2018-02-10 07:47 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-02-13 20:12 - 2018-02-10 07:46 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-13 20:12 - 2018-02-10 07:41 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-02-13 20:12 - 2018-02-10 07:36 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-02-13 20:12 - 2018-02-10 07:34 - 00807936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-13 20:12 - 2018-02-10 07:32 - 02134528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-13 20:12 - 2018-02-10 07:27 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-13 20:12 - 2018-02-10 07:14 - 01546240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-13 20:12 - 2018-02-10 07:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-02-13 20:12 - 2018-02-10 06:57 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-02-13 20:12 - 2018-02-10 06:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-02-13 20:12 - 2018-02-10 06:54 - 02294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-13 20:12 - 2018-02-10 06:49 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-02-13 20:12 - 2018-02-10 06:49 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 04498944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-02-13 20:12 - 2018-02-10 06:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-13 20:12 - 2018-02-10 06:33 - 13680640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-13 20:12 - 2018-02-10 06:32 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-02-13 20:12 - 2018-02-10 06:29 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-02-13 20:12 - 2018-02-10 06:27 - 02058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-13 20:12 - 2018-02-10 06:27 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-13 20:12 - 2018-02-10 06:14 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-13 20:12 - 2018-02-10 06:10 - 01314304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-13 20:12 - 2018-02-10 06:08 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-02-13 20:12 - 2018-02-03 07:04 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-02-13 20:12 - 2018-02-03 07:03 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-02-13 20:12 - 2018-02-01 19:51 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-13 20:12 - 2018-01-21 12:54 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-13 20:12 - 2018-01-13 02:18 - 02452824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-13 20:12 - 2018-01-12 22:42 - 00376664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-13 20:12 - 2018-01-12 19:31 - 04690944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-13 20:12 - 2018-01-12 18:35 - 03553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-13 20:12 - 2018-01-11 19:19 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-13 20:12 - 2018-01-11 18:56 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-13 20:12 - 2018-01-11 18:07 - 00748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-13 20:12 - 2018-01-09 07:21 - 04168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-02-13 20:12 - 2018-01-09 07:18 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-02-13 20:12 - 2017-12-15 13:23 - 00276312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-02-13 20:12 - 2017-12-05 17:56 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2018-02-13 20:12 - 2017-12-05 17:52 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-02-13 20:12 - 2017-12-05 17:45 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-02-13 20:12 - 2017-12-05 17:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-02-13 20:12 - 2017-12-05 17:32 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-02-13 20:12 - 2017-12-05 17:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2018-02-13 20:12 - 2017-12-05 17:02 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2018-02-13 20:12 - 2017-12-05 16:58 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2018-02-13 20:12 - 2017-12-05 16:24 - 00165376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-02-13 20:12 - 2017-12-02 04:04 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-02-13 20:12 - 2017-11-24 22:58 - 02608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-02-13 20:12 - 2017-11-24 22:56 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2018-02-13 20:12 - 2017-11-24 22:46 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-02-13 20:12 - 2017-11-24 22:44 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2018-02-11 16:22 - 2018-02-27 19:04 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Opera Software
2018-02-11 16:22 - 2018-02-27 19:04 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Opera Software
2018-02-11 16:21 - 2018-02-11 16:21 - 01641288 _____ (Installer ) C:\Users\Pavel\Downloads\adobe_flash_setup_1389474440.exe
2018-02-10 13:34 - 2018-02-10 13:34 - 00000000 ____D () C:\Users\Pavel\AppData\Local\XQtHPMbaINsrktlat
2018-02-07 19:15 - 2018-03-04 11:38 - 00000000 ____D () C:\Users\Pavel\AppData\Local\B6ED7AA4-DE52-0D14-CA74-94E8096E8673
2018-02-07 19:15 - 2018-03-04 11:38 - 00000000 ____D () C:\ProgramData\dd2012cd
2018-02-07 19:15 - 2018-02-27 18:30 - 00000000 ____D () C:\Program Files\Jetmedia
2018-02-07 19:15 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\e4077be8-27a1-0
2018-02-07 19:15 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\e4077be8-1525-1
2018-02-07 19:14 - 2018-03-05 09:16 - 00000000 ____D () C:\ProgramData\cd1d4db3f8d64fa7a4512d47ad1ab5da
2018-02-07 19:14 - 2018-02-27 19:51 - 00000000 ____D () C:\Users\Pavel\AppData\Local\193a44d89c0a4bd48f4dd31959a5c06d
2018-02-07 19:14 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\{77546f1d-112c-1}
2018-02-07 19:14 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\{6d2571d7-212c-0}
2018-02-07 19:14 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\{25ad17e7-212c-1}
2018-02-07 19:14 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\{24a135b3-412c-0}
2018-02-07 19:14 - 2018-02-07 19:14 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Jetmedia
2018-02-07 19:14 - 2018-02-07 19:14 - 00000000 ____D () C:\Users\Pavel\AppData\Local\b0193ce95f334a05b036bea0f2cabeff
2018-02-07 19:11 - 2018-03-05 09:16 - 00016778 _____ () C:\WINDOWS\System32\Tasks\Sansa Semical Check - Harbour
2018-02-07 19:11 - 2018-03-04 13:50 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2018-02-07 19:11 - 2018-02-07 19:11 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\39e83e25a3184482bd8de04fdd93b1f6
2018-02-07 19:11 - 2018-02-07 19:11 - 00000000 ____D () C:\ProgramData\e14b817413da46f28456c47608f83d2f
2018-02-07 19:10 - 2018-03-05 09:16 - 00000000 ____D () C:\Users\Pavel\AppData\Local\b1c3ee6aa59242f384f6e7266a4a5b3d
2018-02-07 19:10 - 2018-02-27 19:51 - 00000000 ____D () C:\Users\Pavel\AppData\Local\84385efcc1164ae9ac8cba6c0da969c5
2018-02-07 19:10 - 2018-02-07 20:34 - 00000000 ____D () C:\ProgramData\a02b8ede10844db1830f524633db30e6
2018-02-07 19:10 - 2018-02-07 19:10 - 00004394 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_SQ
2018-02-07 19:10 - 2018-02-07 19:10 - 00004338 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_KX
2018-02-07 19:10 - 2018-02-07 19:10 - 00004338 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_AU
2018-02-07 19:09 - 2018-03-05 09:16 - 00000000 ____D () C:\ProgramData\268aa99843f84690902aa6416f5c47d2
2018-02-07 19:09 - 2018-02-07 19:09 - 00004394 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_TY
2018-02-07 19:09 - 2018-02-07 19:09 - 00004314 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateSecurityTaskMachine_GX
2018-02-07 19:09 - 2018-02-07 19:09 - 00000000 ____D () C:\Users\Pavel\AppData\Local\63874cf757b64926bce48592906297ce
2018-02-07 19:09 - 2018-02-07 19:09 - 00000000 ____D () C:\ProgramData\bed23b0ef1634e86b4e001ba1603ca7b
2018-02-07 19:03 - 2018-02-16 20:16 - 00000000 ____D () C:\ProgramData\fcc9423e-4033-1
2018-02-07 19:03 - 2018-02-16 20:15 - 00000000 ____D () C:\ProgramData\fcc9423e-4fc3-0
2018-02-07 19:02 - 2018-02-07 19:02 - 00000000 ____D () C:\Users\Pavel\AppData\Local\SystemHealer
2018-02-07 19:01 - 2018-02-07 19:01 - 00000000 ____D () C:\Users\Pavel\AppData\Local\BetaIIS
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2018-03-05 10:34 - 2014-09-06 19:00 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2388325176-3897423459-1596443417-1002
2018-03-05 10:31 - 2014-11-11 21:28 - 00000000 ___RD () C:\Users\Pavel\OneDrive
2018-03-05 10:29 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2018-03-05 10:26 - 2015-06-20 15:20 - 00000932 _____ () C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2388325176-3897423459-1596443417-1002UA.job
2018-03-05 10:22 - 2014-11-11 20:40 - 00000000 ____D () C:\Users\Pavel
2018-03-05 10:22 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2018-03-05 10:19 - 2014-11-22 19:47 - 00000000 ____D () C:\KMPlayer
2018-03-05 10:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2018-03-05 10:01 - 2017-06-29 19:50 - 00000684 ____H () C:\WINDOWS\Tasks\Norton Product InstallerIdle.job
2018-03-05 09:56 - 2017-03-07 21:57 - 00073216 ___SH () C:\Users\Pavel\Desktop\Thumbs.db
2018-03-05 09:20 - 2013-08-22 14:36 - 00000000 ____D () C:\Program Files\Sansa Semical Check - Harbour
2018-03-05 08:58 - 2014-09-24 17:23 - 01748728 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-05 08:58 - 2014-09-24 16:39 - 00740822 _____ () C:\WINDOWS\system32\perfh005.dat
2018-03-05 08:58 - 2014-09-24 16:39 - 00151948 _____ () C:\WINDOWS\system32\perfc005.dat
2018-03-05 08:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2018-03-05 07:55 - 2014-11-11 21:38 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4CB00716-2D40-47DD-8C53-ACC2AC62373C}
2018-03-02 20:25 - 2015-06-20 15:20 - 00000880 _____ () C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2388325176-3897423459-1596443417-1002Core.job
2018-03-01 20:21 - 2014-08-30 18:52 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Dropbox
2018-02-27 22:46 - 2014-08-30 18:54 - 00000000 ___RD () C:\Users\Pavel\Dropbox
2018-02-27 21:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2018-02-27 21:18 - 2018-01-31 19:51 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\1337
2018-02-27 21:18 - 2018-01-27 18:18 - 00000000 __SHD () C:\Users\Pavel\AppData\Roaming\Folder
2018-02-27 21:18 - 2018-01-27 18:17 - 00000000 __SHD () C:\Users\Pavel\AppData\Roaming\Screenshoter
2018-02-27 20:03 - 2018-01-27 18:18 - 00000000 ____D () C:\ProgramData\dahhService
2018-02-27 19:51 - 2018-01-27 18:18 - 00000000 ____D () C:\WINDOWS\System32\Tasks\System
2018-02-27 19:50 - 2018-01-27 18:19 - 00000004 _____ () C:\ProgramData\lock.dat
2018-02-27 19:14 - 2014-11-22 19:37 - 00002331 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-27 19:09 - 2018-01-27 18:19 - 00000052 _____ () C:\ProgramData\rwi.hhad
2018-02-27 19:08 - 2013-08-22 15:44 - 00337800 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-27 18:30 - 2018-01-27 18:17 - 00000000 ____D () C:\Program Files (x86)\WinSpyAdd
2018-02-27 18:18 - 2014-11-22 19:37 - 00003384 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-27 18:18 - 2014-11-22 19:37 - 00003256 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-25 20:39 - 2018-01-27 18:36 - 00000000 __SHD () C:\Users\Pavel\AppData\Roaming\WindowsDefender
2018-02-21 21:20 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2018-02-21 19:14 - 2014-03-14 09:12 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2018-02-21 19:12 - 2014-08-31 07:20 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Adobe
2018-02-18 15:55 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2018-02-14 00:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2018-02-13 23:15 - 2015-06-04 19:50 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2018-02-13 23:15 - 2014-09-03 20:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2018-02-13 23:15 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2018-02-13 23:15 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2018-02-13 23:13 - 2017-10-10 20:51 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-13 23:13 - 2014-09-08 19:28 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-10 19:06 - 2017-10-21 20:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2018-02-10 19:06 - 2017-10-21 20:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-10 14:59 - 2017-10-21 20:51 - 00000959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-07 19:15 - 2018-01-27 18:18 - 00000000 ____D () C:\ProgramData\42d098fa-6bb7-0
2018-02-07 19:14 - 2018-01-27 18:18 - 00000000 ____D () C:\ProgramData\42d098fa-0be7-1
2018-02-07 19:09 - 2014-11-11 20:32 - 00000000 ____D () C:\Program Files\Synaptics
2018-02-07 19:09 - 2014-09-24 20:02 - 00000000 ____D () C:\Program Files\Embedded Lockdown Manager
2018-02-07 19:09 - 2014-09-06 22:30 - 00000000 ____D () C:\Program Files\CCleaner
2018-02-07 19:01 - 2018-01-27 18:18 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\ThreatDataBase
2018-02-05 21:38 - 2018-01-10 00:54 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-05 21:38 - 2018-01-10 00:54 - 00177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2014-03-14 08:48 - 2014-03-14 08:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2018-01-27 18:19 - 2018-02-27 19:50 - 0000004 _____ () C:\ProgramData\lock.dat
2018-01-27 18:19 - 2018-02-27 19:09 - 0000052 _____ () C:\ProgramData\rwi.hhad
Files to move or delete:
====================
C:\ProgramData\lock.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-03-04 14:02
==================== End Of Log ============================
Re: Zavirované Lenovo
1. citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
2. vycisti PC s ADWCleanerom
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
S1 gpqjtyov; \??\C:\WINDOWS\system32\drivers\gpqjtyov.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt2. vycisti PC s ADWCleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Zavirované Lenovo
Tak 1 jsem zvládnul, ale 2 neprošla. Stáhnul jsme si ADWCleaner ale při pokusu otevřít program mě Windows nenechalo exe soubor spustit.
Přikládám fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Pavel (05-03-2018 12:00:08) Run:1
Running from F:\VIRY.CZ
Loaded Profiles: UpdatusUser & Pavel (Available Profiles: UpdatusUser & Pavel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
S1 gpqjtyov; \??\C:\WINDOWS\system32\drivers\gpqjtyov.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
EmptyTemp:
Reboot:
End
*****************
"HKLM\System\CurrentControlSet\Services\gpqjtyov" => removed successfully
gpqjtyov => service removed successfully
"HKLM\System\CurrentControlSet\Services\MBAMSwissArmy" => removed successfully
MBAMSwissArmy => service removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11739201 B
Java, Flash, Steam htmlcache => 1080 B
Windows/system/drivers => 31830 B
Edge => 0 B
Chrome => 20225029 B
Firefox => 29095691 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 326375 B
systemprofile32 => 218 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
Pavel => 11331972 B
RecycleBin => 0 B
EmptyTemp: => 77.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:00:14 ====
Přikládám fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Pavel (05-03-2018 12:00:08) Run:1
Running from F:\VIRY.CZ
Loaded Profiles: UpdatusUser & Pavel (Available Profiles: UpdatusUser & Pavel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
S1 gpqjtyov; \??\C:\WINDOWS\system32\drivers\gpqjtyov.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
EmptyTemp:
Reboot:
End
*****************
"HKLM\System\CurrentControlSet\Services\gpqjtyov" => removed successfully
gpqjtyov => service removed successfully
"HKLM\System\CurrentControlSet\Services\MBAMSwissArmy" => removed successfully
MBAMSwissArmy => service removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11739201 B
Java, Flash, Steam htmlcache => 1080 B
Windows/system/drivers => 31830 B
Edge => 0 B
Chrome => 20225029 B
Firefox => 29095691 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 326375 B
systemprofile32 => 218 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
Pavel => 11331972 B
RecycleBin => 0 B
EmptyTemp: => 77.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:00:14 ====
Re: Zavirované Lenovo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Zavirované Lenovo
Tak ani tato cesta neprošla. Jak jsme stáhnul Zoek.exe WindowsDefender ho označil za malwer a odstranil ho :-/
Re: Zavirované Lenovo
preco necitas, co pisem 
pisal som 2-ku - JRT (nie zoek)
pisal som 2-ku - JRT (nie zoek)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Zavirované Lenovo
Omlouvám se. Zozkliknul jsme odkaz a postupoval od začátku. Bohužel JRT.exe také nelze spustit. Řízení uživatelských účtů - Tento program je blokován, aby byla zajištěna vaše ochrana. Nedůvěryhodný vydavatel. Okno je poze informativní a jde jen zavřít. Jinak NIC. 
Re: Zavirované Lenovo
ak ho blokuje defender, alebo AV, tak ich vypni - ak to aj tak nepojde, nejde o zivot - je to viacmenej ciste
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Zavirované Lenovo
Tak a jsem v háji. Vůbec netuším jak ten Windows Defender nebo co to je vypnut. Když otevřu okno progamu a dám v nastavení - Vypnout ochranu v reálném čase není to nic platné. Při pokusu o spuštění vyskočí okno od Řízení uživatelských účtů 
Přispějete na provoz fóra?