VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Dobrý den, prosím o kontrolu logu RSIT

https://forum.viry.cz:443/viewtopic.php?t=155623

Stránka 1 z 1

Dobrý den, prosím o kontrolu logu RSIT

Napsal: 02 bře 2019 18:07
od Uživatel
Dobrý den,

při poslechu radia Jazz zčernala obrazovka a ukázal se Bios, na třetí pokus jsem systém spustil. Prosím o preventivní prohlídku logu. Avast mi nic nehlásí.

Předem děkuji za váš čas, ochotu a práci.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Voldemort at 2019-03-02 18:00:52
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 233 GB (76%) free of 305 GB
Total RAM: 3959 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:00:53, on 2.3.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19267)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\Voldemort.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: Avast Cleanup Premium.lnk = C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files (x86)\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files (x86)\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Avast Cleanup Premium (CleanupPSvc) - AVAST Software - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Sierra Wireless QDL Service (GobiQDLService) - Sierra Wireless, Inc. - C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9584 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cb6ae401-af85-4646-bcc2-33bffbfb6b27 -SystemEventPortName:HostProcess-496eca25-37b1-4e23-b893-e8de0370d744 -IoCancelEventPortName:HostProcess-ac06e8b6-8f5e-457c-83b4-425adf67deb8 -NonStateChangingEventPortName:HostProcess-10902265-ab26-48c7-a8a1-0b1210c24c15 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9bd43c4f-3dcd-4294-8eda-80df001bea5e -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e8b39a84-f969-4b23-a392-4359a8a368c9 -SystemEventPortName:HostProcess-d752efde-2ddc-4a55-abce-4cbea70f8249 -IoCancelEventPortName:HostProcess-99136fc7-88fa-4758-9c08-43576bc6c52e -NonStateChangingEventPortName:HostProcess-3621baed-f74c-4519-9204-a34554012f44 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:95c07d4f-86c3-46e2-bac1-0a595a5930bf -DeviceGroupId:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=72.0.3626.119 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fee5805510,0x7fee5805520,0x7fee5805530
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4384 --on-initialized-event-handle=380 --parent-handle=384 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=18399506150450848244 --mojo-platform-channel-handle=1140 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=15602012350778400859 --mojo-platform-channel-handle=1428 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=2526183988688562978 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2526183988688562978 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2620 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=14464541977816069380 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14464541977816069380 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=572434901504115917 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=572434901504115917 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3844 /prefetch:1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=1262073422772086518 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1262073422772086518 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=1458671222874276583 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1458671222874276583 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2224 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=343748517785715030 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=343748517785715030 --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --service-pipe-token=2521579653841924972 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2521579653841924972 --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=616 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --field-trial-handle=1008,3776690205770170568,14831201356317720252,131072 --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=15049920734457801260 --mojo-platform-channel-handle=2608 /prefetch:4
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Voldemort\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-02-20 211848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-02-20 952936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-02-20 669224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-01-26 382976]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2016-01-26 762880]
"Persistence"=C:\Windows\system32\igfxpers.exe [2016-01-26 761344]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-07 2816240]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-11-12 1664000]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-02-19 259976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [2015-11-16 430304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-02-19 259976]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Avast Cleanup Premium.lnk - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe

C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-08-20 622080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-03-02 17:51:08 ----D---- C:\Program Files\trend micro
2019-03-02 17:51:07 ----D---- C:\rsit
2019-03-02 13:41:37 ----A---- C:\Windows\system32\FNTCACHE.DAT
2019-02-20 11:12:16 ----D---- C:\ProgramData\Oracle
2019-02-19 10:27:04 ----A---- C:\Windows\system32\drivers\aswNetSec.sys
2019-02-19 10:26:26 ----A---- C:\Windows\system32\aswBoot.exe
2019-02-13 08:57:36 ----A---- C:\Windows\system32\mshtml.dll
2019-02-13 08:57:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-02-13 08:57:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-02-13 08:57:33 ----A---- C:\Windows\system32\ieframe.dll
2019-02-13 08:57:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-02-13 08:57:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-02-13 08:57:32 ----A---- C:\Windows\system32\wininet.dll
2019-02-13 08:57:32 ----A---- C:\Windows\system32\jscript9.dll
2019-02-13 08:57:31 ----A---- C:\Windows\system32\win32k.sys
2019-02-13 08:57:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-02-13 08:57:30 ----A---- C:\Windows\SYSWOW64\msi.dll
2019-02-13 08:57:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-02-13 08:57:30 ----A---- C:\Windows\system32\urlmon.dll
2019-02-13 08:57:30 ----A---- C:\Windows\system32\msi.dll
2019-02-13 08:57:29 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-02-13 08:57:29 ----A---- C:\Windows\system32\ucrtbase.dll
2019-02-13 08:57:29 ----A---- C:\Windows\system32\termsrv.dll
2019-02-13 08:57:29 ----A---- C:\Windows\system32\kernel32.dll
2019-02-13 08:57:29 ----A---- C:\Windows\system32\iertutil.dll
2019-02-13 08:57:28 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-02-13 08:57:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-02-13 08:57:28 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2019-02-13 08:57:28 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-02-13 08:57:28 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-02-13 08:57:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-02-13 08:57:28 ----A---- C:\Windows\system32\KernelBase.dll
2019-02-13 08:57:28 ----A---- C:\Windows\system32\itss.dll
2019-02-13 08:57:27 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2019-02-13 08:57:27 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-02-13 08:57:27 ----A---- C:\Windows\SYSWOW64\itss.dll
2019-02-13 08:57:27 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-02-13 08:57:27 ----A---- C:\Windows\system32\mf3216.dll
2019-02-13 08:57:27 ----A---- C:\Windows\system32\iedkcs32.dll
2019-02-13 08:57:27 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\drivers\hidparse.sys
2019-02-13 08:57:26 ----A---- C:\Windows\system32\consent.exe
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-02-13 08:57:26 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-02-13 08:57:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-02-13 08:57:25 ----A---- C:\Windows\system32\ntdll.dll
2019-02-13 08:57:25 ----A---- C:\Windows\system32\hal.dll
2019-02-13 08:57:24 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-02-13 08:57:24 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-02-13 08:57:24 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-02-13 08:57:24 ----A---- C:\Windows\system32\sscore.dll
2019-02-13 08:57:24 ----A---- C:\Windows\system32\srvsvc.dll
2019-02-13 08:57:24 ----A---- C:\Windows\system32\oleaut32.dll
2019-02-13 08:57:24 ----A---- C:\Windows\system32\jscript.dll
2019-02-13 08:57:24 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-02-13 08:57:24 ----A---- C:\Windows\system32\drivers\srv.sys
2019-02-13 08:57:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-02-13 08:57:24 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-02-13 08:57:24 ----A---- C:\Windows\system32\certcli.dll
2019-02-13 08:57:23 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2019-02-13 08:57:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\vbscript.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\ole32.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\msimg32.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\msfeeds.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\lsasrv.dll
2019-02-13 08:57:23 ----A---- C:\Windows\system32\itircl.dll
2019-02-13 08:57:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-02-13 08:57:22 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-02-13 08:57:22 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-02-13 08:57:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-02-13 08:57:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-02-13 08:57:22 ----A---- C:\Windows\system32\rpcrt4.dll
2019-02-13 08:57:22 ----A---- C:\Windows\system32\ieui.dll
2019-02-13 08:57:22 ----A---- C:\Windows\system32\ieapfltr.dll
2019-02-13 08:57:22 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-02-13 08:57:22 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-02-13 08:57:22 ----A---- C:\Windows\system32\authui.dll
2019-02-13 08:57:21 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-02-13 08:57:21 ----A---- C:\Windows\system32\smss.exe
2019-02-13 08:57:21 ----A---- C:\Windows\system32\kerberos.dll
2019-02-13 08:57:20 ----A---- C:\Windows\system32\webcheck.dll
2019-02-13 08:57:20 ----A---- C:\Windows\system32\mshtmled.dll
2019-02-13 08:57:20 ----A---- C:\Windows\system32\dxtrans.dll
2019-02-13 08:57:19 ----A---- C:\Windows\system32\dxtmsft.dll
2019-02-13 08:57:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-02-13 08:57:18 ----A---- C:\Windows\system32\rpcss.dll
2019-02-13 08:57:18 ----A---- C:\Windows\system32\msrating.dll
2019-02-13 08:57:18 ----A---- C:\Windows\system32\msiexec.exe
2019-02-13 08:57:18 ----A---- C:\Windows\system32\jscript9diag.dll
2019-02-13 08:57:18 ----A---- C:\Windows\system32\advapi32.dll
2019-02-13 08:57:17 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-02-13 08:57:17 ----A---- C:\Windows\system32\schannel.dll
2019-02-13 08:57:17 ----A---- C:\Windows\system32\occache.dll
2019-02-13 08:57:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-02-13 08:57:17 ----A---- C:\Windows\system32\jsproxy.dll
2019-02-13 08:57:16 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-02-13 08:57:16 ----A---- C:\Windows\system32\drivers\hidclass.sys
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2019-02-13 08:57:15 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\wow64win.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\wow64.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\winsrv.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\wdigest.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\TSpkg.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\sspicli.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\srcore.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\rpchttp.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\ncrypt.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\msv1_0.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\msihnd.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\inseng.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\ieUnatt.exe
2019-02-13 08:57:15 ----A---- C:\Windows\system32\iesetup.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\ie4uinit.exe
2019-02-13 08:57:15 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-02-13 08:57:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-02-13 08:57:15 ----A---- C:\Windows\system32\conhost.exe
2019-02-13 08:57:15 ----A---- C:\Windows\system32\bcrypt.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\appinfo.dll
2019-02-13 08:57:15 ----A---- C:\Windows\system32\appidapi.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-02-13 08:57:14 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-02-13 08:57:14 ----A---- C:\Windows\system32\sspisrv.dll
2019-02-13 08:57:14 ----A---- C:\Windows\system32\lsass.exe
2019-02-13 08:57:14 ----A---- C:\Windows\system32\iernonce.dll
2019-02-13 08:57:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-02-13 08:57:14 ----A---- C:\Windows\system32\drivers\processr.sys
2019-02-13 08:57:14 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-02-13 08:57:14 ----A---- C:\Windows\system32\drivers\appid.sys
2019-02-13 08:57:14 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-02-13 08:57:14 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-02-13 08:57:14 ----A---- C:\Windows\system32\csrsrv.dll
2019-02-13 08:57:14 ----A---- C:\Windows\system32\cryptbase.dll
2019-02-13 08:57:13 ----A---- C:\Windows\SYSWOW64\itircl.dll
2019-02-13 08:57:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-02-13 08:57:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-02-13 08:57:13 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-02-13 08:57:13 ----A---- C:\Windows\system32\wow64cpu.dll
2019-02-13 08:57:13 ----A---- C:\Windows\system32\srclient.dll
2019-02-13 08:57:13 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-02-13 08:57:13 ----A---- C:\Windows\system32\secur32.dll
2019-02-13 08:57:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-02-13 08:57:12 ----A---- C:\Windows\system32\rstrui.exe
2019-02-13 08:57:11 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-02-13 08:57:11 ----A---- C:\Windows\system32\drivers\hidusb.sys
2019-02-13 08:57:10 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-02-13 08:57:10 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-02-13 08:57:10 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-02-13 08:57:10 ----A---- C:\Windows\system32\ntvdm64.dll
2019-02-13 08:57:10 ----A---- C:\Windows\system32\credssp.dll
2019-02-13 08:57:10 ----A---- C:\Windows\system32\comcat.dll
2019-02-13 08:57:10 ----A---- C:\Windows\system32\auditpol.exe
2019-02-13 08:57:10 ----A---- C:\Windows\system32\appidsvc.dll
2019-02-13 08:57:10 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-02-13 08:57:09 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-02-13 08:57:09 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-02-13 08:57:09 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-02-13 08:57:09 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-02-13 08:57:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-02-13 08:57:08 ----A---- C:\Windows\SYSWOW64\user.exe
2019-02-13 08:57:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-02-13 08:57:08 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-02-13 08:57:08 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-02-13 08:57:08 ----A---- C:\Windows\system32\apisetschema.dll
2019-02-13 08:57:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-02-13 08:57:07 ----A---- C:\Windows\system32\adtschema.dll
2019-02-13 08:57:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-02-13 08:57:05 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-02-13 08:57:05 ----A---- C:\Windows\system32\msobjs.dll
2019-02-13 08:57:05 ----A---- C:\Windows\system32\msaudite.dll
2019-02-13 08:57:04 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-02-13 08:57:04 ----A---- C:\Windows\system32\oleres.dll
2019-02-13 08:57:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-02-13 08:56:59 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2019-02-13 08:56:59 ----A---- C:\Windows\system32\msimsg.dll
2019-02-04 20:11:31 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2019-02-04 20:11:31 ----A---- C:\Windows\system32\xactengine2_9.dll
2019-02-04 20:11:28 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2019-02-04 20:11:28 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2019-02-04 20:11:28 ----A---- C:\Windows\system32\d3dx10_35.dll
2019-02-04 20:11:28 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2019-02-04 20:11:16 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2019-02-04 20:11:16 ----A---- C:\Windows\system32\d3dx9_35.dll
2019-02-04 20:11:14 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2019-02-04 20:11:14 ----A---- C:\Windows\system32\xactengine2_8.dll
2019-02-04 20:11:09 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2019-02-04 20:11:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2019-02-04 20:11:09 ----A---- C:\Windows\system32\d3dx10_34.dll
2019-02-04 20:11:09 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2019-02-04 20:10:57 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2019-02-04 20:10:57 ----A---- C:\Windows\system32\d3dx9_34.dll
2019-02-04 20:10:56 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2019-02-04 20:10:56 ----A---- C:\Windows\system32\xinput1_3.dll
2019-02-04 20:10:55 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2019-02-04 20:10:55 ----A---- C:\Windows\system32\xactengine2_7.dll
2019-02-04 20:10:53 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2019-02-04 20:10:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2019-02-04 20:10:53 ----A---- C:\Windows\system32\d3dx10_33.dll
2019-02-04 20:10:53 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2019-02-04 20:10:46 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2019-02-04 20:10:46 ----A---- C:\Windows\system32\d3dx9_33.dll
2019-02-04 20:10:43 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2019-02-04 20:10:43 ----A---- C:\Windows\system32\xactengine2_6.dll
2019-02-04 20:10:42 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2019-02-04 20:10:42 ----A---- C:\Windows\system32\xactengine2_5.dll
2019-02-04 20:10:40 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2019-02-04 20:10:40 ----A---- C:\Windows\system32\d3dx10.dll
2019-02-04 20:10:30 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2019-02-04 20:10:30 ----A---- C:\Windows\system32\d3dx9_32.dll
2019-02-04 20:10:28 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2019-02-04 20:10:28 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2019-02-04 20:10:28 ----A---- C:\Windows\system32\xactengine2_4.dll
2019-02-04 20:10:28 ----A---- C:\Windows\system32\x3daudio1_1.dll
2019-02-04 20:10:21 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2019-02-04 20:10:21 ----A---- C:\Windows\system32\d3dx9_31.dll
2019-02-04 20:10:17 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2019-02-04 20:10:17 ----A---- C:\Windows\system32\xactengine2_3.dll
2019-02-04 20:10:16 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2019-02-04 20:10:16 ----A---- C:\Windows\system32\xinput1_2.dll
2019-02-04 20:10:15 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2019-02-04 20:10:15 ----A---- C:\Windows\system32\xactengine2_2.dll
2019-02-04 20:10:13 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2019-02-04 20:10:13 ----A---- C:\Windows\system32\xinput1_1.dll
2019-02-04 20:10:09 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2019-02-04 20:10:09 ----A---- C:\Windows\system32\xactengine2_1.dll
2019-02-04 20:09:42 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2019-02-04 20:09:42 ----A---- C:\Windows\system32\d3dx9_30.dll
2019-02-04 20:09:29 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2019-02-04 20:09:29 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2019-02-04 20:09:29 ----A---- C:\Windows\system32\xactengine2_0.dll
2019-02-04 20:09:29 ----A---- C:\Windows\system32\x3daudio1_0.dll
2019-02-04 20:09:21 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2019-02-04 20:09:21 ----A---- C:\Windows\system32\d3dx9_29.dll
2019-02-04 20:09:08 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2019-02-04 20:09:08 ----A---- C:\Windows\system32\d3dx9_28.dll
2019-02-04 20:09:00 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2019-02-04 20:09:00 ----A---- C:\Windows\system32\d3dx9_27.dll
2019-02-04 20:08:35 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2019-02-04 20:08:35 ----A---- C:\Windows\system32\d3dx9_26.dll
2019-02-04 20:08:17 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2019-02-04 20:08:17 ----A---- C:\Windows\system32\d3dx9_25.dll
2019-02-04 20:08:05 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2019-02-04 20:08:05 ----A---- C:\Windows\system32\d3dx9_24.dll
2019-02-03 11:23:21 ----D---- C:\Program Files (x86)\Cinemax

======List of files/folders modified in the last 1 month======

2019-03-02 17:57:06 ----D---- C:\Windows\Temp
2019-03-02 17:51:14 ----D---- C:\Windows\Prefetch
2019-03-02 17:51:08 ----RD---- C:\Program Files
2019-03-02 17:47:32 ----D---- C:\Windows\System32
2019-03-02 17:47:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-03-02 17:47:31 ----D---- C:\Windows\inf
2019-03-02 16:05:10 ----D---- C:\Windows\system32\config
2019-03-02 13:42:02 ----D---- C:\Windows
2019-03-02 13:41:53 ----D---- C:\Windows\debug
2019-03-02 11:24:15 ----D---- C:\Hry
2019-03-02 11:23:01 ----D---- C:\Users\Voldemort\AppData\Roaming\uTorrent
2019-03-02 11:20:35 ----D---- C:\Users\Voldemort\AppData\Roaming\DAEMON Tools Lite
2019-03-01 12:40:57 ----SHD---- C:\System Volume Information
2019-03-01 10:24:30 ----D---- C:\Windows\system32\Tasks
2019-02-25 18:08:10 ----SD---- C:\Users\Voldemort\AppData\Roaming\Microsoft
2019-02-23 11:50:03 ----SHD---- C:\Windows\Installer
2019-02-23 11:49:39 ----D---- C:\Windows\SysWOW64
2019-02-20 21:19:57 ----D---- C:\Windows\Microsoft.NET
2019-02-20 21:07:32 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-02-20 21:03:02 ----D---- C:\Program Files (x86)\Microsoft Office
2019-02-20 20:45:29 ----D---- C:\Windows\system32\catroot2
2019-02-20 11:12:16 ----HD---- C:\ProgramData
2019-02-20 11:02:14 ----D---- C:\Windows\winsxs
2019-02-20 11:02:12 ----D---- C:\Windows\system32\drivers
2019-02-14 15:30:09 ----D---- C:\Windows\rescache
2019-02-14 12:47:03 ----RSD---- C:\Windows\assembly
2019-02-14 08:55:45 ----D---- C:\Program Files\Internet Explorer
2019-02-14 08:55:40 ----D---- C:\Program Files (x86)\Internet Explorer
2019-02-14 08:55:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2019-02-14 08:55:37 ----D---- C:\Windows\SYSWOW64\en-US
2019-02-14 08:55:26 ----D---- C:\Windows\system32\drivers\en-US
2019-02-14 08:55:26 ----D---- C:\Windows\system32\cs-CZ
2019-02-14 08:55:24 ----D---- C:\Windows\system32\en-US
2019-02-14 08:55:00 ----D---- C:\Windows\AppPatch
2019-02-14 08:54:55 ----D---- C:\Windows\system32\Boot
2019-02-14 08:54:34 ----D---- C:\Windows\system32\DriverStore
2019-02-14 00:58:35 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2019-02-13 09:01:00 ----D---- C:\Windows\system32\MRT
2019-02-13 08:53:52 ----AC---- C:\Windows\system32\MRT.exe
2019-02-04 21:23:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2019-02-03 18:57:55 ----D---- C:\GOG Games
2019-02-03 11:23:21 ----RD---- C:\Program Files (x86)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-02-19 196072]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblog.sys [2019-02-19 320696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-02-19 57960]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-02-19 87944]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-02-19 379952]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-09-07 31040]
R0 IaNVMeF;IaNVMeF; C:\Windows\system32\drivers\IaNVMeF.sys [2016-01-26 27120]
R0 IaRNVMeF;IaRNVMeF; C:\Windows\system32\drivers\IaRNVMeF.sys [2016-01-22 36888]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2016-03-17 23536]
R0 nvmeF;nvmeF; C:\Windows\system32\drivers\nvmeF.sys [2015-12-16 30776]
R0 ocztrimfilter;SSD Device Filter; C:\Windows\system32\drivers\ocztrimfilter.sys [2016-04-06 29056]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-02-19 205400]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-02-19 225680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-02-19 42288]
R1 aswNetSec;aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [2019-02-19 519872]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-02-19 112312]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-02-19 1034432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-02-19 474456]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 516096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2018-11-09 283200]
R1 HWiNFO;HWiNFO Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2018-11-24 55960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-17 60416]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-02-19 167304]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-02-19 216784]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-09-07 43328]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2018-09-30 38152]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-06-15 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2016-08-17 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2016-08-17 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-06-15 360624]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-08-20 4165120]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-10-14 454416]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2016-03-17 396784]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2016-03-17 806896]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2013-04-26 176880]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NETwNs64;___ Ovladaè adaptéru øady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-15 11471872]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-11-12 543744]
R3 swg3kmbb02;Sierra Wireless QMI USB-NDIS 6.20 miniport for HP; C:\Windows\system32\DRIVERS\swg3kmbb02.sys [2012-04-13 458240]
R3 swg3knmea02;Sierra Wireless QMI NMEA Communication - HP; C:\Windows\system32\DRIVERS\swg3knmea02.sys [2012-04-13 259584]
R3 swg3kser02;Sierra Wireless QMI USB Device for Legacy Serial Communication - HP; C:\Windows\system32\DRIVERS\swg3kser02.sys [2012-04-13 259584]
R3 swibus02;Sierra Wireless Bus Enumerator 02; C:\Windows\system32\DRIVERS\swibus02.sys [2012-04-13 79360]
R3 swibusflt02;Sierra Wireless Bus Enumerator Filter 02; C:\Windows\system32\DRIVERS\swibusflt02.sys [2012-04-13 79360]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-07 555760]
R3 Tpm;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-08-17 147688]
S3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\drivers\amdhub30.sys [2016-01-14 108768]
S3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\amdxhc.sys [2016-01-14 229088]
S3 asmthub3;ASMedia USB3.1 Hub Service; C:\Windows\system32\drivers\asmthub3.sys [2016-04-14 150272]
S3 asmtxhci;ASMedia XHCI Service; C:\Windows\system32\drivers\asmtxhci.sys [2016-04-14 453880]
S3 ausb3hub;Ovladač rozbočovače Intel(R) USB 3.1; C:\Windows\system32\drivers\ausb3hub.sys [2016-04-12 403520]
S3 ausb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.1; C:\Windows\system32\drivers\ausb3xhc.sys [2016-04-12 816712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2016-08-17 552448]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2018-09-18 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2018-09-18 47672]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2014-02-12 65408]
S3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver; C:\Windows\System32\Drivers\EtronSTOR.sys [2014-02-12 39296]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2014-02-12 94208]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\drivers\FLxHCIc.sys [2015-07-30 252536]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver; C:\Windows\system32\drivers\FLxHCIh.sys [2015-07-30 77944]
S3 IaNVMe;IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [2016-01-26 101872]
S3 IaRNVMe;IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [2016-01-22 592408]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2011-04-04 20480]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2012-08-27 107912]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2012-08-27 226696]
S3 nvme;nvme; C:\Windows\system32\drivers\nvme.sys [2015-12-16 83784]
S3 ocznvme;ocznvme; C:\Windows\system32\drivers\ocznvme.sys [2016-04-06 99584]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2016-08-17 12520]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2016-08-17 166400]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2016-08-17 19456]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0); C:\Windows\system32\drivers\rusb3hub.sys [2012-08-27 114568]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0); C:\Windows\system32\drivers\rusb3xhc.sys [2012-08-27 230280]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SMARTMouseFilterx64;HID-compliant mouse; C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys [2018-06-01 18952]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device; C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [2018-06-01 28168]
S3 stornvme;stornvme; C:\Windows\system32\drivers\stornvme.sys [2016-08-17 50408]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2016-08-17 29696]
S3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2016-05-12 145904]
S3 tilfilter;TI xHCI Lower Filter Driver Service; C:\Windows\system32\drivers\TIxHCIlfilter.sys [2015-02-11 17672]
S3 tiufilter;TI xHCI Upper Filter Driver Service; C:\Windows\system32\drivers\TIxHCIufilter.sys [2015-02-11 23304]
S3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2016-05-12 422392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2016-08-17 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2016-08-17 29696]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2016-08-17 199400]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 VUSB3HUB;VIA USB 3 Root Hub Service; C:\Windows\system32\drivers\ViaHub3.sys [2014-10-31 227840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-02-19 357304]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2019-02-19 369264]
R2 CleanupPSvc;Avast Cleanup Premium; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [2019-01-17 9874528]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2016-08-17 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2016-08-17 27136]
R2 GobiQDLService;Sierra Wireless QDL Service; C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe [2011-11-25 312688]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-11 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-09-07 33600]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-02-19 6758976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-07-14 107192]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-07-14 128696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-17 153168]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2016-08-17 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-01-26 270848]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\elevation_service.exe [2019-02-20 1271280]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-17 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-01-26 116224]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2019-01-28 223216]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-07-04 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2016-08-17 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2016-08-17 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2016-08-17 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-08-17 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-14 52920]
S4 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-02-11 11135560]
S4 HP Hotkey Service;HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [2015-11-16 782048]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-12-16 92216]
S4 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-10-19 1102560]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-11-12 327680]

-----------------EOF-----------------

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 02 bře 2019 21:30
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 04 bře 2019 10:14
od Uživatel
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-04-2019
# Duration: 00:00:04
# OS: Windows 7 Professional
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1727 octets] - [04/03/2019 10:05:35]
AdwCleaner[S01].txt - [1788 octets] - [04/03/2019 10:06:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 04 bře 2019 20:13
od Conder
:arrow: Poprosim o obidva nove logy z FRST podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 05 bře 2019 16:30
od Uživatel
Dobré odpoledne,

zde FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by Voldemort (administrator) on Voldemort-PC (05-03-2019 16:21:09)
Running from C:\Users\Voldemort\Desktop
Loaded Profiles: Voldemort (Available Profiles: Voldemort)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Intel Corporation) [File not signed] C:\Windows\System32\igfxtray.exe
(Intel Corporation) [File not signed] C:\Windows\System32\hkcmd.exe
(Intel Corporation) [File not signed] C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) [File not signed] C:\Windows\System32\igfxpers.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Sierra Wireless Inc. -> Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [382976 2016-01-26] (Intel Corporation) [File not signed]
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [762880 2016-01-26] (Intel Corporation) [File not signed]
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [761344 2016-01-26] (Intel Corporation) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-04-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [430304 2015-11-16] (Hewlett-Packard -> HP)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (Disc Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\MountPoints2: {470bdfdd-fba3-11e8-9a81-f4b7e2dda5c1} - F:\SISetup.exe
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-26] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.92\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-09-30]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2019-02-03]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{888E9D26-05B4-4113-908C-93C93975564C}: [DhcpNameServer] 192.168.135.1 8.8.8.8
Tcpip\..\Interfaces\{A9FA56BB-5AA0-4CD3-83BF-C0FDDF35F29C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1912340780-4118999615-3692102144-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-02-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default [2019-03-05]
CHR Extension: (Prezentace) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-17]
CHR Extension: (Dokumenty) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-17]
CHR Extension: (Disk Google) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-17]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Tabulky) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-17]
CHR Extension: (AdBlock) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-17]
CHR Extension: (Gmail) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-17]
CHR Extension: (Chrome Media Router) - C:\Users\Voldemort\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [369264 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9874528 2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11135560 2019-02-11] (Microsoft Corporation -> Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [270848 2016-01-26] (Intel Corporation) [File not signed]
R2 GobiQDLService; C:\Program Files (x86)\Sierra Wireless Inc\Gobi\QDLService\GobiQDLService.exe [312688 2011-11-25] (Sierra Wireless Inc. -> Sierra Wireless, Inc.)
S4 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [782048 2015-11-16] (Hewlett-Packard -> HP)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126520 2011-05-11] (Hewlett-Packard Company -> HP)
S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-08-17] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43328 2012-09-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
S3 amdhub30; C:\Windows\system32\drivers\amdhub30.sys [108768 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdxhc; C:\Windows\system32\drivers\amdxhc.sys [229088 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225680 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196072 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320696 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57960 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167304 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2018-09-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [519872 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034432 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474456 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216784 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [379952 2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
S3 ausb3hub; C:\Windows\system32\drivers\ausb3hub.sys [403520 2016-04-12] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
S3 ausb3xhc; C:\Windows\system32\drivers\ausb3xhc.sys [816712 2016-04-12] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-06-15] (Broadcom Corporation -> Broadcom Corporation.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-09-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2018-09-18] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2018-11-09] (DT Soft Ltd -> DT Soft Ltd)
S3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77944 2015-07-30] (Fresco Logic Inc -> Fresco Logic)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-11-24] (Martin Malik - REALiX -> REALiX(tm))
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [101872 2016-01-26] (Intel(R) NVMe Windows Driver -> Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [27120 2016-01-26] (Intel(R) NVMe Windows Driver -> Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [4165120 2013-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2011-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11471872 2012-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 nvme; C:\Windows\system32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
R0 nvmeF; C:\Windows\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99584 2016-04-06] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29056 2016-04-06] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [18952 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [28168 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [543744 2012-11-12] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 swg3kmbb02; C:\Windows\System32\DRIVERS\swg3kmbb02.sys [458240 2012-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Incorporated)
R3 swg3knmea02; C:\Windows\System32\DRIVERS\swg3knmea02.sys [259584 2012-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Incorporated)
R3 swg3kser02; C:\Windows\System32\DRIVERS\swg3kser02.sys [259584 2012-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Incorporated)
R3 swibus02; C:\Windows\System32\DRIVERS\swibus02.sys [79360 2012-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Inc.)
R3 swibusflt02; C:\Windows\System32\DRIVERS\swibusflt02.sys [79360 2012-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Inc.)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [227840 2014-10-31] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [305664 2014-10-31] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-05 16:12 - 2019-03-05 16:22 - 000020567 _____ C:\Users\Voldemort\Desktop\FRST.txt
2019-03-05 16:12 - 2019-03-05 16:21 - 000000000 ____D C:\FRST
2019-03-05 16:10 - 2019-03-05 16:11 - 002434560 _____ (Farbar) C:\Users\Voldemort\Desktop\FRST64.exe
2019-03-05 16:08 - 2019-03-05 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-03-04 15:52 - 2019-03-01 10:40 - 000000000 ____D C:\Users\Voldemort\Desktop\Mark Manson - Důmyslné umění, jak mít všechno u prdele
2019-03-04 10:05 - 2019-03-04 10:07 - 000000000 ____D C:\AdwCleaner
2019-03-04 10:02 - 2019-03-04 10:02 - 007316688 _____ (Malwarebytes) C:\Users\Voldemort\Desktop\adwcleaner_7.2.7.0.exe
2019-03-02 17:51 - 2019-03-02 18:00 - 000000000 ____D C:\Program Files\trend micro
2019-03-02 17:51 - 2019-03-02 17:51 - 000000000 ____D C:\rsit
2019-03-02 17:46 - 2019-03-02 17:46 - 001222144 _____ C:\Users\Voldemort\Desktop\RSITx64.exe
2019-03-02 13:41 - 2019-03-02 13:42 - 000456280 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-24 10:34 - 2019-02-24 10:34 - 001547197 _____ C:\Users\Voldemort\Downloads\Darknet-fikce-ci-realita-anonymity-skrytych-sluzeb-Tor-a-systemu-bitcoin.pdf
2019-02-20 11:12 - 2019-02-20 11:12 - 000001104 _____ C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chess 2020.lnk
2019-02-20 11:12 - 2019-02-20 11:12 - 000001096 _____ C:\Users\Voldemort\Desktop\Chess 2020.lnk
2019-02-20 11:12 - 2019-02-20 11:12 - 000000000 ____D C:\ProgramData\Oracle
2019-02-20 11:11 - 2019-02-20 11:13 - 000000000 ____D C:\Users\Voldemort\AppData\Local\Chess 2020
2019-02-19 10:27 - 2019-02-19 10:27 - 000519872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-02-19 10:26 - 2019-02-19 10:24 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-02-13 23:10 - 2019-03-05 16:08 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-02-13 23:10 - 2019-03-05 16:08 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-02-13 08:57 - 2019-01-27 16:23 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-02-13 08:57 - 2019-01-27 15:32 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-02-13 08:57 - 2019-01-26 02:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-13 08:57 - 2019-01-26 01:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-02-13 08:57 - 2019-01-26 01:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-02-13 08:57 - 2019-01-26 01:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-13 08:57 - 2019-01-26 01:37 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-02-13 08:57 - 2019-01-26 01:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-02-13 08:57 - 2019-01-26 01:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-02-13 08:57 - 2019-01-26 01:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-02-13 08:57 - 2019-01-26 01:35 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-02-13 08:57 - 2019-01-26 01:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-13 08:57 - 2019-01-26 01:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-02-13 08:57 - 2019-01-26 01:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-02-13 08:57 - 2019-01-26 01:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-13 08:57 - 2019-01-26 01:25 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-02-13 08:57 - 2019-01-26 01:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-02-13 08:57 - 2019-01-26 01:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-02-13 08:57 - 2019-01-26 01:24 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-02-13 08:57 - 2019-01-26 01:24 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-02-13 08:57 - 2019-01-26 01:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-02-13 08:57 - 2019-01-26 01:17 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-02-13 08:57 - 2019-01-26 01:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-02-13 08:57 - 2019-01-26 01:07 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-02-13 08:57 - 2019-01-26 01:07 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-02-13 08:57 - 2019-01-26 01:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-02-13 08:57 - 2019-01-26 01:06 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-02-13 08:57 - 2019-01-26 01:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-02-13 08:57 - 2019-01-26 01:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-02-13 08:57 - 2019-01-26 01:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-02-13 08:57 - 2019-01-26 01:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-02-13 08:57 - 2019-01-26 01:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-13 08:57 - 2019-01-26 01:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-02-13 08:57 - 2019-01-26 01:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-02-13 08:57 - 2019-01-26 01:01 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-02-13 08:57 - 2019-01-26 01:00 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-02-13 08:57 - 2019-01-26 00:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-02-13 08:57 - 2019-01-26 00:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-02-13 08:57 - 2019-01-26 00:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-02-13 08:57 - 2019-01-26 00:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-02-13 08:57 - 2019-01-26 00:56 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-02-13 08:57 - 2019-01-26 00:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-02-13 08:57 - 2019-01-26 00:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-02-13 08:57 - 2019-01-26 00:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-02-13 08:57 - 2019-01-26 00:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-02-13 08:57 - 2019-01-26 00:48 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-02-13 08:57 - 2019-01-26 00:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-02-13 08:57 - 2019-01-26 00:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-02-13 08:57 - 2019-01-26 00:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-02-13 08:57 - 2019-01-26 00:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-02-13 08:57 - 2019-01-26 00:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-02-13 08:57 - 2019-01-26 00:43 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-02-13 08:57 - 2019-01-26 00:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-02-13 08:57 - 2019-01-26 00:40 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-02-13 08:57 - 2019-01-26 00:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-02-13 08:57 - 2019-01-26 00:37 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-02-13 08:57 - 2019-01-26 00:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-13 08:57 - 2019-01-26 00:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-13 08:57 - 2019-01-26 00:32 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-02-13 08:57 - 2019-01-26 00:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-02-13 08:57 - 2019-01-26 00:30 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-02-13 08:57 - 2019-01-26 00:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-02-13 08:57 - 2019-01-26 00:29 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-02-13 08:57 - 2019-01-26 00:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-02-13 08:57 - 2019-01-26 00:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-02-13 08:57 - 2019-01-26 00:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-13 08:57 - 2019-01-26 00:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-02-13 08:57 - 2019-01-26 00:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-02-13 08:57 - 2019-01-15 08:06 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-02-13 08:57 - 2019-01-15 08:06 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-02-13 08:57 - 2019-01-15 08:03 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-02-13 08:57 - 2019-01-15 08:03 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-02-13 08:57 - 2019-01-15 08:02 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-02-13 08:57 - 2019-01-15 08:02 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-02-13 08:57 - 2019-01-15 08:02 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-02-13 08:57 - 2019-01-15 08:02 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-02-13 08:57 - 2019-01-15 08:02 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-02-13 08:57 - 2019-01-15 07:52 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-02-13 08:57 - 2019-01-15 07:51 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-02-13 08:57 - 2019-01-15 07:51 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-02-13 08:57 - 2019-01-15 07:38 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-02-13 08:57 - 2019-01-15 07:33 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-02-13 08:57 - 2019-01-15 07:32 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-02-13 08:57 - 2019-01-15 07:32 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-02-13 08:57 - 2019-01-15 07:32 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-02-13 08:57 - 2019-01-15 07:31 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-02-13 08:57 - 2019-01-15 07:29 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-02-13 08:57 - 2019-01-12 04:08 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-13 08:57 - 2019-01-12 04:08 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-02-13 08:57 - 2019-01-12 03:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-13 08:57 - 2019-01-12 03:55 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-02-13 08:57 - 2019-01-12 03:36 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-13 08:57 - 2019-01-12 03:36 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-13 08:57 - 2019-01-12 03:36 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-13 08:57 - 2019-01-09 04:10 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-02-13 08:57 - 2019-01-09 04:09 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-13 08:57 - 2019-01-09 04:09 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-02-13 08:57 - 2019-01-09 04:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-02-13 08:57 - 2019-01-09 04:08 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-02-13 08:57 - 2019-01-09 04:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 04:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-02-13 08:57 - 2019-01-09 03:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-02-13 08:57 - 2019-01-09 03:57 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:45 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-02-13 08:57 - 2019-01-09 03:45 - 000033408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-13 08:57 - 2019-01-09 03:45 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-02-13 08:57 - 2019-01-09 03:41 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-02-13 08:57 - 2019-01-09 03:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-02-13 08:57 - 2019-01-09 03:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-02-13 08:57 - 2019-01-09 03:38 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-02-13 08:57 - 2019-01-09 03:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-02-13 08:57 - 2019-01-09 03:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-02-13 08:57 - 2019-01-09 03:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-02-13 08:57 - 2019-01-09 03:35 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-02-13 08:57 - 2019-01-09 03:35 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-13 08:57 - 2019-01-09 03:35 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-13 08:57 - 2019-01-09 03:34 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-02-13 08:57 - 2019-01-09 03:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-02-13 08:57 - 2019-01-09 03:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-02-13 08:57 - 2019-01-09 03:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-02-13 08:57 - 2019-01-09 03:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-02-13 08:57 - 2019-01-09 03:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-02-13 08:57 - 2019-01-09 03:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-02-13 08:57 - 2019-01-09 03:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-02-13 08:57 - 2019-01-09 03:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-02-13 08:57 - 2019-01-09 03:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-02-13 08:57 - 2019-01-09 03:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-02-13 08:57 - 2019-01-07 18:19 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-13 08:57 - 2019-01-01 17:08 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-02-13 08:57 - 2019-01-01 17:05 - 003247104 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-13 08:57 - 2019-01-01 17:05 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-02-13 08:57 - 2019-01-01 17:04 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-02-13 08:57 - 2019-01-01 17:04 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-02-13 08:57 - 2019-01-01 16:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-13 08:57 - 2019-01-01 16:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-02-13 08:57 - 2019-01-01 16:57 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-02-13 08:57 - 2019-01-01 16:39 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-02-13 08:57 - 2019-01-01 16:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-02-13 08:57 - 2018-12-28 20:59 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-02-13 08:57 - 2018-12-28 20:59 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-02-13 08:57 - 2018-12-28 20:59 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-02-13 08:57 - 2018-12-28 20:59 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-02-13 08:57 - 2018-12-28 20:59 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-02-13 08:57 - 2018-12-28 20:48 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-02-13 08:57 - 2018-12-28 20:48 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-02-13 08:57 - 2018-12-28 20:48 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-02-13 08:57 - 2018-12-28 20:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-02-13 08:57 - 2018-12-04 17:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2019-02-13 08:57 - 2018-12-04 17:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-02-13 08:57 - 2018-12-04 16:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2019-02-13 08:57 - 2018-12-04 16:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-13 08:57 - 2018-12-02 17:06 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000918408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000066000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000063936 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000021968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000017872 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000017856 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000017360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000016336 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000015824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000015808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000014312 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000014272 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000013768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000013264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012736 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-02-13 08:57 - 2018-10-12 14:05 - 000011200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-02-13 08:56 - 2019-01-01 17:05 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-02-13 08:56 - 2019-01-01 16:58 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-02-05 22:36 - 2016-08-22 17:57 - 001276928 _____ (MGApps) C:\Users\Voldemort\Desktop\Automatické vypnutie PC.exe
2019-02-04 20:11 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2019-02-04 20:11 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2019-02-04 20:11 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2019-02-04 20:11 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2019-02-04 20:11 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2019-02-04 20:11 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2019-02-04 20:11 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2019-02-04 20:11 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2019-02-04 20:11 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2019-02-04 20:10 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2019-02-04 20:10 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2019-02-04 20:10 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2019-02-04 20:10 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2019-02-04 20:10 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-02-04 20:10 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2019-02-04 20:10 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2019-02-04 20:10 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2019-02-04 20:10 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2019-02-04 20:10 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2019-02-04 20:10 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2019-02-04 20:10 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2019-02-04 20:10 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2019-02-04 20:10 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2019-02-04 20:10 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2019-02-04 20:10 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2019-02-04 20:10 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2019-02-04 20:10 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2019-02-04 20:10 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2019-02-04 20:10 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2019-02-04 20:10 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2019-02-04 20:10 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2019-02-04 20:10 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2019-02-04 20:10 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2019-02-04 20:10 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2019-02-04 20:10 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2019-02-04 20:10 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2019-02-04 20:10 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2019-02-04 20:10 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2019-02-04 20:10 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2019-02-04 20:10 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2019-02-04 20:10 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2019-02-04 20:10 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2019-02-04 20:10 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2019-02-04 20:10 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2019-02-04 20:10 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2019-02-04 20:09 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2019-02-04 20:09 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-02-04 20:09 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2019-02-04 20:09 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2019-02-04 20:09 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2019-02-04 20:09 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2019-02-04 20:09 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2019-02-04 20:09 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2019-02-04 20:09 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2019-02-04 20:09 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-02-04 20:09 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2019-02-04 20:09 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2019-02-04 20:08 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2019-02-04 20:08 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2019-02-04 20:08 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2019-02-04 20:08 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2019-02-04 20:08 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2019-02-04 20:08 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2019-02-03 18:47 - 2019-02-03 18:47 - 000000031 _____ C:\Windows\progress
2019-02-03 11:29 - 2019-02-20 23:18 - 000000000 ____D C:\Users\Voldemort\Documents\Inquisitor_SaveGames
2019-02-03 11:24 - 2019-02-03 11:24 - 000002168 _____ C:\Users\Voldemort\Desktop\Inquisitor.lnk
2019-02-03 11:24 - 2019-02-03 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinemax
2019-02-03 11:23 - 2019-02-03 11:23 - 000000000 ____D C:\Program Files (x86)\Cinemax
2019-02-03 10:17 - 2019-02-03 10:17 - 000001064 _____ C:\Users\Voldemort\Desktop\Frozen Throne – zástupce.lnk
2019-02-03 10:17 - 2019-02-03 10:17 - 000001059 _____ C:\Users\Voldemort\Desktop\Warcraft III – zástupce.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-05 16:10 - 2018-10-19 13:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-05 16:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-03-05 11:32 - 2009-07-14 05:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-05 11:32 - 2009-07-14 05:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-05 11:26 - 2019-01-13 12:56 - 000003176 _____ C:\Windows\System32\Tasks\{A7AC877B-2182-45CD-A969-BDB5EF46B64E}
2019-03-05 11:26 - 2018-10-19 14:05 - 000003190 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1912340780-4118999615-3692102144-1001
2019-03-05 11:26 - 2018-10-13 23:06 - 000003118 _____ C:\Windows\System32\Tasks\{16417147-0F49-4E56-BA02-FB9A27DB04BE}
2019-03-05 11:26 - 2018-09-17 18:32 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-05 11:26 - 2018-09-17 18:32 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-05 11:26 - 2018-09-17 18:30 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-03-05 09:20 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-04 22:07 - 2018-09-25 20:27 - 000000000 ____D C:\Users\Voldemort\AppData\Roaming\vlc
2019-03-04 09:51 - 2018-09-17 18:30 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-03 19:49 - 2018-09-18 09:35 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-03-02 17:47 - 2016-08-17 16:58 - 001518372 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-02 17:47 - 2011-04-12 09:34 - 000646252 _____ C:\Windows\system32\perfh005.dat
2019-03-02 17:47 - 2011-04-12 09:34 - 000131362 _____ C:\Windows\system32\perfc005.dat
2019-03-02 11:24 - 2018-09-17 20:24 - 000000000 ____D C:\Hry
2019-03-02 11:23 - 2019-02-02 13:41 - 000000000 ____D C:\Users\Voldemort\AppData\Roaming\uTorrent
2019-03-02 11:20 - 2018-09-18 10:27 - 000000000 ____D C:\Users\Voldemort\AppData\Roaming\DAEMON Tools Lite
2019-03-01 17:43 - 2019-01-13 17:49 - 000000000 ____D C:\Users\Voldemort\Documents\Ascaron Entertainment
2019-03-01 10:24 - 2018-10-19 13:39 - 000002174 _____ C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-03-01 10:24 - 2018-10-19 13:39 - 000000000 ___RD C:\Users\Voldemort\OneDrive
2019-02-27 12:53 - 2018-09-30 13:58 - 000004194 _____ C:\Windows\System32\Tasks\Avast Cleanup Update
2019-02-26 09:01 - 2018-09-17 18:34 - 000002234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-26 09:01 - 2018-09-17 18:34 - 000002193 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-23 11:49 - 2018-09-17 18:38 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-20 21:03 - 2018-10-18 18:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-19 10:27 - 2018-09-17 18:30 - 000474456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-02-19 10:25 - 2018-10-22 17:08 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-02-19 10:25 - 2018-09-17 18:30 - 000379952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-02-19 10:25 - 2018-09-17 18:30 - 000216784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-02-19 10:25 - 2018-09-17 18:30 - 000167304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-02-19 10:25 - 2018-09-17 18:30 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-02-19 10:25 - 2018-09-17 18:30 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-02-19 10:23 - 2019-01-16 20:53 - 000225680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-02-19 10:23 - 2019-01-16 20:14 - 000320696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-02-19 10:23 - 2019-01-16 20:14 - 000196072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-02-19 10:23 - 2019-01-16 20:14 - 000057960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-02-19 10:23 - 2018-09-17 18:30 - 001034432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-02-19 10:23 - 2018-09-17 18:30 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-02-14 15:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-02-14 00:58 - 2016-08-17 16:58 - 001494190 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-02-13 09:01 - 2017-03-30 08:27 - 000000000 ____D C:\Windows\system32\MRT
2019-02-13 08:53 - 2017-03-30 08:27 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-11 18:27 - 2009-07-14 06:08 - 000032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-02-04 21:23 - 2018-06-12 05:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-02-04 20:13 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-02-03 18:57 - 2018-11-08 14:22 - 000000000 ____D C:\GOG Games
2019-02-03 18:57 - 2018-10-13 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-02-03 10:16 - 2019-01-13 13:00 - 000000000 ____D C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

==================== Files in the root of some directories =======

2018-10-04 19:14 - 2019-01-16 20:33 - 000007603 _____ () C:\Users\Voldemort\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-04 00:54

==================== End of FRST.txt ============================

a zde Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by Voldemort (05-03-2019 16:22:46)
Running from C:\Users\Voldemort\Desktop
Windows 7 Professional Service Pack 1 (X64) (2018-09-17 16:46:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1912340780-4118999615-3692102144-500 - Administrator - Disabled)
Guest (S-1-5-21-1912340780-4118999615-3692102144-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1912340780-4118999615-3692102144-1003 - Limited - Enabled)
Voldemort (S-1-5-21-1912340780-4118999615-3692102144-1001 - Administrator - Enabled) => C:\Users\Voldemort

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.3.6507 - AVAST Software)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
BechMan (HKLM-x32\...\BechMan_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
GameRanger (HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GUN (HKLM-x32\...\1460036036_is1) (Version: 2.0.0.3 - GOG.com)
HP Hotkey Support (HKLM-x32\...\{384737A1-509C-46EA-A1EC-C1B6DD3BDC2D}) (Version: 6.2.17.1 - HP)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HP Software Framework (HKLM-x32\...\{6CFAFC70-7191-4E07-AD9C-E7E0E564D6E1}) (Version: 4.0.96.1 - Hewlett-Packard Company)
HWiNFO64 Version 5.92 (HKLM\...\HWiNFO64_is1) (Version: 5.92 - Martin Malík - REALiX)
Chess 2020 (HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\Chess2020) (Version: 2020.12 - Filip Hofer)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Inquisitor v1.0 (HKLM-x32\...\Inquisitor_is1) (Version: - CINEMAX, s.r.o.)
Johanka z Arku (HKLM-x32\...\{F2AFB780-FF87-4E4B-8097-451152CDD321}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11328.20070 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11328.20070 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\OneDriveSetup.exe) (Version: 19.022.0203.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NecroVisioN (HKLM-x32\...\1624457803_is1) (Version: 1.2 - GOG.com)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11328.20070 - Microsoft Corporation) Hidden
Sierra Wireless (HP un2430) Mobile Broadband Driver Package (HKLM-x32\...\SWIHPDrvInstaller) (Version: 1.0.45.0 - Sierra Wireless Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.23 - Synaptics Incorporated)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09E76858-CA50-4E1E-B76D-09DEBA17AFBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {0D01508F-1476-4B07-A47D-90DF076292F2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {0E2BA504-0D23-418A-81DD-21C033FFCF42} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4C4DC150-024F-41D1-9CB2-3CBC4B779BA5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6D455DDE-781C-45F0-8E95-8EA28FCCC763} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7045AA83-1865-4F5E-B544-EF1DEBBAE9CF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {71DEAAD2-6D5A-4F17-95D1-765917D3FBB5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {74971CFC-D680-4BCD-9E90-50D1448774E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {932093C4-34DD-41B0-AC29-DADF41CA9A52} - System32\Tasks\{A7AC877B-2182-45CD-A969-BDB5EF46B64E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Johanka z Arku\VSetting.exe" -d "C:\Program Files\Johanka z Arku"
Task: {9DE5FD5C-7C01-4545-B00B-7A156F519293} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {9F9AC729-CFFF-4464-A5CB-86ED4A6B224D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {AB1E6433-D67B-44B1-947B-F3A6B7D99271} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {AE72355E-F8AC-4CE5-B8C9-EFAEE5550AE7} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AFB27B55-9799-42D6-A6D1-BFC3204CC2E6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F3BCBB0C-6E62-4DA1-94D2-99CCBFCE1716} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FC1D03CE-01F2-41B5-92F6-A02E95221024} - System32\Tasks\{16417147-0F49-4E56-BA02-FB9A27DB04BE} => C:\Windows\system32\pcalua.exe -a "E:\čeština\Planescape Torment - CZ.exe" -d E:\čeština

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2017-12-20 15:26 - 2016-01-26 04:55 - 000382976 _____ (Intel Corporation) [File not signed] C:\Windows\System32\igfxtray.exe
2017-12-20 15:26 - 2016-01-26 04:55 - 000762880 _____ (Intel Corporation) [File not signed] C:\Windows\System32\hkcmd.exe
2017-12-20 15:26 - 2016-01-26 04:55 - 000835072 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxsrvc.exe
2017-12-20 15:26 - 2016-01-26 04:55 - 000761344 _____ (Intel Corporation) [File not signed] C:\Windows\System32\igfxpers.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-16 19:59 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Voldemort\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{12665638-835A-47BD-B7A7-F805B8E625A4}C:\users\voldemort\desktop\vampire the masquerade - redemption\vampire.exe] => (Allow) C:\users\voldemort\desktop\vampire the masquerade - redemption\vampire.exe No File
FirewallRules: [UDP Query User{ACE3C0A0-4357-41A7-936D-573EC97044E3}C:\users\voldemort\desktop\vampire the masquerade - redemption\vampire.exe] => (Allow) C:\users\voldemort\desktop\vampire the masquerade - redemption\vampire.exe No File
FirewallRules: [TCP Query User{DA0934BC-F782-42C9-A32E-19BA247413A3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{AB582B62-9BD3-418A-A47F-B6821F249B76}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B5539551-510E-48CC-A66A-41ABF959E5D5}] => (Allow) C:\Users\Voldemort\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{598F0C12-D033-46E3-A19F-505E29D90D47}] => (Allow) C:\Users\Voldemort\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{9B81AA8E-391D-4F8F-98E5-27BA7D24A0C7}C:\program files (x86)\bsgo\launcher\launcher.exe] => (Allow) C:\program files (x86)\bsgo\launcher\launcher.exe No File
FirewallRules: [UDP Query User{0E92AAD5-0F2B-498E-8BB5-BF6E2F689E84}C:\program files (x86)\bsgo\launcher\launcher.exe] => (Allow) C:\program files (x86)\bsgo\launcher\launcher.exe No File
FirewallRules: [{BE56759F-9DFA-49B9-BFED-EB95C98EDA7F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [{C8A5F5F7-55BD-4EC2-8A21-C050EE754B92}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [TCP Query User{BC464C92-69F3-4AAC-B947-ECEB2BC76949}C:\users\voldemort\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\voldemort\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{73D8585F-982C-4A99-9CAD-B0EB5D91B5D4}C:\users\voldemort\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\voldemort\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [TCP Query User{D66B6EA0-2C2D-4F75-AA3C-047221E73961}C:\hry\quake\quake3.exe] => (Block) C:\hry\quake\quake3.exe () [File not signed]
FirewallRules: [UDP Query User{1F0C14D9-E0FD-4567-9F50-5581A472DF36}C:\hry\quake\quake3.exe] => (Block) C:\hry\quake\quake3.exe () [File not signed]
FirewallRules: [{B91C8E76-4AE8-4001-A4C1-E4568FF5D963}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{4BAF77F3-00FF-4CE5-9A37-302ECE289256}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{509C54BA-6FA3-4528-B29B-8E175C57E2C4}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{6D6A0CD7-AC04-43AE-8FDA-EB0E95AFCCF0}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{EF83CEA2-6F48-4573-A8B1-26BFC424544D}] => (Allow) C:\Users\Voldemort\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54E9ACCD-38B0-436C-B5A7-DC952A05E6E2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CCCAAD6-1A52-43F0-AD6C-BA512DE2AB21}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F54D1597-24C4-4C51-BE59-128B3A9D8ECA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{D23B1D6A-42FF-4C63-94F0-309FA0B06792}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

21-02-2019 17:13:43 Naplánovaný kontrolní bod
01-03-2019 12:40:39 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2019 04:10:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/05/2019 09:21:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/04/2019 10:10:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/03/2019 11:06:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/03/2019 12:04:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2019 05:42:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2019 05:37:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/02/2019 01:43:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1996) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Voldemort\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).


System errors:
=============
Error: (03/04/2019 10:07:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (03/04/2019 10:07:51 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (03/04/2019 10:07:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Cleanup Premium byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/04/2019 10:07:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/04/2019 10:07:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Sierra Wireless QDL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/04/2019 10:07:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP SI Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/04/2019 10:07:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/03/2019 11:22:20 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.101.
Počítač s IP adresou 192.168.0.100 nepovolil získání názvu
tímto počítačem.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz
Percentage of memory in use: 64%
Total physical RAM: 3959.49 MB
Available physical RAM: 1407.69 MB
Total Virtual: 7917.12 MB
Available Virtual: 5163.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:223.77 GB) NTFS ==>[drive with boot components (obtained from BCD)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 5281FCD9)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 05 bře 2019 20:47
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\SysWow64\IntelCpHeciSvc.exe
File: C:\Program Files\IDT\WDM\STacSV64.exe
File: C:\tools\kernrate
File: C:\Windows\progress
CMD: type "C:\Windows\progress"

HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\MountPoints2: {470bdfdd-fba3-11e8-9a81-f4b7e2dda5c1} - F:\SISetup.exe
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
Toolbar: HKU\S-1-5-21-1912340780-4118999615-3692102144-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
2019-03-02 17:51 - 2019-03-02 18:00 - 000000000 ____D C:\Program Files\trend micro
2019-03-02 17:51 - 2019-03-02 17:51 - 000000000 ____D C:\rsit
2019-03-02 17:46 - 2019-03-02 17:46 - 001222144 _____ C:\Users\Voldemort\Desktop\RSITx64.exe
Task: {932093C4-34DD-41B0-AC29-DADF41CA9A52} - System32\Tasks\{A7AC877B-2182-45CD-A969-BDB5EF46B64E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Johanka z Arku\VSetting.exe" -d "C:\Program Files\Johanka z Arku"
Task: {FC1D03CE-01F2-41B5-92F6-A02E95221024} - System32\Tasks\{16417147-0F49-4E56-BA02-FB9A27DB04BE} => C:\Windows\system32\pcalua.exe -a "E:\čeština\Planescape Torment - CZ.exe" -d E:\čeština

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 07 bře 2019 10:42
od Uživatel
Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019
Ran by Voldemort (07-03-2019 10:33:48) Run:1
Running from C:\Users\Voldemort\Desktop
Loaded Profiles: Voldemort (Available Profiles: Voldemort)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\SysWow64\IntelCpHeciSvc.exe
File: C:\Program Files\IDT\WDM\STacSV64.exe
File: C:\tools\kernrate
File: C:\Windows\progress
CMD: type "C:\Windows\progress"

HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\...\MountPoints2: {470bdfdd-fba3-11e8-9a81-f4b7e2dda5c1} - F:\SISetup.exe
HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
Toolbar: HKU\S-1-5-21-1912340780-4118999615-3692102144-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
2019-03-02 17:51 - 2019-03-02 18:00 - 000000000 ____D C:\Program Files\trend micro
2019-03-02 17:51 - 2019-03-02 17:51 - 000000000 ____D C:\rsit
2019-03-02 17:46 - 2019-03-02 17:46 - 001222144 _____ C:\Users\Voldemort\Desktop\RSITx64.exe
Task: {932093C4-34DD-41B0-AC29-DADF41CA9A52} - System32\Tasks\{A7AC877B-2182-45CD-A969-BDB5EF46B64E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Johanka z Arku\VSetting.exe" -d "C:\Program Files\Johanka z Arku"
Task: {FC1D03CE-01F2-41B5-92F6-A02E95221024} - System32\Tasks\{16417147-0F49-4E56-BA02-FB9A27DB04BE} => C:\Windows\system32\pcalua.exe -a "E:\�e�tina\Planescape Torment - CZ.exe" -d E:\�e�tina

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 57
Average :
Sum : 438256942
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Windows\SysWow64\IntelCpHeciSvc.exe ========================

C:\Windows\SysWow64\IntelCpHeciSvc.exe
File not signed
MD5: BC81F7CF9A310E8B6B5AE4964E717C3C
Creation and modification date: 2017-12-20 15:26 - 2016-01-26 04:55
Size: 000270848
Attributes: ----A
Company Name: Intel Corporation
Internal Name: IntelCpHeciSvc
Original Name: IntelCpHeciSvc.exe
Product: IntelCpHeciSvc Executable
Description: IntelCpHeciSvc Executable
File Version:
Product Version: 9.0.20.9000
Copyright: Copyright (C) 2011 Intel Corporation
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files\IDT\WDM\STacSV64.exe ========================

C:\Program Files\IDT\WDM\STacSV64.exe
File not signed
MD5: 634C0CDC3F63AED52982A15C21FA9939
Creation and modification date: 2018-06-12 05:14 - 2012-11-12 20:04
Size: 000327680
Attributes: ----N
Company Name: IDT, Inc.
Internal Name: IDT PCA
Original Name: stacsv64.exe
Product: IDT PC Audio
Description: IDT PC Audio
File Version: 1.0.6435.0
Product Version: 1.0.6435.0
Copyright: Copyright © 2004 - 2009 IDT, Inc.
VirusTotal: https://www.virustotal.com/file/9163a56 ... 547071270/

====== End of File: ======


========================= File: C:\tools\kernrate ========================

"C:\tools\kernrate" => not found
====== End of File: ======


========================= File: C:\Windows\progress ========================

C:\Windows\progress
File not signed
MD5: D19D1B80379B9ABFE23D27B71A546497
Creation and modification date: 2019-02-03 18:47 - 2019-02-03 18:47
Size: 000000031
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/c4aa192 ... 359467451/

====== End of File: ======


========= type "C:\Windows\progress" =========

[progress]
progress=progress

========= End of CMD: =========

HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{470bdfdd-fba3-11e8-9a81-f4b7e2dda5c1} => removed successfully
HKLM\Software\Classes\CLSID\{470bdfdd-fba3-11e8-9a81-f4b7e2dda5c1} => not found
"HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
"HKU\S-1-5-21-1912340780-4118999615-3692102144-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nladljmabboanhihfkjacnnkgjhnokhj => removed successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Voldemort\Desktop\RSITx64.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{932093C4-34DD-41B0-AC29-DADF41CA9A52}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{932093C4-34DD-41B0-AC29-DADF41CA9A52}" => removed successfully
C:\Windows\System32\Tasks\{A7AC877B-2182-45CD-A969-BDB5EF46B64E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A7AC877B-2182-45CD-A969-BDB5EF46B64E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC1D03CE-01F2-41B5-92F6-A02E95221024}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC1D03CE-01F2-41B5-92F6-A02E95221024}" => removed successfully
C:\Windows\System32\Tasks\{16417147-0F49-4E56-BA02-FB9A27DB04BE} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{16417147-0F49-4E56-BA02-FB9A27DB04BE}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8112144 B
Java, Flash, Steam htmlcache => 434 B
Windows/system/drivers => 14755191 B
Edge => 0 B
Chrome => 713575302 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 0 B
giga => 0 B
Voldemort => 162458455 B

RecycleBin => 0 B
EmptyTemp: => 865.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:35:11 ====

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 07 bře 2019 20:46
od Conder
:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
:arrow: Tiez skontroluj, ci existuje zlozka "C:\Windows\Minidump" a v pripade, ze sa v nej nachadzaju nejake subory, skopiruj ich niekde inde (napr. na plochu, do dokumentov), zabal do archivu RAR alebo ZIP, a vloz do prilohy k dalsiemu prispevku. Ak to nepojde do prilohy, tak ho nahraj na niektore webove ulozisko (napr. leteckaposta.cz) a posli odkaz na stiahnutie.

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 08 bře 2019 09:36
od Uživatel
V příloze posílám tu kontrolu integrity systémových souborů a soubor Minidump ve Windows nemám.
Počítač reaguje normálně, bez komplikací, načítání při spuštění je rychlejší.

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 09 bře 2019 01:33
od Conder
:arrow: Vyzera to OK. Ak uz teda nie su ziadne problemy s PC, tak este upraceme po pouzitych nastrojoch:

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 09 bře 2019 19:40
od Uživatel
Děkuji za pomoc s notebookem, vše je již v pořádku.

Re: Dobrý den, prosím o kontrolu logu RSIT

Napsal: 09 bře 2019 23:56
od Conder
Nie je zaco, rad som pomohol :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz