notebook se seká,nereaguje
Napsal: 29 dub 2020 17:33
Zdravím...
prosím o pomoc,...notebook se mi seká nereaguje často v záhlaví okna vypisuje v závorce text neodpovídá...
co jsem již zkoušel
krystaldisk ...nejde o vadu HW disk je dobrý
avast virový test...bez nálezu
Adwarecleaner... taky bez nálezu
zde jsou logy FRST a Additional...sám si netroufám dát něco do fixlistu ...nevím co by se stalo kdybych smazal něco omylem.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2020
Ran by Roman (administrator) on ROMAN-PC (LENOVO IdeaPad Z580) (29-04-2020 17:49:56)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\YOUCAM\YCMMirage.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation - Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\ENERGY MANAGEMENT\Energy Management.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\ENERGY MANAGEMENT\utility.exe
(LENOVO) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
(Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sunplus Innovation Technology Inc. -> ) [File not signed] C:\Program Files (x86)\LENOVO EASYCAMERA\Monitor.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [408872 2011-11-10] (Synaptics Incorporated -> Synaptics)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1096480 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [UpdatePRCShortCut1] => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM\...\Run: [HotKeysCmds1] => C:\Windows\system32\hkcmd.exe [411056 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [Persistence1] => C:\Windows\system32\igfxpers.exe [453552 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [IgfxTray1] => C:\Windows\system32\igfxtray.exe [183216 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [RtHDVBg_Dolby1] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2011-11-10] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-08] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-08] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [343040 2012-02-04] (Lenovo) [File not signed]
HKLM-x32\...\Run: [CAPOSD] => C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe [1876992 2012-02-09] (LENOVO) [File not signed]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink -> CyberLink Corp.) [File not signed]
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [Lenovo EasyCamera_Monitor] => C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [258936 2012-02-06] (Sunplus Innovation Technology Inc. -> ) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Policies\...\system: [disablecmd] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-24] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.1.3901.162\Installer\chrmstp.exe [2020-04-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [AutorunsDisabled] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll [2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
BootExecute: autocheck autochk * 耀��vøᤠ �ᰀ�钘�
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A9A16C4-C566-48ED-97FD-4A7B797528E8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {0CE30B04-CACF-4987-97D1-E4322176C267} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
Task: {2F7BDA6C-8167-4BB3-97A0-9B43E62B32EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {31069FF3-3825-4C94-AAA7-A07D93D792E7} - System32\Tasks\{1B833707-741D-47B8-BDDE-2010BF9BE397} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{200F62A0-CB7C-4F57-8E79-45D92E901DA2}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {39964426-A2DF-44CF-8184-89767D3BBC60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-18] (Adobe Inc. -> Adobe)
Task: {63FE8DE6-D57B-4F18-BBD6-0EBE9B81E23F} - System32\Tasks\{C333A024-D2D3-4785-8F1C-D8AC05B107D2} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {7E1DA85E-C581-4F88-AA30-3FC5FC9A7741} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7F2A7E0D-91B2-4667-98AD-18113A65EDE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-12] (Google LLC -> Google LLC)
Task: {83B36471-B189-46DF-AB93-63F2116CD160} - System32\Tasks\{A10DAF0C-F2C5-442E-877E-929B1EA0310D} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\setup.exe
Task: {8E5F37E3-0D59-42A1-92E9-A21D1F2957EA} - System32\Tasks\{D4A3B536-CA7B-457E-86A4-7949292469A1} => C:\Users\Roman\Documents\emulate\I4A.EXE [1800 2018-09-01] () [File not signed]
Task: {92ACC8E5-EE82-4BEB-8C78-30EE840903AF} - System32\Tasks\{3C565B93-7FFE-47C3-9DD4-A81596C1A0C0} => C:\Windows\system32\pcalua.exe -a C:\MeProgramy\DAEMONtools\daemon4304-lite.exe -d C:\MeProgramy\DAEMONtools
Task: {93D90012-EFC7-4797-A971-90D0E4893095} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A185EBF2-F87B-4F1B-9BFA-6EC6765CBF21} - System32\Tasks\{AF78792E-48B4-44DF-91D9-B26A64689DEF} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\_main.exe
Task: {A381A7FE-0A8C-4D43-BB73-375123DE99FC} - System32\Tasks\{DAC154C7-6423-4668-BE03-E04215A3C3C8} => C:\Users\Roman\Documents\emulate\I4A.EXE [1800 2018-09-01] () [File not signed]
Task: {AD266255-85DB-4506-BAC4-03E5D0EE5FDC} - System32\Tasks\{3C9F6374-6E28-40DE-B178-39D446460088} => C:\Windows\system32\pcalua.exe -a C:\MeProgramy\JTAG\urjtag-0.10.exe -d C:\MeProgramy\JTAG
Task: {AF3DC2E1-4C62-4A7E-A8AE-FE4D6539D662} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-12] (Google LLC -> Google LLC)
Task: {B75D31B9-CA73-40A5-A6ED-839C179DD280} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
Task: {B9D35FB0-4608-415F-9CEF-2C59A974B1C8} - System32\Tasks\{0F731421-C889-4536-A6DC-90BED2CB20EE} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {D87CC72E-1C8A-45F1-82A7-464AD0B6FBDB} - System32\Tasks\{CBEF9D86-18ED-4D17-84B9-D0706EBF61DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Roman\Downloads\sa2520_02_pal_eng.exe -d C:\Users\Roman\Downloads
Task: {DEDB057F-4D59-4F15-A2DC-27F71A1ACD8D} - System32\Tasks\{DBA6A7E7-AD58-4BAC-B458-D2AD7CF64774} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {E3A5ECC8-322C-4AA9-9C51-85DF8D6309C9} - System32\Tasks\{BB0EDB1E-5B0C-4326-B64D-122D7A4ACEA2} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\_main.exe
Task: {EB058A3C-BC05-433E-B298-B48788895A33} - System32\Tasks\{7E97F875-7619-4918-AAB1-B8AE23BC214B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Lenovo\Boot Optimizer\DeleteUninstall.exe" -d "C:\Program Files (x86)\Lenovo\Boot Optimizer"
Task: {F2354A8C-C4D1-42F6-9BD8-C240B5135159} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F363389C-DA12-4806-ACB1-DCDAC8C76A2D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-18] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1F004AE9-736A-4A9E-A206-DE238301C1BF}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DD39D036-017D-4A2E-B4A8-4BC12D6F774B}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.centrum.cz/
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... OH_csCZ565
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... OH_csCZ565
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
FireFox:
========
FF DefaultProfile: v2gkibd2.default-1476296225807-1525766073953
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 [2020-04-29]
FF Homepage: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> about:home
FF NewTab: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> hxxps://sledujufilmy.cz; hxxps://www.planetlagu.online; hxxps://badoo.com; hxxps://tinder.com; hxxps://forums.anandtech.com; hxxps://www.lide.cz
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
FF Extension: (No Name) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-18] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-18] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-06-21] (Nitro PDF Software -> )
FF Plugin HKU\S-1-5-21-683440959-2606681586-737459993-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default [2020-04-29]
CHR Notifications: Default -> hxxps://badoo.com
CHR StartupUrls: Default -> "hxxps://mail.centrum.cz/?restart=2","hxxps://www.youtube.com/","hxxps://aukro.cz/pri ... ebook.com/"
CHR Extension: (Prezentace) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-26]
CHR Extension: (Dokumenty) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-26]
CHR Extension: (Disk Google) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-26]
CHR Extension: (YouTube) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-26]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-04-26]
CHR Extension: (Tabulky) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-26]
CHR Extension: (Gmail) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.1.3901.162\elevation_service.exe [973760 2020-04-02] (Avast Software s.r.o. -> AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] (Intel Corporation -> )
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] (Intel Corporation - Mobile Wireless Group -> )
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-06-21] (Nitro PDF Software -> Nitro PDF Software)
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [69640 2012-06-21] (Nitro PDF Software -> Nalpeiron Ltd.)
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-24] (Lenovo (Beijing) Limited -> Lenovo)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel Corporation - Mobile Wireless Group -> Intel® Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] (ChengDu AoMei Tech Co., Ltd -> ) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [500960 2020-04-20] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459408 2020-04-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31088 2011-01-29] (CyberLink -> CyberLink Corporation)
S3 CyFwLoad; C:\Windows\System32\Drivers\usb2demon.sys [55600 2011-01-26] (Macraigor Systems LLC -> Cypress Semiconductor)
S3 CYUSB; C:\Windows\System32\Drivers\usb2demon.sys [55600 2011-01-26] (Macraigor Systems LLC -> Cypress Semiconductor)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [95168 2016-03-16] (Future Technology Devices International Ltd -> FTDI Ltd.)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2016-07-31] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2015-04-17] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
S3 jlink; C:\Windows\System32\DRIVERS\jlinkx64.sys [45200 2017-03-10] (SEGGER Microcontroller GmbH & Co. KG -> SEGGER Microcontroller GmbH & Co. KG)
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-24] (Lenovo (Beijing) Limited -> Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-22] (Lenovo (Beijing) Limited -> Lenovo Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
S4 portio; C:\Windows\System32\DRIVERS\WP800IO.sys [8664 2007-09-05] (TestCertforWDK -> WinPic800) [File not signed]
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2002-10-16] () [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-03-27] () [File not signed]
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo LTD -> Jungo)
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-29 17:49 - 2020-04-29 17:56 - 000035273 _____ C:\Users\Roman\Desktop\FRST.txt
2020-04-29 17:47 - 2020-04-29 17:47 - 000000179 _____ C:\Users\Roman\Desktop\Fixlog.txt
2020-04-29 17:37 - 2020-04-29 17:42 - 002283008 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2020-04-26 16:13 - 2020-04-26 16:13 - 000000000 ____D C:\8a84e995d3007edc059bb8
2020-04-26 15:57 - 2019-02-21 06:10 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-26 15:57 - 2019-02-21 06:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-26 15:57 - 2019-02-21 06:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-04-26 15:57 - 2019-02-21 06:08 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:59 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-04-26 15:57 - 2019-02-21 05:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2020-04-26 15:57 - 2019-02-21 05:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-04-26 15:57 - 2019-02-21 05:56 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-04-26 15:57 - 2019-02-21 05:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-04-26 15:57 - 2019-02-21 05:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-04-26 15:57 - 2019-02-21 05:41 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-04-26 15:57 - 2019-02-21 05:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-04-26 15:57 - 2019-02-21 05:39 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-04-26 15:57 - 2019-02-21 05:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-04-26 15:57 - 2019-02-21 05:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-04-26 15:57 - 2019-02-21 05:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2020-04-26 15:57 - 2019-02-21 05:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-26 15:57 - 2019-02-21 05:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-04-26 15:57 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2020-04-26 15:57 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2020-04-26 15:57 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2020-04-26 15:57 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2020-04-26 15:57 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2020-04-26 15:57 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2020-04-26 15:57 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2020-04-26 15:57 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2020-04-26 15:57 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2020-04-26 15:57 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2020-04-26 15:57 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2020-04-26 15:57 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-04-26 15:57 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-04-26 15:57 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-04-26 15:57 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2020-04-26 15:56 - 2019-02-21 06:12 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-04-26 15:56 - 2019-02-21 06:10 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-26 15:56 - 2019-02-21 06:09 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-04-26 15:56 - 2019-02-21 06:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-04-26 15:56 - 2019-02-21 06:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-04-26 15:56 - 2019-02-21 06:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-04-26 15:56 - 2019-02-21 05:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2020-04-26 15:56 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2020-04-26 15:56 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-04-26 15:56 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2020-04-26 15:56 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2020-04-26 15:56 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2020-04-26 15:56 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-04-26 15:56 - 2018-11-18 04:56 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-04-26 15:56 - 2018-11-18 04:44 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-26 15:56 - 2018-11-18 04:43 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-04-26 09:26 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-04-19 06:22 - 2020-04-19 06:22 - 022267336 _____ (Piriform Software Ltd) C:\Users\Roman\Downloads\ccsetup565.exe
2020-04-06 18:37 - 2020-04-06 18:37 - 008196784 _____ (Malwarebytes) C:\Users\Roman\Downloads\adwcleaner_8.0.4.exe
2020-04-05 09:34 - 2020-04-28 21:54 - 000003292 _____ C:\Windows\system32\Tasks\{1B833707-741D-47B8-BDDE-2010BF9BE397}
2020-04-05 09:26 - 2020-04-05 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Philips Digital Audio Player
2020-04-05 09:23 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{AF78792E-48B4-44DF-91D9-B26A64689DEF}
2020-04-05 09:17 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{BB0EDB1E-5B0C-4326-B64D-122D7A4ACEA2}
2020-04-05 09:17 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{A10DAF0C-F2C5-442E-877E-929B1EA0310D}
2020-04-05 09:06 - 2020-04-05 09:06 - 000000000 ____D C:\Users\Roman\AppData\Roaming\CoSoSys
2020-04-05 08:57 - 2020-04-05 08:57 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-04-05 08:56 - 2020-04-05 08:56 - 000000000 ____D C:\Program Files\EaseUS
2020-04-04 17:54 - 2020-04-20 16:53 - 000500960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000337048 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-04-04 17:54 - 2020-04-04 17:54 - 000235696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000175920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-29 17:55 - 2018-04-22 09:06 - 000000000 ____D C:\FRST
2020-04-29 17:18 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-29 17:18 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-29 17:16 - 2017-03-01 19:39 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-04-29 17:00 - 2014-03-29 23:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-29 17:00 - 2012-08-08 09:52 - 000539831 _____ C:\Windows\system32\fastboot.set
2020-04-29 16:59 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-28 22:11 - 2012-08-08 09:29 - 001560204 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-04-28 22:11 - 2012-08-08 08:43 - 000669116 _____ C:\Windows\system32\perfh005.dat
2020-04-28 22:11 - 2012-08-08 08:43 - 000141744 _____ C:\Windows\system32\perfc005.dat
2020-04-28 22:11 - 2009-07-14 07:13 - 001560204 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-28 22:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-28 21:54 - 2020-03-07 12:31 - 000003142 _____ C:\Windows\system32\Tasks\{CBEF9D86-18ED-4D17-84B9-D0706EBF61DE}
2020-04-28 21:54 - 2020-03-01 16:34 - 000003142 _____ C:\Windows\system32\Tasks\{3C565B93-7FFE-47C3-9DD4-A81596C1A0C0}
2020-04-28 21:54 - 2020-01-12 17:51 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-28 21:54 - 2020-01-12 17:51 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-28 21:54 - 2019-04-13 19:06 - 000003106 _____ C:\Windows\system32\Tasks\{3C9F6374-6E28-40DE-B178-39D446460088}
2020-04-28 21:54 - 2018-09-01 18:35 - 000002946 _____ C:\Windows\system32\Tasks\{DAC154C7-6423-4668-BE03-E04215A3C3C8}
2020-04-28 21:54 - 2018-09-01 18:35 - 000002946 _____ C:\Windows\system32\Tasks\{D4A3B536-CA7B-457E-86A4-7949292469A1}
2020-04-28 21:54 - 2018-08-16 11:39 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-28 21:54 - 2018-08-16 11:39 - 000002790 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{DBA6A7E7-AD58-4BAC-B458-D2AD7CF64774}
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{C333A024-D2D3-4785-8F1C-D8AC05B107D2}
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{0F731421-C889-4536-A6DC-90BED2CB20EE}
2020-04-28 21:54 - 2018-03-17 18:55 - 000004528 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-28 21:54 - 2015-12-03 22:39 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-27 22:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2020-04-26 18:59 - 2013-12-10 19:00 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-04-26 18:59 - 2013-12-10 19:00 - 000000000 ____D C:\Windows\system32\MRT
2020-04-26 16:23 - 2013-12-07 06:18 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-04-26 16:23 - 2013-12-07 06:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2020-04-26 16:13 - 2013-12-07 06:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-04-26 15:38 - 2013-12-06 21:23 - 000000000 ____D C:\MeProgramy
2020-04-26 09:12 - 2018-04-20 21:20 - 000000000 ____D C:\zoek_backup
2020-04-26 08:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-04-25 10:14 - 2012-08-08 09:03 - 000000000 ____D C:\Windows\softwaredistribution.bak
2020-04-24 20:39 - 2013-12-06 21:09 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-24 17:28 - 2020-01-12 17:53 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-24 17:28 - 2020-01-12 17:53 - 000002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-24 17:28 - 2020-01-12 17:53 - 000002194 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-19 06:28 - 2014-05-02 18:27 - 000000000 ____D C:\Windows\Minidump
2020-04-19 06:25 - 2018-08-16 11:38 - 000000793 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-19 06:25 - 2018-08-16 11:38 - 000000793 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-04-18 16:06 - 2018-12-23 20:25 - 000000000 ____D C:\Users\Roman\AppData\Local\ElevatedDiagnostics
2020-04-18 08:52 - 2013-12-06 22:36 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-04-18 08:52 - 2013-12-06 22:36 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-04-18 08:52 - 2013-12-06 22:36 - 000004398 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-18 08:52 - 2013-12-06 22:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-04-18 08:52 - 2013-12-06 22:35 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2020-04-18 08:52 - 2012-08-08 09:43 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-16 20:04 - 2018-04-05 19:15 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-04-16 20:04 - 2018-04-05 19:15 - 000002397 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-04-16 20:04 - 2018-04-05 19:15 - 000002397 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-04-16 19:28 - 2013-12-06 21:12 - 000459408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-04-05 09:36 - 2018-05-08 09:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-05 09:35 - 2012-08-08 09:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-05 09:34 - 2020-03-07 12:25 - 000000000 ____D C:\Philips
2020-04-04 17:54 - 2018-10-14 17:55 - 000042984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000317280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000109480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000085056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-04-04 17:53 - 2019-01-14 17:55 - 000234776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000178968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000060696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000037856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-04-04 17:53 - 2017-11-09 19:31 - 000206120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-04-04 17:53 - 2013-12-06 21:12 - 000851808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
==================== Files in the root of some directories ========
2019-07-21 10:55 - 2019-07-21 10:55 - 000003584 _____ () C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-08 19:38 - 2014-05-05 00:47 - 000007597 _____ () C:\Users\Roman\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-04-27 22:38
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2020
Ran by Roman (29-04-2020 18:00:12)
Running from C:\Users\Roman\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-06 18:28:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-683440959-2606681586-737459993-500 - Administrator - Disabled)
Guest (S-1-5-21-683440959-2606681586-737459993-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-683440959-2606681586-737459993-1003 - Limited - Enabled)
Roman (S-1-5-21-683440959-2606681586-737459993-1001 - Administrator - Enabled) => C:\Users\Roman
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{36381D51-CC5E-4698-A0CC-E939C75EC9D8}) (Version: 1.5 - Eyeo GmbH)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
AOMEI Partition Assistant Standard Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ASIX UP v.3-30 (HKLM-x32\...\ASIX UP_is1) (Version: - ASIX s.r.o.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.1.3901.162 - Autoři prohlížeče Avast Secure Browser)
AVR Jungo USB (HKLM-x32\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 10.4 - Atmel)
AVR QTouch Studio (HKLM-x32\...\{7BE9E558-BE53-4939-9565-A0BEA2F839D0}) (Version: 4.4.1 - Atmel)
AVR Studio 5.1 (HKLM-x32\...\{D574D18C-9D52-4B4B-9647-AE6B89FD3F70}) (Version: 5.1.208 - Atmel)
Balíček ovladače systému Windows - KEIL - Tools By ARM (WinUSB) USB (08/29/2013 1.0.0.3) (HKLM\...\C96E78AFEDFD4529DF572369E6FD81679F49E548) (Version: 08/29/2013 1.0.0.3 - KEIL - Tools By ARM)
Balíček ovladače systému Windows - KEIL - Tools By ARM USBDevice (12/12/2017 1.0.1.0) (HKLM\...\54D3313C65675EDD5FC15BEE546C5E6E20229BE8) (Version: 12/12/2017 1.0.1.0 - KEIL - Tools By ARM)
Balíček ovladače systému Windows - Segger (jlink) USB (01/26/2017 2.70.08.0) (HKLM\...\D12F44630DF6CA437A5B43B0F1A4C5A54E130B0D) (Version: 01/26/2017 2.70.08.0 - Segger)
Balíček ovladače systému Windows - Segger (jlink) USB (07/28/2014 2.6.8.1) (HKLM\...\468237BA12C6D9DD0125166A16609C632EE9CF1C) (Version: 07/28/2014 2.6.8.1 - Segger)
Balíček ovladače systému Windows - SEGGER (JLinkCDC_x64) Ports (08/28/2014 6.0.2601.5) (HKLM\...\ED80E3D3A350D18BFD3D3D8DAED8E2B19105763A) (Version: 08/28/2014 6.0.2601.5 - SEGGER)
Borland C++Builder 6 (HKLM-x32\...\{2864C41B-EF2D-4640-95A2-526276524519}) (Version: 6.0 - Borland Software Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
EAGLE 5.11.0 (HKLM-x32\...\EAGLE 5.11.0) (Version: 5.11.0 - CadSoft Computer GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
J-Link V4.94i (HKLM-x32\...\J-Link V4.94i) (Version: V4.94i - SEGGER Microcontroller Systeme GmbH)
Keil µVision4 (HKLM-x32\...\Keil µVision4) (Version: 5.27.1.0 - ARM Ltd)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
mikroC (remove only) (HKLM-x32\...\mikroC) (Version: - )
mikroC PRO for ARM (remove only) (HKLM-x32\...\mikroC PRO for ARM) (Version: 6.2.0.0 - mikroElektronika)
mikroPascal (remove only) (HKLM-x32\...\mikroPascal) (Version: - )
mikroPascal for AVR (remove only) (HKLM-x32\...\mikroPascal for AVR) (Version: - )
MPLAB X IDE v4.05 (HKLM-x32\...\MPLAB X IDE v4.05 v4.05) (Version: v4.05 - Microchip)
MPLAB XC16 C Compiler (HKLM-x32\...\MPLAB XC16 C Compiler v1.33) (Version: v1.33 - Microchip)
MPLAB XC32 Compiler (HKLM-x32\...\MPLAB XC32 Compiler v1.44) (Version: v1.44 - Microchip)
MPLAB XC8 C Compiler (HKLM-x32\...\MPLAB XC8 C Compiler v1.44) (Version: v1.44 - Microchip)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA Ovladače grafiky 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
OpenOffice 4.1.4 (HKLM-x32\...\{6CA4F7F3-B909-4292-B791-AAA959155DE0}) (Version: 4.14.9788 - Apache Software Foundation)
Ovládací panel NVIDIA 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 345.20 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PuTTY release 0.70 (HKLM-x32\...\{0B06C05B-0069-4FE8-AC19-AAF6678FD0A8}) (Version: 0.70.0.0 - Simon Tatham)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.48.823.2011 - Realtek)
Red Alert 2 (HKLM-x32\...\Red Alert 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
State of War (HKLM-x32\...\State of War) (Version: - )
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Windows Driver Package - ASIX s.r.o. ASIX Development Tools Driver Package (07/10/2015 2.12.06) (HKLM\...\63179435CD5991EB4724264B890E0ED379471EE7) (Version: 07/10/2015 2.12.06 - ASIX s.r.o.)
Windows Driver Package - ASIX s.r.o. ASIX Development Tools Driver Package (09/28/2016 2.12.24) (HKLM\...\5378E6D0AF40C93BBB4559D6D163139BADD54A56) (Version: 09/28/2016 2.12.24 - ASIX s.r.o.)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [NPShellExtension] -> {D7ECBD0E-B8E3-4a0c-9E84-514298EFA583} => C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll [2012-06-21] (Nitro PDF Software -> )
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [IkeyShlExt] -> {F1E551D1-822B-40e6-B4D8-A9B4A48AA07A} => C:\Windows\system32\SimpleExt.dll [2012-08-08] (Lenovo (Beijing) Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\POWER2GO\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Roman\Desktop\test.lnk -> C:\Program Files (x86)\SEGGER\JLink_V494i\test.bat ()
ShortcutWithArgument: C:\Users\Roman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2011-06-28 08:28 - 2011-06-28 08:28 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll
2012-08-08 09:30 - 2012-05-21 09:24 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2011-11-22 23:00 - 2011-11-22 23:00 - 000498176 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
2011-12-08 18:53 - 2011-12-08 18:53 - 000168448 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2011-12-08 18:55 - 2011-12-08 18:55 - 000283648 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2011-12-08 18:54 - 2011-12-08 18:54 - 003280896 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2011-12-08 18:54 - 2011-12-08 18:54 - 000102400 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2011-12-08 18:56 - 2011-12-08 18:56 - 000093696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2011-12-08 18:55 - 2011-12-08 18:55 - 000052224 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2011-12-08 19:01 - 2011-12-08 19:01 - 000518656 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2011-12-08 19:03 - 2011-12-08 19:03 - 000290304 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\panihvint.dll
2011-12-08 18:59 - 2011-12-08 18:59 - 000978432 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2011-12-08 19:04 - 2011-12-08 19:04 - 000160256 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
2011-12-08 18:52 - 2011-12-08 18:52 - 000020992 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2011-12-08 19:00 - 2011-12-08 19:00 - 002394112 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2013-12-07 11:45 - 2013-12-07 11:45 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
2011-12-08 18:12 - 2011-12-08 18:12 - 001830912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com
There are 4746 more sites.
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4748 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-10-05 11:01 - 2020-04-26 08:27 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\PROGRA~2\Borland\CBUILD~1\Bin;C:\PROGRA~2\Borland\CBUILD~1\Projects\Bpl;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files\Lenovo\Bluetooth Software;C:\Program Files\Lenovo\Bluetooth Software\syswow64;;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone;C:\Program Files (x86)\PuTTY\
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.Startup
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Intelligent Touchpad => C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
MSCONFIG\startupreg: OnekeyStudio => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6D014DEC-A2C5-4995-8BE3-584F89BED619}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{511220C7-6FE3-469E-9342-7B31C15B43E1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AB3BFA7-F5E8-49DA-BAB0-BF56820DA0C7}] => (Allow) LPort=2869
FirewallRules: [{672D39F5-5497-4838-9C24-0505855D2D82}] => (Allow) LPort=1900
FirewallRules: [{27BDB785-6C1D-459E-BA81-43EC041108D0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B8705A8-1F40-435A-983F-0EB88EAD91FD}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4237FF2-88A1-4282-A51B-64DE1253886F}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation -> Intel Corporation)
FirewallRules: [{435580A1-E9DF-4F55-910A-3CD8305F6DE4}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{A7120233-09C2-4DB3-8BC6-9EAD6211DC4D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{8CD5A8B6-4568-4FBA-B23A-906340B6439C}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{0BC86A65-947E-4630-8691-C8F60948361D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{2534CB2A-36C1-4C04-8C34-015E5FF6FC49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14440D45-10C1-4161-B9BE-B5534F1146E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6D690019-471C-448C-961F-4F6D386478D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F07C5053-29A5-4329-95FC-5A3027463983}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BCB4B38-000C-4037-A2ED-E2F1BF551388}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E30B0B5-CBAD-4357-92E5-D513C7C7576C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C2695A0-8C9B-437F-8E27-29F969AE79F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{010BA73D-0163-4CA0-AEEE-9B1EDF7376A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0D3B6BE-9517-45A4-8D91-9BC3510A9095}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD5C6A9F-A570-410E-89A4-B144B6C2B9C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{642EF558-4E2E-4A81-A3E3-989C1242AB69}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [UDP Query User{4FBAE129-654C-469E-B31D-5F2B1808F654}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [TCP Query User{0872E1DA-B38E-4E70-A3E7-5D1738A0CB69}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [UDP Query User{E0B07BF2-E711-4749-B20B-C3E521B8D32E}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [TCP Query User{418B447E-E4FB-4F5E-AB50-C8B64CB379EE}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [UDP Query User{6BB3BD3B-C72A-49EE-AFC0-30043AA8674D}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [TCP Query User{1A6DC258-F77B-46D4-BDCF-5486D44C1BDE}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{5BF82198-ECA5-4A59-820C-594BB8C6D30A}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{8A079D9E-9E18-4231-9156-3B3257C8FF8D}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{07D8685D-8BC0-47B5-B6E3-9C1DB91FBE19}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{559C282C-3770-4269-9C40-56C5ACB297DB}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{13FB9306-FE1C-4F50-B17F-D4FAAB8A2E73}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{4E6E04D5-F468-41C0-B911-4AD0A709B97C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AD8904D0-85F3-4222-8696-C7523D51EC55}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9D71F414-6F86-4A45-8874-CCB6F3E46163}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2F3A74D1-C766-4D24-9D76-B6C4E9F2A7DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{45B1D901-F80A-4D57-8953-D1C58B65718B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7BFE13B1-9D20-4DBC-B0CC-B6C0881B96DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{85976001-D918-440B-A760-E4985BA38D73}C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe] => (Allow) C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe (SEGGER Microcontroller GmbH & Co. KG -> )
FirewallRules: [UDP Query User{93ADFE7F-E431-4B40-A4E9-FDE6618726F5}C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe] => (Allow) C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe (SEGGER Microcontroller GmbH & Co. KG -> )
FirewallRules: [TCP Query User{849AAAF1-99B0-42E6-8338-B9300E6FF27E}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{CB68EBC7-A034-41C8-BED5-FA8D03025766}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [TCP Query User{E7F9C9F2-F8D9-4615-BF00-8072C7C4FC27}C:\program files (x86)\r.g. mechanics\red alert 2\game.exe] => (Block) C:\program files (x86)\r.g. mechanics\red alert 2\game.exe (Westwood Studios) [File not signed]
FirewallRules: [UDP Query User{76F8009A-1364-49E7-AF7A-9E84922B8D85}C:\program files (x86)\r.g. mechanics\red alert 2\game.exe] => (Block) C:\program files (x86)\r.g. mechanics\red alert 2\game.exe (Westwood Studios) [File not signed]
FirewallRules: [{2AB11DE4-3FC5-45D6-83C2-2660F7AD39DA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06902E9A-BBC3-411E-A344-6E043623B74A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{242342BA-953E-4595-9A12-B66BC44896E2}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{33A63E42-FA83-415A-A273-A1BEB5D9912F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
05-04-2020 09:17:52 Installed GoGear SA3MXX Device Manager
05-04-2020 09:19:40 Instalace balíčku ovladače zařízení: Fuzhou Rockchip
05-04-2020 09:26:12 Installed SA22xx Device Manager
05-04-2020 09:33:57 Removed SA22xx Device Manager
05-04-2020 09:34:56 Removed GoGear SA3MXX Device Manager
05-04-2020 09:46:31 Installed MalvaStyle Disk Repair.
05-04-2020 09:58:11 Removed MalvaStyle Disk Repair.
18-04-2020 05:48:55 Naplánovaný kontrolní bod
25-04-2020 07:23:12 Naplánovaný kontrolní bod
26-04-2020 15:58:48 Windows Update
26-04-2020 16:55:02 Windows Update
26-04-2020 17:21:06 Windows Update
26-04-2020 18:37:59 Windows Update
26-04-2020 20:22:09 Windows Update
28-04-2020 22:03:24 Windows Update
29-04-2020 17:46:05 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/29/2020 05:02:10 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---�).
Error: (04/29/2020 05:01:40 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---WSearch failed with 0, The Code is:0x710.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).
System errors:
=============
Error: (04/29/2020 05:51:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80092004): 2020-01, kum. akt. zab. a kval. pro .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 pro Windows 7 a Server 2008 R2 pro x64 (KB4535102).
Error: (04/29/2020 05:11:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.
Error: (04/29/2020 05:05:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.
Error: (04/29/2020 05:05:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.
Error: (04/29/2020 05:05:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.
Error: (04/28/2020 10:06:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80092004): 2020-01, kum. akt. zab. a kval. pro .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 pro Windows 7 a Server 2008 R2 pro x64 (KB4535102).
Error: (04/28/2020 05:18:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.
Error: (04/28/2020 05:18:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.
Windows Defender:
===================================
Date: 2015-09-13 08:14:24.894
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{301918C8-B984-43D8-88AE-8C4422055A16}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2016-03-06 07:50:19.295
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2016-03-06 07:50:18.598
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.213.6009.0
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.11701.0
Předchozí verze modulu:
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2016-03-06 07:50:18.557
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.11701.0
Předchozí verze modulu:
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2014-11-08 04:00:08.978
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2014-11-08 03:53:11.962
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2016-11-29 17:32:10.765
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-29 17:32:10.671
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-28 18:36:42.123
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-28 18:36:42.030
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-27 07:42:54.231
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-27 07:42:54.137
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-26 17:26:20.853
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-26 17:26:20.759
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO 5FCN34WW 06/11/2012
Motherboard: LENOVO Lenovo
Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 93%
Total physical RAM: 3955.32 MB
Available physical RAM: 252.37 MB
Total Virtual: 7908.77 MB
Available Virtual: 2535.95 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:886.32 GB) (Free:504.85 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:20.87 GB) NTFS
\\?\Volume{876e86c6-e126-11e1-b8e6-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C70BA6D4)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)
==================== End of Addition.txt =======================
prosím o pomoc,...notebook se mi seká nereaguje často v záhlaví okna vypisuje v závorce text neodpovídá...
co jsem již zkoušel
krystaldisk ...nejde o vadu HW disk je dobrý
avast virový test...bez nálezu
Adwarecleaner... taky bez nálezu
zde jsou logy FRST a Additional...sám si netroufám dát něco do fixlistu ...nevím co by se stalo kdybych smazal něco omylem.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2020
Ran by Roman (administrator) on ROMAN-PC (LENOVO IdeaPad Z580) (29-04-2020 17:49:56)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\YOUCAM\YCMMirage.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation - Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\ENERGY MANAGEMENT\Energy Management.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\ENERGY MANAGEMENT\utility.exe
(LENOVO) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
(Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sunplus Innovation Technology Inc. -> ) [File not signed] C:\Program Files (x86)\LENOVO EASYCAMERA\Monitor.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [408872 2011-11-10] (Synaptics Incorporated -> Synaptics)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1096480 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [UpdatePRCShortCut1] => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM\...\Run: [HotKeysCmds1] => C:\Windows\system32\hkcmd.exe [411056 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [Persistence1] => C:\Windows\system32\igfxpers.exe [453552 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [IgfxTray1] => C:\Windows\system32\igfxtray.exe [183216 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [RtHDVBg_Dolby1] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2847016 2011-11-10] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-08] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-08] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [343040 2012-02-04] (Lenovo) [File not signed]
HKLM-x32\...\Run: [CAPOSD] => C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe [1876992 2012-02-09] (LENOVO) [File not signed]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink -> CyberLink Corp.) [File not signed]
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [Lenovo EasyCamera_Monitor] => C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [258936 2012-02-06] (Sunplus Innovation Technology Inc. -> ) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Policies\...\system: [disablecmd] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-24] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.1.3901.162\Installer\chrmstp.exe [2020-04-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [AutorunsDisabled] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll [2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
BootExecute: autocheck autochk * 耀��vøᤠ �ᰀ�钘�
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A9A16C4-C566-48ED-97FD-4A7B797528E8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {0CE30B04-CACF-4987-97D1-E4322176C267} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
Task: {2F7BDA6C-8167-4BB3-97A0-9B43E62B32EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {31069FF3-3825-4C94-AAA7-A07D93D792E7} - System32\Tasks\{1B833707-741D-47B8-BDDE-2010BF9BE397} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{200F62A0-CB7C-4F57-8E79-45D92E901DA2}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {39964426-A2DF-44CF-8184-89767D3BBC60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-18] (Adobe Inc. -> Adobe)
Task: {63FE8DE6-D57B-4F18-BBD6-0EBE9B81E23F} - System32\Tasks\{C333A024-D2D3-4785-8F1C-D8AC05B107D2} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {7E1DA85E-C581-4F88-AA30-3FC5FC9A7741} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7F2A7E0D-91B2-4667-98AD-18113A65EDE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-12] (Google LLC -> Google LLC)
Task: {83B36471-B189-46DF-AB93-63F2116CD160} - System32\Tasks\{A10DAF0C-F2C5-442E-877E-929B1EA0310D} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\setup.exe
Task: {8E5F37E3-0D59-42A1-92E9-A21D1F2957EA} - System32\Tasks\{D4A3B536-CA7B-457E-86A4-7949292469A1} => C:\Users\Roman\Documents\emulate\I4A.EXE [1800 2018-09-01] () [File not signed]
Task: {92ACC8E5-EE82-4BEB-8C78-30EE840903AF} - System32\Tasks\{3C565B93-7FFE-47C3-9DD4-A81596C1A0C0} => C:\Windows\system32\pcalua.exe -a C:\MeProgramy\DAEMONtools\daemon4304-lite.exe -d C:\MeProgramy\DAEMONtools
Task: {93D90012-EFC7-4797-A971-90D0E4893095} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A185EBF2-F87B-4F1B-9BFA-6EC6765CBF21} - System32\Tasks\{AF78792E-48B4-44DF-91D9-B26A64689DEF} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\_main.exe
Task: {A381A7FE-0A8C-4D43-BB73-375123DE99FC} - System32\Tasks\{DAC154C7-6423-4668-BE03-E04215A3C3C8} => C:\Users\Roman\Documents\emulate\I4A.EXE [1800 2018-09-01] () [File not signed]
Task: {AD266255-85DB-4506-BAC4-03E5D0EE5FDC} - System32\Tasks\{3C9F6374-6E28-40DE-B178-39D446460088} => C:\Windows\system32\pcalua.exe -a C:\MeProgramy\JTAG\urjtag-0.10.exe -d C:\MeProgramy\JTAG
Task: {AF3DC2E1-4C62-4A7E-A8AE-FE4D6539D662} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-12] (Google LLC -> Google LLC)
Task: {B75D31B9-CA73-40A5-A6ED-839C179DD280} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
Task: {B9D35FB0-4608-415F-9CEF-2C59A974B1C8} - System32\Tasks\{0F731421-C889-4536-A6DC-90BED2CB20EE} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {D87CC72E-1C8A-45F1-82A7-464AD0B6FBDB} - System32\Tasks\{CBEF9D86-18ED-4D17-84B9-D0706EBF61DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Roman\Downloads\sa2520_02_pal_eng.exe -d C:\Users\Roman\Downloads
Task: {DEDB057F-4D59-4F15-A2DC-27F71A1ACD8D} - System32\Tasks\{DBA6A7E7-AD58-4BAC-B458-D2AD7CF64774} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {E3A5ECC8-322C-4AA9-9C51-85DF8D6309C9} - System32\Tasks\{BB0EDB1E-5B0C-4326-B64D-122D7A4ACEA2} => C:\Users\Roman\Downloads\sa3mxx04k_37_pal_aen\_main.exe
Task: {EB058A3C-BC05-433E-B298-B48788895A33} - System32\Tasks\{7E97F875-7619-4918-AAB1-B8AE23BC214B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Lenovo\Boot Optimizer\DeleteUninstall.exe" -d "C:\Program Files (x86)\Lenovo\Boot Optimizer"
Task: {F2354A8C-C4D1-42F6-9BD8-C240B5135159} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F363389C-DA12-4806-ACB1-DCDAC8C76A2D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-18] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1F004AE9-736A-4A9E-A206-DE238301C1BF}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DD39D036-017D-4A2E-B4A8-4BC12D6F774B}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mail.centrum.cz/
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... OH_csCZ565
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... OH_csCZ565
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
FireFox:
========
FF DefaultProfile: v2gkibd2.default-1476296225807-1525766073953
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 [2020-04-29]
FF Homepage: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> about:home
FF NewTab: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953 -> hxxps://sledujufilmy.cz; hxxps://www.planetlagu.online; hxxps://badoo.com; hxxps://tinder.com; hxxps://forums.anandtech.com; hxxps://www.lide.cz
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
FF Extension: (No Name) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\v2gkibd2.default-1476296225807-1525766073953\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-18] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-18] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-06-21] (Nitro PDF Software -> )
FF Plugin HKU\S-1-5-21-683440959-2606681586-737459993-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default [2020-04-29]
CHR Notifications: Default -> hxxps://badoo.com
CHR StartupUrls: Default -> "hxxps://mail.centrum.cz/?restart=2","hxxps://www.youtube.com/","hxxps://aukro.cz/pri ... ebook.com/"
CHR Extension: (Prezentace) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-26]
CHR Extension: (Dokumenty) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-26]
CHR Extension: (Disk Google) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-26]
CHR Extension: (YouTube) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-26]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-04-26]
CHR Extension: (Tabulky) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-26]
CHR Extension: (Gmail) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.1.3901.162\elevation_service.exe [973760 2020-04-02] (Avast Software s.r.o. -> AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation -> Broadcom Corporation.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] (Intel Corporation -> )
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] (Intel Corporation - Mobile Wireless Group -> )
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-06-21] (Nitro PDF Software -> Nitro PDF Software)
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [69640 2012-06-21] (Nitro PDF Software -> Nalpeiron Ltd.)
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-24] (Lenovo (Beijing) Limited -> Lenovo)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation -> NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel Corporation - Mobile Wireless Group -> Intel® Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] (ChengDu AoMei Tech Co., Ltd -> ) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [500960 2020-04-20] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459408 2020-04-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-04-04] (Avast Software s.r.o. -> AVAST Software)
R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31088 2011-01-29] (CyberLink -> CyberLink Corporation)
S3 CyFwLoad; C:\Windows\System32\Drivers\usb2demon.sys [55600 2011-01-26] (Macraigor Systems LLC -> Cypress Semiconductor)
S3 CYUSB; C:\Windows\System32\Drivers\usb2demon.sys [55600 2011-01-26] (Macraigor Systems LLC -> Cypress Semiconductor)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [95168 2016-03-16] (Future Technology Devices International Ltd -> FTDI Ltd.)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2016-07-31] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2015-04-17] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
S3 jlink; C:\Windows\System32\DRIVERS\jlinkx64.sys [45200 2017-03-10] (SEGGER Microcontroller GmbH & Co. KG -> SEGGER Microcontroller GmbH & Co. KG)
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-24] (Lenovo (Beijing) Limited -> Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-22] (Lenovo (Beijing) Limited -> Lenovo Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
S4 portio; C:\Windows\System32\DRIVERS\WP800IO.sys [8664 2007-09-05] (TestCertforWDK -> WinPic800) [File not signed]
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2002-10-16] () [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-03-27] () [File not signed]
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo LTD -> Jungo)
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-29 17:49 - 2020-04-29 17:56 - 000035273 _____ C:\Users\Roman\Desktop\FRST.txt
2020-04-29 17:47 - 2020-04-29 17:47 - 000000179 _____ C:\Users\Roman\Desktop\Fixlog.txt
2020-04-29 17:37 - 2020-04-29 17:42 - 002283008 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2020-04-26 16:13 - 2020-04-26 16:13 - 000000000 ____D C:\8a84e995d3007edc059bb8
2020-04-26 15:57 - 2019-02-21 06:10 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-26 15:57 - 2019-02-21 06:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-26 15:57 - 2019-02-21 06:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-04-26 15:57 - 2019-02-21 06:08 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-04-26 15:57 - 2019-02-21 06:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 06:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:59 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-04-26 15:57 - 2019-02-21 05:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2020-04-26 15:57 - 2019-02-21 05:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-04-26 15:57 - 2019-02-21 05:56 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-04-26 15:57 - 2019-02-21 05:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-04-26 15:57 - 2019-02-21 05:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-04-26 15:57 - 2019-02-21 05:41 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-04-26 15:57 - 2019-02-21 05:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-04-26 15:57 - 2019-02-21 05:39 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-04-26 15:57 - 2019-02-21 05:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-04-26 15:57 - 2019-02-21 05:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-04-26 15:57 - 2019-02-21 05:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2020-04-26 15:57 - 2019-02-21 05:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-04-26 15:57 - 2019-02-21 05:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-26 15:57 - 2019-02-21 05:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-04-26 15:57 - 2019-02-21 05:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-04-26 15:57 - 2019-02-21 05:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-04-26 15:57 - 2019-02-21 05:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-04-26 15:57 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2020-04-26 15:57 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2020-04-26 15:57 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2020-04-26 15:57 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2020-04-26 15:57 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2020-04-26 15:57 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2020-04-26 15:57 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2020-04-26 15:57 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2020-04-26 15:57 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2020-04-26 15:57 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2020-04-26 15:57 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-04-26 15:57 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2020-04-26 15:57 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2020-04-26 15:57 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2020-04-26 15:57 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-04-26 15:57 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-04-26 15:57 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-04-26 15:57 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2020-04-26 15:56 - 2019-02-21 06:12 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-04-26 15:56 - 2019-02-21 06:10 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-26 15:56 - 2019-02-21 06:09 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-04-26 15:56 - 2019-02-21 06:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-04-26 15:56 - 2019-02-21 06:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-04-26 15:56 - 2019-02-21 06:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-04-26 15:56 - 2019-02-21 06:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-04-26 15:56 - 2019-02-21 05:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-04-26 15:56 - 2019-02-21 05:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-04-26 15:56 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2020-04-26 15:56 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2020-04-26 15:56 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2020-04-26 15:56 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-04-26 15:56 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2020-04-26 15:56 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2020-04-26 15:56 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2020-04-26 15:56 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-04-26 15:56 - 2018-11-18 04:56 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-04-26 15:56 - 2018-11-18 04:44 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-26 15:56 - 2018-11-18 04:43 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-04-26 09:26 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-04-19 06:22 - 2020-04-19 06:22 - 022267336 _____ (Piriform Software Ltd) C:\Users\Roman\Downloads\ccsetup565.exe
2020-04-06 18:37 - 2020-04-06 18:37 - 008196784 _____ (Malwarebytes) C:\Users\Roman\Downloads\adwcleaner_8.0.4.exe
2020-04-05 09:34 - 2020-04-28 21:54 - 000003292 _____ C:\Windows\system32\Tasks\{1B833707-741D-47B8-BDDE-2010BF9BE397}
2020-04-05 09:26 - 2020-04-05 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Philips Digital Audio Player
2020-04-05 09:23 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{AF78792E-48B4-44DF-91D9-B26A64689DEF}
2020-04-05 09:17 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{BB0EDB1E-5B0C-4326-B64D-122D7A4ACEA2}
2020-04-05 09:17 - 2020-04-28 21:54 - 000002976 _____ C:\Windows\system32\Tasks\{A10DAF0C-F2C5-442E-877E-929B1EA0310D}
2020-04-05 09:06 - 2020-04-05 09:06 - 000000000 ____D C:\Users\Roman\AppData\Roaming\CoSoSys
2020-04-05 08:57 - 2020-04-05 08:57 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-04-05 08:56 - 2020-04-05 08:56 - 000000000 ____D C:\Program Files\EaseUS
2020-04-04 17:54 - 2020-04-20 16:53 - 000500960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000337048 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-04-04 17:54 - 2020-04-04 17:54 - 000235696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000175920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-04-04 17:54 - 2020-04-04 17:54 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-29 17:55 - 2018-04-22 09:06 - 000000000 ____D C:\FRST
2020-04-29 17:18 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-29 17:18 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-29 17:16 - 2017-03-01 19:39 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-04-29 17:00 - 2014-03-29 23:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-29 17:00 - 2012-08-08 09:52 - 000539831 _____ C:\Windows\system32\fastboot.set
2020-04-29 16:59 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-28 22:11 - 2012-08-08 09:29 - 001560204 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-04-28 22:11 - 2012-08-08 08:43 - 000669116 _____ C:\Windows\system32\perfh005.dat
2020-04-28 22:11 - 2012-08-08 08:43 - 000141744 _____ C:\Windows\system32\perfc005.dat
2020-04-28 22:11 - 2009-07-14 07:13 - 001560204 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-28 22:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-28 21:54 - 2020-03-07 12:31 - 000003142 _____ C:\Windows\system32\Tasks\{CBEF9D86-18ED-4D17-84B9-D0706EBF61DE}
2020-04-28 21:54 - 2020-03-01 16:34 - 000003142 _____ C:\Windows\system32\Tasks\{3C565B93-7FFE-47C3-9DD4-A81596C1A0C0}
2020-04-28 21:54 - 2020-01-12 17:51 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-28 21:54 - 2020-01-12 17:51 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-28 21:54 - 2019-04-13 19:06 - 000003106 _____ C:\Windows\system32\Tasks\{3C9F6374-6E28-40DE-B178-39D446460088}
2020-04-28 21:54 - 2018-09-01 18:35 - 000002946 _____ C:\Windows\system32\Tasks\{DAC154C7-6423-4668-BE03-E04215A3C3C8}
2020-04-28 21:54 - 2018-09-01 18:35 - 000002946 _____ C:\Windows\system32\Tasks\{D4A3B536-CA7B-457E-86A4-7949292469A1}
2020-04-28 21:54 - 2018-08-16 11:39 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-28 21:54 - 2018-08-16 11:39 - 000002790 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{DBA6A7E7-AD58-4BAC-B458-D2AD7CF64774}
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{C333A024-D2D3-4785-8F1C-D8AC05B107D2}
2020-04-28 21:54 - 2018-04-21 15:26 - 000002958 _____ C:\Windows\system32\Tasks\{0F731421-C889-4536-A6DC-90BED2CB20EE}
2020-04-28 21:54 - 2018-03-17 18:55 - 000004528 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-28 21:54 - 2015-12-03 22:39 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-27 22:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2020-04-26 18:59 - 2013-12-10 19:00 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-04-26 18:59 - 2013-12-10 19:00 - 000000000 ____D C:\Windows\system32\MRT
2020-04-26 16:23 - 2013-12-07 06:18 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-04-26 16:23 - 2013-12-07 06:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-04-26 16:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2020-04-26 16:13 - 2013-12-07 06:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-04-26 15:38 - 2013-12-06 21:23 - 000000000 ____D C:\MeProgramy
2020-04-26 09:12 - 2018-04-20 21:20 - 000000000 ____D C:\zoek_backup
2020-04-26 08:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-04-25 10:14 - 2012-08-08 09:03 - 000000000 ____D C:\Windows\softwaredistribution.bak
2020-04-24 20:39 - 2013-12-06 21:09 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-24 17:28 - 2020-01-12 17:53 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-24 17:28 - 2020-01-12 17:53 - 000002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-24 17:28 - 2020-01-12 17:53 - 000002194 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-19 06:28 - 2014-05-02 18:27 - 000000000 ____D C:\Windows\Minidump
2020-04-19 06:25 - 2018-08-16 11:38 - 000000793 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-19 06:25 - 2018-08-16 11:38 - 000000793 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-04-18 16:06 - 2018-12-23 20:25 - 000000000 ____D C:\Users\Roman\AppData\Local\ElevatedDiagnostics
2020-04-18 08:52 - 2013-12-06 22:36 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-04-18 08:52 - 2013-12-06 22:36 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-04-18 08:52 - 2013-12-06 22:36 - 000004398 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-18 08:52 - 2013-12-06 22:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-04-18 08:52 - 2013-12-06 22:35 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2020-04-18 08:52 - 2012-08-08 09:43 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-16 20:04 - 2018-04-05 19:15 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-04-16 20:04 - 2018-04-05 19:15 - 000002397 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-04-16 20:04 - 2018-04-05 19:15 - 000002397 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-04-16 19:28 - 2013-12-06 21:12 - 000459408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-04-05 09:36 - 2018-05-08 09:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-05 09:35 - 2012-08-08 09:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-05 09:34 - 2020-03-07 12:25 - 000000000 ____D C:\Philips
2020-04-04 17:54 - 2018-10-14 17:55 - 000042984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000317280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000109480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-04-04 17:54 - 2013-12-06 21:12 - 000085056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-04-04 17:53 - 2019-01-14 17:55 - 000234776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000178968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000060696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-04-04 17:53 - 2019-01-06 09:16 - 000037856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-04-04 17:53 - 2017-11-09 19:31 - 000206120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-04-04 17:53 - 2013-12-06 21:12 - 000851808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
==================== Files in the root of some directories ========
2019-07-21 10:55 - 2019-07-21 10:55 - 000003584 _____ () C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-08 19:38 - 2014-05-05 00:47 - 000007597 _____ () C:\Users\Roman\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-04-27 22:38
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2020
Ran by Roman (29-04-2020 18:00:12)
Running from C:\Users\Roman\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-06 18:28:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-683440959-2606681586-737459993-500 - Administrator - Disabled)
Guest (S-1-5-21-683440959-2606681586-737459993-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-683440959-2606681586-737459993-1003 - Limited - Enabled)
Roman (S-1-5-21-683440959-2606681586-737459993-1001 - Administrator - Enabled) => C:\Users\Roman
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{36381D51-CC5E-4698-A0CC-E939C75EC9D8}) (Version: 1.5 - Eyeo GmbH)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
AOMEI Partition Assistant Standard Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ASIX UP v.3-30 (HKLM-x32\...\ASIX UP_is1) (Version: - ASIX s.r.o.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.1.3901.162 - Autoři prohlížeče Avast Secure Browser)
AVR Jungo USB (HKLM-x32\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 10.4 - Atmel)
AVR QTouch Studio (HKLM-x32\...\{7BE9E558-BE53-4939-9565-A0BEA2F839D0}) (Version: 4.4.1 - Atmel)
AVR Studio 5.1 (HKLM-x32\...\{D574D18C-9D52-4B4B-9647-AE6B89FD3F70}) (Version: 5.1.208 - Atmel)
Balíček ovladače systému Windows - KEIL - Tools By ARM (WinUSB) USB (08/29/2013 1.0.0.3) (HKLM\...\C96E78AFEDFD4529DF572369E6FD81679F49E548) (Version: 08/29/2013 1.0.0.3 - KEIL - Tools By ARM)
Balíček ovladače systému Windows - KEIL - Tools By ARM USBDevice (12/12/2017 1.0.1.0) (HKLM\...\54D3313C65675EDD5FC15BEE546C5E6E20229BE8) (Version: 12/12/2017 1.0.1.0 - KEIL - Tools By ARM)
Balíček ovladače systému Windows - Segger (jlink) USB (01/26/2017 2.70.08.0) (HKLM\...\D12F44630DF6CA437A5B43B0F1A4C5A54E130B0D) (Version: 01/26/2017 2.70.08.0 - Segger)
Balíček ovladače systému Windows - Segger (jlink) USB (07/28/2014 2.6.8.1) (HKLM\...\468237BA12C6D9DD0125166A16609C632EE9CF1C) (Version: 07/28/2014 2.6.8.1 - Segger)
Balíček ovladače systému Windows - SEGGER (JLinkCDC_x64) Ports (08/28/2014 6.0.2601.5) (HKLM\...\ED80E3D3A350D18BFD3D3D8DAED8E2B19105763A) (Version: 08/28/2014 6.0.2601.5 - SEGGER)
Borland C++Builder 6 (HKLM-x32\...\{2864C41B-EF2D-4640-95A2-526276524519}) (Version: 6.0 - Borland Software Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
EAGLE 5.11.0 (HKLM-x32\...\EAGLE 5.11.0) (Version: 5.11.0 - CadSoft Computer GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
J-Link V4.94i (HKLM-x32\...\J-Link V4.94i) (Version: V4.94i - SEGGER Microcontroller Systeme GmbH)
Keil µVision4 (HKLM-x32\...\Keil µVision4) (Version: 5.27.1.0 - ARM Ltd)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
mikroC (remove only) (HKLM-x32\...\mikroC) (Version: - )
mikroC PRO for ARM (remove only) (HKLM-x32\...\mikroC PRO for ARM) (Version: 6.2.0.0 - mikroElektronika)
mikroPascal (remove only) (HKLM-x32\...\mikroPascal) (Version: - )
mikroPascal for AVR (remove only) (HKLM-x32\...\mikroPascal for AVR) (Version: - )
MPLAB X IDE v4.05 (HKLM-x32\...\MPLAB X IDE v4.05 v4.05) (Version: v4.05 - Microchip)
MPLAB XC16 C Compiler (HKLM-x32\...\MPLAB XC16 C Compiler v1.33) (Version: v1.33 - Microchip)
MPLAB XC32 Compiler (HKLM-x32\...\MPLAB XC32 Compiler v1.44) (Version: v1.44 - Microchip)
MPLAB XC8 C Compiler (HKLM-x32\...\MPLAB XC8 C Compiler v1.44) (Version: v1.44 - Microchip)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA Ovladače grafiky 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
OpenOffice 4.1.4 (HKLM-x32\...\{6CA4F7F3-B909-4292-B791-AAA959155DE0}) (Version: 4.14.9788 - Apache Software Foundation)
Ovládací panel NVIDIA 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 345.20 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PuTTY release 0.70 (HKLM-x32\...\{0B06C05B-0069-4FE8-AC19-AAF6678FD0A8}) (Version: 0.70.0.0 - Simon Tatham)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.48.823.2011 - Realtek)
Red Alert 2 (HKLM-x32\...\Red Alert 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
State of War (HKLM-x32\...\State of War) (Version: - )
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Windows Driver Package - ASIX s.r.o. ASIX Development Tools Driver Package (07/10/2015 2.12.06) (HKLM\...\63179435CD5991EB4724264B890E0ED379471EE7) (Version: 07/10/2015 2.12.06 - ASIX s.r.o.)
Windows Driver Package - ASIX s.r.o. ASIX Development Tools Driver Package (09/28/2016 2.12.24) (HKLM\...\5378E6D0AF40C93BBB4559D6D163139BADD54A56) (Version: 09/28/2016 2.12.24 - ASIX s.r.o.)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [NPShellExtension] -> {D7ECBD0E-B8E3-4a0c-9E84-514298EFA583} => C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll [2012-06-21] (Nitro PDF Software -> )
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [IkeyShlExt] -> {F1E551D1-822B-40e6-B4D8-A9B4A48AA07A} => C:\Windows\system32\SimpleExt.dll [2012-08-08] (Lenovo (Beijing) Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc. -> SugarSync, Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\POWER2GO\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Roman\Desktop\test.lnk -> C:\Program Files (x86)\SEGGER\JLink_V494i\test.bat ()
ShortcutWithArgument: C:\Users\Roman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2011-06-28 08:28 - 2011-06-28 08:28 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll
2012-08-08 09:30 - 2012-05-21 09:24 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2011-11-22 23:00 - 2011-11-22 23:00 - 000498176 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
2011-12-08 18:53 - 2011-12-08 18:53 - 000168448 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2011-12-08 18:55 - 2011-12-08 18:55 - 000283648 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2011-12-08 18:54 - 2011-12-08 18:54 - 003280896 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2011-12-08 18:54 - 2011-12-08 18:54 - 000102400 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
2011-12-08 18:56 - 2011-12-08 18:56 - 000093696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2011-12-08 18:55 - 2011-12-08 18:55 - 000052224 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2011-12-08 19:01 - 2011-12-08 19:01 - 000518656 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2011-12-08 19:03 - 2011-12-08 19:03 - 000290304 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\panihvint.dll
2011-12-08 18:59 - 2011-12-08 18:59 - 000978432 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2011-12-08 19:04 - 2011-12-08 19:04 - 000160256 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\Ps7ZCfgS.dll
2011-12-08 18:52 - 2011-12-08 18:52 - 000020992 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2011-12-08 19:00 - 2011-12-08 19:00 - 002394112 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2013-12-07 11:45 - 2013-12-07 11:45 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
2011-12-08 18:12 - 2011-12-08 18:12 - 001830912 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com
There are 4746 more sites.
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4748 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-10-05 11:01 - 2020-04-26 08:27 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\PROGRA~2\Borland\CBUILD~1\Bin;C:\PROGRA~2\Borland\CBUILD~1\Projects\Bpl;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files\Lenovo\Bluetooth Software;C:\Program Files\Lenovo\Bluetooth Software\syswow64;;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone;C:\Program Files (x86)\PuTTY\
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.Startup
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Intelligent Touchpad => C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
MSCONFIG\startupreg: OnekeyStudio => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6D014DEC-A2C5-4995-8BE3-584F89BED619}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{511220C7-6FE3-469E-9342-7B31C15B43E1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AB3BFA7-F5E8-49DA-BAB0-BF56820DA0C7}] => (Allow) LPort=2869
FirewallRules: [{672D39F5-5497-4838-9C24-0505855D2D82}] => (Allow) LPort=1900
FirewallRules: [{27BDB785-6C1D-459E-BA81-43EC041108D0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B8705A8-1F40-435A-983F-0EB88EAD91FD}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4237FF2-88A1-4282-A51B-64DE1253886F}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation -> Intel Corporation)
FirewallRules: [{435580A1-E9DF-4F55-910A-3CD8305F6DE4}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{A7120233-09C2-4DB3-8BC6-9EAD6211DC4D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{8CD5A8B6-4568-4FBA-B23A-906340B6439C}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{0BC86A65-947E-4630-8691-C8F60948361D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ -> ICQ, LLC.)
FirewallRules: [{2534CB2A-36C1-4C04-8C34-015E5FF6FC49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14440D45-10C1-4161-B9BE-B5534F1146E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6D690019-471C-448C-961F-4F6D386478D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F07C5053-29A5-4329-95FC-5A3027463983}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BCB4B38-000C-4037-A2ED-E2F1BF551388}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E30B0B5-CBAD-4357-92E5-D513C7C7576C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C2695A0-8C9B-437F-8E27-29F969AE79F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{010BA73D-0163-4CA0-AEEE-9B1EDF7376A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0D3B6BE-9517-45A4-8D91-9BC3510A9095}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD5C6A9F-A570-410E-89A4-B144B6C2B9C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{642EF558-4E2E-4A81-A3E3-989C1242AB69}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [UDP Query User{4FBAE129-654C-469E-B31D-5F2B1808F654}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [TCP Query User{0872E1DA-B38E-4E70-A3E7-5D1738A0CB69}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [UDP Query User{E0B07BF2-E711-4749-B20B-C3E521B8D32E}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe (ICQ -> ICQ, LLC.)
FirewallRules: [TCP Query User{418B447E-E4FB-4F5E-AB50-C8B64CB379EE}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [UDP Query User{6BB3BD3B-C72A-49EE-AFC0-30043AA8674D}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe (Atmel) [File not signed]
FirewallRules: [TCP Query User{1A6DC258-F77B-46D4-BDCF-5486D44C1BDE}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{5BF82198-ECA5-4A59-820C-594BB8C6D30A}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{8A079D9E-9E18-4231-9156-3B3257C8FF8D}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{07D8685D-8BC0-47B5-B6E3-9C1DB91FBE19}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{559C282C-3770-4269-9C40-56C5ACB297DB}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{13FB9306-FE1C-4F50-B17F-D4FAAB8A2E73}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{4E6E04D5-F468-41C0-B911-4AD0A709B97C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AD8904D0-85F3-4222-8696-C7523D51EC55}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9D71F414-6F86-4A45-8874-CCB6F3E46163}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2F3A74D1-C766-4D24-9D76-B6C4E9F2A7DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{45B1D901-F80A-4D57-8953-D1C58B65718B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7BFE13B1-9D20-4DBC-B0CC-B6C0881B96DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{85976001-D918-440B-A760-E4985BA38D73}C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe] => (Allow) C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe (SEGGER Microcontroller GmbH & Co. KG -> )
FirewallRules: [UDP Query User{93ADFE7F-E431-4B40-A4E9-FDE6618726F5}C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe] => (Allow) C:\program files (x86)\segger\jlink_v494i\jlinkconfig.exe (SEGGER Microcontroller GmbH & Co. KG -> )
FirewallRules: [TCP Query User{849AAAF1-99B0-42E6-8338-B9300E6FF27E}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{CB68EBC7-A034-41C8-BED5-FA8D03025766}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [TCP Query User{E7F9C9F2-F8D9-4615-BF00-8072C7C4FC27}C:\program files (x86)\r.g. mechanics\red alert 2\game.exe] => (Block) C:\program files (x86)\r.g. mechanics\red alert 2\game.exe (Westwood Studios) [File not signed]
FirewallRules: [UDP Query User{76F8009A-1364-49E7-AF7A-9E84922B8D85}C:\program files (x86)\r.g. mechanics\red alert 2\game.exe] => (Block) C:\program files (x86)\r.g. mechanics\red alert 2\game.exe (Westwood Studios) [File not signed]
FirewallRules: [{2AB11DE4-3FC5-45D6-83C2-2660F7AD39DA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06902E9A-BBC3-411E-A344-6E043623B74A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{242342BA-953E-4595-9A12-B66BC44896E2}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{33A63E42-FA83-415A-A273-A1BEB5D9912F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
05-04-2020 09:17:52 Installed GoGear SA3MXX Device Manager
05-04-2020 09:19:40 Instalace balíčku ovladače zařízení: Fuzhou Rockchip
05-04-2020 09:26:12 Installed SA22xx Device Manager
05-04-2020 09:33:57 Removed SA22xx Device Manager
05-04-2020 09:34:56 Removed GoGear SA3MXX Device Manager
05-04-2020 09:46:31 Installed MalvaStyle Disk Repair.
05-04-2020 09:58:11 Removed MalvaStyle Disk Repair.
18-04-2020 05:48:55 Naplánovaný kontrolní bod
25-04-2020 07:23:12 Naplánovaný kontrolní bod
26-04-2020 15:58:48 Windows Update
26-04-2020 16:55:02 Windows Update
26-04-2020 17:21:06 Windows Update
26-04-2020 18:37:59 Windows Update
26-04-2020 20:22:09 Windows Update
28-04-2020 22:03:24 Windows Update
29-04-2020 17:46:05 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/29/2020 05:02:10 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---�).
Error: (04/29/2020 05:01:40 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---WSearch failed with 0, The Code is:0x710.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).
Error: (04/29/2020 05:01:38 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).
System errors:
=============
Error: (04/29/2020 05:51:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80092004): 2020-01, kum. akt. zab. a kval. pro .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 pro Windows 7 a Server 2008 R2 pro x64 (KB4535102).
Error: (04/29/2020 05:11:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.
Error: (04/29/2020 05:05:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.
Error: (04/29/2020 05:05:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.
Error: (04/29/2020 05:05:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.
Error: (04/28/2020 10:06:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80092004): 2020-01, kum. akt. zab. a kval. pro .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 pro Windows 7 a Server 2008 R2 pro x64 (KB4535102).
Error: (04/28/2020 05:18:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.
Error: (04/28/2020 05:18:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.
Windows Defender:
===================================
Date: 2015-09-13 08:14:24.894
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{301918C8-B984-43D8-88AE-8C4422055A16}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2016-03-06 07:50:19.295
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2016-03-06 07:50:18.598
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.213.6009.0
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.11701.0
Předchozí verze modulu:
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2016-03-06 07:50:18.557
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.11701.0
Předchozí verze modulu:
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2014-11-08 04:00:08.978
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2014-11-08 03:53:11.962
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2016-11-29 17:32:10.765
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-29 17:32:10.671
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-28 18:36:42.123
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-28 18:36:42.030
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-27 07:42:54.231
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-27 07:42:54.137
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-26 17:26:20.853
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-26 17:26:20.759
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WP800IO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO 5FCN34WW 06/11/2012
Motherboard: LENOVO Lenovo
Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 93%
Total physical RAM: 3955.32 MB
Available physical RAM: 252.37 MB
Total Virtual: 7908.77 MB
Available Virtual: 2535.95 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:886.32 GB) (Free:504.85 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:20.87 GB) NTFS
\\?\Volume{876e86c6-e126-11e1-b8e6-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C70BA6D4)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)
==================== End of Addition.txt =======================
Spustte znovu FRST.exe