reklama
Aktuality  |  Bleskovky  |  Články  |  Recenze
Doporučení  |  Diskuze
Grafické karty
Chlazení a skříně
Ostatní
Periférie
Procesory
Storage a RAM
Základní desky
O nás  |  Napište nám
Facebook  |  Twitter
Digimanie  |  TV Freak
Svět mobilně  |  Svět audia
Fórum
>
Software
>
Antiviry a bezpečnost

Téma: Cim jeste docistit Windows.

Ventero (1280)|3.1.2020 18:53
PC s W7 dlouho bez ochrany a tak se nejake ty "deticky" narodily. Proveden sken aktualnim Avastem po restartu a nalezen keylogger 2 kousky. Takze cim to jeste projet, at se ujistim, ze tam nic podobneho neni. Prosim jen o proverene funkcni SW a zadne fakes, ktere PC zase~ou jeste vic. Doufam, ze se ozve Kevin, Salamander nebo nekdo z tech "starsich" zkusenych clenu :)

Je i treba neco poradneho, co bezi z Linuxu nebo samoboot nezavisle na napadenem OS?
durib (1141)|3.1.2020 21:07
Dobrý je Eset online scanner.
Ale nechceš tam rovnou dát jiný OS? W7 za chvíli končí podpora.
Ventero (1280)|4.1.2020 20:13
To bych udělal nejraději, kdyby to šlo - teď to však musím řešit takto. A stejně potřebuji pořádně projet a pročistit i soubory co tam jsou.
Jaký je názor na Malwarebytes Anti Malware či na SpyHunter?
Ještě jsem našel zmínky o Swat It, A-squared či Anti-keylogger?
Nechci si však instalovat další sajrajt, tak se tu doptávám na zkušenosti a doporučení - jinak googlit umim - to jo :)
durib (1141)|5.1.2020 00:12
Eset si myslím bude stačit.
kevin00 (10238)|5.1.2020 09:16
U operačního systému Win7 doporučuji provést log z RIST (32bit / 64bit) a FRST. Nic nezkažíš ani skenem pomocí Malwarebytes.
Ventero (1280)|8.1.2020 09:08
Kevin: Tak mam ty logy - co s nimi? Co hledat či kam ti je můžu poslat, když tu místní admini zrušili privátní zprávy ? Což hodnotím jako připokakaně paranoidní - žádná jiná fóra, která užívám s tím nemají potíž a jistě nejsou v rozporu s GDPR, zatímco Policie ČR toto porušuje zcela nepokrytě a nikdo to neřeší.
kevin00 (10238)|10.1.2020 19:33
Vlož je do threadu v tagu spoiler :)
Ventero (1280)|14.1.2020 15:42
Takže spoiler jsem tu nikde nenašel, dávám tedy jako přiložený zip se všemi čtyřmi logy. Jinak Malwarebytes také našel 2 hrozby v Downloads - dal jsem odstranit, ale nevím, jestli to tam něco stále aktivního nestahuje ...
rsit-frst.zip
kevin00 (10238)|15.1.2020 17:50
Tag spoiler je zcela vpravo v posledním řádku pokročilého editoru, ikona +. Stahování *.zip ze zavirovaného PC není zcela ideální :)
Ventero (1280)|15.1.2020 19:54
No - není tam, ať koukám, jak koukám ... No pořeším to alternativně přes citaci z jiného příspěvku:
FRSTadditionLA:
[QUOTE]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Lenovo (08-01-2020 08:41:56)
Running from C:\Users\Lenovo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-02 10:52:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3293028386-2514289208-1168274650-500 - Administrator - Disabled)
Guest (S-1-5-21-3293028386-2514289208-1168274650-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3293028386-2514289208-1168274650-1003 - Limited - Enabled)
Lenovo (S-1-5-21-3293028386-2514289208-1168274650-1001 - Administrator - Enabled) => C:\Users\Lenovo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
Intel(R) Network Connections 14.8.43.0 (HKLM\...\PROSetDX) (Version: 14.8.43.0 - Intel)
KA15 (HKLM-x32\...\{8390FC2E-0351-4A83-BA6C-7AF436BC3484}) (Version: 5.6.0 - Allianz pojišťovna, a.s.)
Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.4827a - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.4827a - CyberLink Corp.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1029 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1029 - CyberLink Corp.)
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30116 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Software602 Form Filler (HKLM-x32\...\{51C3B2AE-0127-45CC-B10F-6AD308AC6AFE}) (Version: 4.51 - Software602 a.s.)
Spooky2 (HKLM-x32\...\Spooky2) (Version: 1.0 - Cancer Clinic NZ Ltd)
Základní software zařízení HP Deskjet 1510 series (HKLM\...\{BF7E34C1-4669-46ED-A8DA-244125F41B89}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-04-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-02] (AVAST Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2011-08-23 01:26 - 2009-07-16 17:20 - 000032768 _____ () [File not signed] C:\Program Files (x86)\jmesoft\Keyhook.dll
2011-08-23 01:26 - 2007-12-31 18:27 - 000007168 _____ () [File not signed] C:\Program Files (x86)\jmesoft\VistaVolume.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:8927A071 [458]
AlternateDataStreams: C:\ProgramData\Temp:D282699C [114]
AlternateDataStreams: C:\Users\Lenovo\Desktop\poslední strana.jpeg:3or4kl4x13tuuug3Byamue2s4b [93]
AlternateDataStreams: C:\Users\Lenovo\Desktop\poslední strana.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\...\allianz.cz -> allianz.cz
IE trusted site: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\...\mcafee.com -> hxxps://mcafee.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2A8A3311-B543-46EF-ABC0-FA193FC5C04D}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{52465F5F-9D78-4396-B852-AB0920E4486F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{6C5B8A56-15F8-4881-988D-4044310A175C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{84CF4530-0FE0-41D0-BDBB-8741D21BA0BB}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{18610D6E-94F7-4A4B-A966-092BA572688E}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0CB45155-DC09-4785-9622-9E40A330F9A7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F5409D9E-D3EE-45A4-AAAA-BF8D3FEC0016}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

04-01-2020 11:49:46 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/08/2020 07:58:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/08/2020 07:15:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/05/2020 05:17:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/05/2020 02:58:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/05/2020 01:37:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/04/2020 09:50:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/02/2020 10:46:03 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/02/2020 10:46:03 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (01/03/2020 01:00:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (01/03/2020 09:13:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Netman bylo dosaženo časového limitu (30000 ms).

Error: (01/02/2020 10:50:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search přestala během spouštění reagovat.

Error: (01/02/2020 10:46:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/02/2020 10:46:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).

Error: (01/02/2020 10:46:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/02/2020 10:46:04 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (01/02/2020 01:22:15 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.


Windows Defender:
===================================
Date: 2019-07-29 12:17:24.960
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{DFFA5C64-6960-4E2C-91B5-CD29D01ECE76}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2019-06-09 05:47:04.285
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{108FB083-784B-4404-827A-6A631FB599C6}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2019-03-21 22:14:48.147
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{80199228-2E26-4F67-B759-305D53B19272}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-01-12 04:50:57.707
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{A7352D1A-AFC8-4B03-8E22-FE3D78DD6C8C}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-01-04 04:46:10.036
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{83CB5987-19E7-42D7-BE95-D634DBB7815D}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-01-11 19:44:35.963
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2013-04-29 21:02:01.351
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2012-09-14 15:34:13.138
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

==================== Memory info ===========================

BIOS: LENOVO DJKT06AUS 11/22/2010
Motherboard: LENOVO To be filled by O.E.M.
Processor: Intel(R) Atom(TM) CPU D525 @ 1.80GHz
Percentage of memory in use: 72%
Total physical RAM: 3574.3 MB
Available physical RAM: 991.3 MB
Total Virtual: 7146.75 MB
Available Virtual: 4507.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:207.71 GB) (Free:76.38 GB) NTFS

\\?\Volume{3483576a-cd1c-11e0-98c9-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 3EFCE5F8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=207.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

==================== End of Addition.txt =======================[/QUOTE]
FRST-LA:
[QUOTE]Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Lenovo (administrator) on LENOVO-PC (LENOVO Lenovo C200) (08-01-2020 08:37:47)
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo (Available Profiles: Lenovo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(JME) [File not signed] C:\Program Files (x86)\jmesoft\hotkey.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME) [File not signed]
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink -> CyberLink Corp.) [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-05-31]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk [2020-01-08]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk -> C:\windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN55E2C0V505YR;CONNECTION=USB;MONITOR=1;
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {269F78C3-F9DD-42E6-AF13-32591F7F37E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {38488E07-CE03-4C9A-AF22-3FD6B9EEE277} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3F129AF3-454D-490F-9255-9D16D2B8C4AD} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
Task: {4E3DD643-53BA-4800-AA6A-FE2C92ABEE42} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
Task: {5F9B65B2-C3A3-49B9-9252-7A0ABD48A56C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
Task: {D51540CD-D765-4C14-8EDC-C8B6C6D029BA} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976 2015-07-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EC001549-8FB1-4832-A802-7DFD8EFDA548} - System32\Tasks\{D0DB1240-A910-4AAE-B735-3176AAD0F103} => C:\windows\system32\pcalua.exe -a E:\OFFICE_2007_CZ_E\setup.exe -d E:\OFFICE_2007_CZ_E

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5255F0B2-7E5A-4BA8-B19B-583333642B4F}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{D068E402-0F40-42B7-970C-BD4ACC1924C8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.msn.com/?PC=UF01
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://badoo.com/startpage/?source=bsb&q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
IE Session Restore: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> is enabled.
DPF: HKLM-x32 {CEF002D2-5A9F-4656-AA41-85DA2534ACBD} hxxps://portal.allianz.cz/dwa85W.cab

FireFox:
========
FF DefaultProfile: bx1a6fja.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\bx1a6fja.default [2020-01-02]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5f1aa1vt.default-release [2020-01-08]
FF Session Restore: Mozilla\Firefox\Profiles\5f1aa1vt.default-release -> is enabled.
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5f1aa1vt.default-release\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2020-01-02]
FF Extension: (Avast Online Security) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5f1aa1vt.default-release\Extensions\wrc@avast.com.xpi [2020-01-03]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin HKU\S-1-5-21-3293028386-2514289208-1168274650-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37616 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [204824 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [274456 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [209552 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [65120 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42736 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [171520 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110320 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83792 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848432 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [460448 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [236024 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316528 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\windows\System32\DRIVERS\athrx.sys [1594368 2010-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 atikmdag; C:\windows\System32\DRIVERS\atikmdag.sys [5020672 2009-07-13] (Microsoft Windows -> ATI Technologies Inc.)
R3 clwvd; C:\windows\System32\DRIVERS\clwvd.sys [31088 2011-01-29] (CyberLink -> CyberLink Corporation)
R3 FEIExpress; C:\windows\System32\DRIVERS\fei62x64.sys [187392 2009-10-02] (Intel Corporation -> Intel Corporation)
R3 VMC412; C:\windows\System32\Drivers\VMC412.sys [237568 2010-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-08 08:37 - 2020-01-08 08:39 - 000014273 _____ C:\Users\Lenovo\Downloads\FRST.txt
2020-01-08 08:36 - 2020-01-08 08:38 - 000000000 ____D C:\FRST
2020-01-08 08:33 - 2020-01-08 08:33 - 002272256 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2020-01-08 08:15 - 2020-01-08 08:16 - 000000000 ____D C:\rsit
2020-01-08 08:15 - 2020-01-08 08:15 - 000000000 ____D C:\Program Files\trend micro
2020-01-08 08:13 - 2020-01-08 08:13 - 001222144 _____ C:\Users\Lenovo\Downloads\RSITx64.exe
2020-01-04 17:18 - 2020-01-04 19:21 - 2249727668 _____ C:\Users\Lenovo\Downloads\Velká.nádhera.-.La.Grande.Bellezza.2013.CZ.Titulky.avi
2020-01-04 09:56 - 2020-01-04 09:57 - 000001293 _____ C:\Users\Lenovo\Desktop\Aktualizace.lnk
2020-01-02 19:42 - 2020-01-02 19:42 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\AVAST Software
2020-01-02 19:42 - 2020-01-02 19:42 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CEF
2020-01-02 19:41 - 2020-01-08 07:18 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-01-02 19:41 - 2020-01-02 19:41 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-01-02 19:41 - 2020-01-02 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-01-02 19:40 - 2020-01-02 19:41 - 000848432 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-01-02 19:40 - 2020-01-02 19:41 - 000460448 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-01-02 19:40 - 2020-01-02 19:40 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2020-01-02 19:40 - 2020-01-02 19:39 - 000355720 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-01-02 19:40 - 2020-01-02 19:39 - 000316528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-01-02 19:40 - 2020-01-02 19:39 - 000274456 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-01-02 19:40 - 2020-01-02 19:39 - 000236024 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-01-02 19:40 - 2020-01-02 19:39 - 000209552 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-01-02 19:40 - 2020-01-02 19:39 - 000204824 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-01-02 19:40 - 2020-01-02 19:39 - 000171520 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2020-01-02 19:40 - 2020-01-02 19:39 - 000110320 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-01-02 19:40 - 2020-01-02 19:39 - 000083792 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-01-02 19:40 - 2020-01-02 19:39 - 000065120 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-01-02 19:40 - 2020-01-02 19:39 - 000042736 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-01-02 19:40 - 2020-01-02 19:39 - 000037616 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-01-02 19:38 - 2020-01-02 19:38 - 000000000 ____D C:\Program Files\AVAST Software
2020-01-02 19:34 - 2020-01-02 19:35 - 377174600 _____ (AVAST Software) C:\Users\Lenovo\Downloads\avast_free_antivirus_setup_offline.exe
2020-01-02 19:06 - 2020-01-02 19:06 - 000002812 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2020-01-02 19:05 - 2020-01-02 19:06 - 000000000 ____D C:\Program Files\CCleaner
2020-01-02 19:05 - 2020-01-02 19:05 - 024578944 _____ (Piriform Software Ltd) C:\Users\Lenovo\Downloads\ccsetup563.exe
2020-01-02 19:05 - 2020-01-02 19:05 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
2020-01-02 19:05 - 2020-01-02 19:05 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-01-02 19:05 - 2020-01-02 19:05 - 000000782 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-01-02 19:05 - 2020-01-02 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-02 19:03 - 2020-01-02 19:03 - 000000978 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2020-01-02 19:03 - 2020-01-02 19:03 - 000000978 _____ C:\ProgramData\Desktop\PDF-Viewer.lnk
2020-01-02 19:03 - 2020-01-02 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2020-01-02 19:03 - 2020-01-02 19:03 - 000000000 ____D C:\Program Files\Tracker Software
2020-01-02 19:00 - 2020-01-02 19:01 - 018181936 _____ (Tracker Software Products Ltd ) C:\Users\Lenovo\Downloads\PDFXVwer.exe
2020-01-02 18:59 - 2020-01-02 18:59 - 001447178 _____ (Igor Pavlov) C:\Users\Lenovo\Downloads\7z1900-x64.exe
2020-01-02 18:59 - 2020-01-02 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-01-02 18:59 - 2020-01-02 18:59 - 000000000 ____D C:\Program Files\7-Zip
2020-01-02 18:57 - 2020-01-03 15:47 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\MPC-HC
2020-01-02 18:56 - 2020-01-02 18:56 - 000001664 _____ C:\Users\Public\Desktop\Přehrávač.lnk
2020-01-02 18:56 - 2020-01-02 18:56 - 000001664 _____ C:\ProgramData\Desktop\Přehrávač.lnk
2020-01-02 18:56 - 2020-01-02 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2020-01-02 18:55 - 2020-01-02 18:56 - 000000000 ____D C:\Program Files\MPC-HC
2020-01-02 18:55 - 2020-01-02 18:55 - 014185472 _____ (MPC-HC Team ) C:\Users\Lenovo\Downloads\MPC-HC.1.7.13.x64.exe
2020-01-02 18:51 - 2020-01-08 08:37 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2020-01-02 18:51 - 2020-01-02 18:51 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-02 18:51 - 2020-01-02 18:51 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Mozilla
2020-01-02 18:51 - 2020-01-02 18:51 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Mozilla
2020-01-02 18:51 - 2020-01-02 18:51 - 000000000 ____D C:\ProgramData\Mozilla
2020-01-02 18:51 - 2020-01-02 18:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-02 18:51 - 2020-01-02 18:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-02 17:46 - 2020-01-02 17:46 - 051782160 _____ (Mozilla) C:\Users\Lenovo\Downloads\Firefox Setup 71.0.exe
2020-01-02 17:42 - 2020-01-02 17:45 - 004456392 _____ (Microsoft Corporation) C:\Users\Lenovo\Downloads\OdfAddInForOfficeSetup-en_4.0.5309.exe
2020-01-02 17:37 - 2020-01-02 17:39 - 307423864 _____ (Microsoft Corporation) C:\Users\Lenovo\Downloads\office2007sp2-kb953195-fullfile-cs-cz.exe
2020-01-02 15:45 - 2020-01-02 15:45 - 000000000 ____D C:\Users\Lenovo\Documents\Youcam
2020-01-02 15:45 - 2020-01-02 15:45 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CyberLink
2019-12-31 18:40 - 2019-12-31 21:47 - 3415833587 _____ C:\Users\Lenovo\Downloads\Marie Terezie 3.díl historický Česko 2019.1080p.TvRip.Sk.Cz.67%.STEN.ok.mkv
2019-12-29 18:19 - 2019-12-29 20:34 - 1488880162 _____ C:\Users\Lenovo\Downloads\Marie Terezie 1 (výpravná koprodukční minisérie ČT) 1080p HEVC.mp4
2019-12-28 17:44 - 2019-12-28 17:45 - 012254872 _____ C:\Users\Lenovo\Downloads\Nepotvrzeno 606982.crdownload
2019-12-28 16:22 - 2019-12-28 17:35 - 1336066048 _____ C:\Users\Lenovo\Downloads\Pásla kone na betóne (1982) HD SK.mkv
2019-12-27 14:17 - 2019-12-27 14:17 - 000143183 _____ C:\Users\Lenovo\Desktop\SZZ germanistika.pdf
2019-12-25 19:58 - 2019-12-25 21:23 - 1562181309 _____ C:\Users\Lenovo\Downloads\Nepotvrzeno 913749.crdownload
2019-12-24 17:13 - 2019-12-24 18:33 - 1468666070 _____ C:\Users\Lenovo\Downloads\Final Cut - Dámy a pánové--Final Cut-Hölgyeim és uraim .2012.DVDRip-srt.cz.avi
2019-12-11 21:35 - 2019-12-06 06:27 - 000492032 _____ (Microsoft Corporation) C:\windows\system32\EOSNotify.exe
2019-12-11 21:35 - 2019-11-28 04:33 - 000710072 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2019-12-11 21:35 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2019-12-11 21:35 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2019-12-11 21:35 - 2019-11-28 04:32 - 001320248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2019-12-11 21:35 - 2019-11-28 04:32 - 000627664 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2019-12-11 21:35 - 2019-11-28 04:32 - 000264120 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-12-11 21:35 - 2019-11-28 04:32 - 000155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-12-11 21:35 - 2019-11-28 04:32 - 000097208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-12-11 21:35 - 2019-11-28 04:31 - 005554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-12-11 21:35 - 2019-11-28 04:31 - 001671504 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-12-11 21:35 - 2019-11-28 04:29 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2019-12-11 21:35 - 2019-11-28 04:29 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2019-12-11 21:35 - 2019-11-28 04:29 - 000313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2019-12-11 21:35 - 2019-11-28 04:28 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2019-12-11 21:35 - 2019-11-28 04:28 - 000405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2019-12-11 21:35 - 2019-11-28 03:57 - 003233280 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-12-11 21:35 - 2019-11-23 08:48 - 000390752 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-12-11 21:35 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2019-12-11 21:35 - 2019-11-21 03:16 - 000580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-12-11 21:35 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2019-12-11 21:35 - 2019-11-21 01:48 - 000629984 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2019-12-11 21:35 - 2019-11-19 21:56 - 025753088 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-12-11 21:35 - 2019-11-19 21:18 - 000797184 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-12-11 21:35 - 2019-11-19 21:17 - 005500928 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-12-11 21:35 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2019-12-11 21:35 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2019-12-11 21:35 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2019-12-11 21:35 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2019-12-11 21:35 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2019-12-11 21:35 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2019-12-11 21:35 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2019-12-11 21:35 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\icm32.dll
2019-12-11 21:35 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2019-12-11 21:35 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2019-12-11 21:35 - 2019-11-15 03:25 - 000385248 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2019-12-11 21:35 - 2019-11-15 03:22 - 001574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2019-12-11 21:35 - 2019-11-15 03:22 - 000878080 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-12-11 21:35 - 2019-11-15 03:22 - 000151552 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2019-12-11 21:35 - 2019-11-15 03:22 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2019-12-11 21:35 - 2019-11-15 03:22 - 000035840 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelineprxy.dll
2019-12-11 21:35 - 2019-11-15 03:21 - 000623104 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2019-12-11 21:35 - 2019-11-15 03:21 - 000250880 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2019-12-11 21:35 - 2019-11-15 03:21 - 000101376 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2019-12-11 21:35 - 2019-11-15 03:06 - 000748544 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelinesvc.exe
2019-12-11 21:35 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\WcsPlugInService.dll
2019-12-11 21:35 - 2019-11-15 02:45 - 000327680 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2019-12-11 21:35 - 2019-11-05 22:25 - 000162016 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-12-11 21:35 - 2019-10-26 01:17 - 001717760 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 001211392 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 001010176 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000834048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000275968 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000236032 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 001472512 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 001162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000733184 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000408576 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2019-12-11 21:34 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2019-12-11 21:34 - 2019-11-28 04:00 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-12-11 21:34 - 2019-11-28 04:00 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-12-11 21:34 - 2019-11-28 04:00 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-12-11 21:34 - 2019-11-28 03:59 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-12-11 21:34 - 2019-11-28 03:58 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2019-12-11 21:34 - 2019-11-28 03:58 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2019-12-11 21:34 - 2019-11-28 03:58 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2019-12-11 21:34 - 2019-11-28 03:58 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2019-12-11 21:34 - 2019-11-28 03:57 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-12-11 21:34 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2019-12-11 21:34 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-12-11 21:34 - 2019-11-28 03:56 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-12-11 21:34 - 2019-11-28 03:56 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-12-11 21:34 - 2019-11-28 03:53 - 000464384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-12-11 21:34 - 2019-11-28 03:53 - 000161280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-12-11 21:34 - 2019-11-28 03:52 - 000406016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-12-11 21:34 - 2019-11-28 03:52 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-12-11 21:34 - 2019-11-28 03:52 - 000169984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-12-11 21:34 - 2019-11-28 03:52 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-12-11 21:34 - 2019-11-28 03:51 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-12-11 21:34 - 2019-11-28 03:51 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-12-11 21:34 - 2019-11-28 03:51 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-12-11 21:34 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-12-11 21:34 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-12-11 21:34 - 2019-11-28 03:51 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-12-11 21:34 - 2019-11-28 03:51 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-12-11 21:34 - 2019-11-19 21:44 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-12-11 21:34 - 2019-11-19 21:44 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-12-11 21:34 - 2019-11-19 21:31 - 002910720 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-12-11 21:34 - 2019-11-19 21:30 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-12-11 21:34 - 2019-11-19 21:29 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-12-11 21:34 - 2019-11-19 21:29 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-12-11 21:34 - 2019-11-19 21:29 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-12-11 21:34 - 2019-11-19 21:22 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-12-11 21:34 - 2019-11-19 21:21 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-12-11 21:34 - 2019-11-19 21:19 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-12-11 21:34 - 2019-11-19 21:18 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-12-11 21:34 - 2019-11-19 21:18 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-12-11 21:34 - 2019-11-19 21:18 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-12-11 21:34 - 2019-11-19 21:10 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-12-11 21:34 - 2019-11-19 21:07 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-12-11 21:34 - 2019-11-19 21:01 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 21:34 - 2019-11-19 21:00 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-12-11 21:34 - 2019-11-19 21:00 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-12-11 21:34 - 2019-11-19 20:56 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-12-11 21:34 - 2019-11-19 20:56 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-12-11 21:34 - 2019-11-19 20:54 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-12-11 21:34 - 2019-11-19 20:52 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-12-11 21:34 - 2019-11-19 20:43 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-12-11 21:34 - 2019-11-19 20:41 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-12-11 21:34 - 2019-11-19 20:41 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-12-11 21:34 - 2019-11-19 20:39 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-12-11 21:34 - 2019-11-19 20:39 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-12-11 21:34 - 2019-11-19 20:36 - 015445504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-12-11 21:34 - 2019-11-19 20:26 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-12-11 21:34 - 2019-11-19 20:15 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-12-11 21:34 - 2019-11-19 20:04 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-12-11 21:34 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2019-12-11 21:34 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2019-12-11 21:34 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2019-12-11 21:34 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2019-12-11 21:34 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2019-12-11 21:34 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2019-12-11 21:34 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2019-12-11 21:34 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2019-12-11 21:34 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2019-12-11 21:34 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2019-12-11 21:34 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2019-12-11 21:34 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2019-12-11 21:34 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2019-12-11 21:34 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-12-11 21:34 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2019-12-11 21:34 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2019-12-11 21:34 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2019-12-11 21:34 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2019-12-11 21:34 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2019-12-11 21:34 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2019-12-11 21:34 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2019-12-11 21:34 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2019-12-11 21:34 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2019-12-11 21:34 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2019-12-11 21:34 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2019-12-11 21:34 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2019-12-11 21:34 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2019-12-11 21:34 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2019-12-11 21:34 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2019-12-11 21:34 - 2019-11-15 03:29 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2019-12-11 21:34 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2019-12-11 21:34 - 2019-11-15 03:22 - 002072576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-12-11 21:34 - 2019-11-15 03:22 - 000517632 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-12-11 21:34 - 2019-11-15 03:22 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2019-12-11 21:34 - 2019-11-15 03:21 - 000046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2019-12-11 21:34 - 2019-11-15 03:21 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2019-12-11 21:34 - 2019-11-15 03:21 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2019-12-11 21:34 - 2019-11-15 03:21 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2019-12-11 21:34 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2019-12-11 21:34 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2019-12-11 21:32 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2019-12-11 21:32 - 2019-11-15 02:48 - 000142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-08 08:31 - 2015-07-11 11:05 - 000000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2020-01-08 08:18 - 2009-07-14 05:45 - 000020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-08 08:18 - 2009-07-14 05:45 - 000020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-08 07:57 - 2013-09-18 19:07 - 000065536 _____ C:\windows\system32\Ikeext.etl
2020-01-08 07:57 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-01-08 07:57 - 2009-07-14 04:20 - 000000000 ____D C:\windows\tracing
2020-01-05 20:43 - 2011-08-23 01:41 - 000668882 _____ C:\windows\system32\perfh005.dat
2020-01-05 20:43 - 2011-08-23 01:41 - 000141542 _____ C:\windows\system32\perfc005.dat
2020-01-05 20:43 - 2009-07-14 06:13 - 001584626 _____ C:\windows\system32\PerfStringBackup.INI
2020-01-05 20:43 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2020-01-02 20:30 - 2017-12-28 18:27 - 000000000 ____D C:\Users\Lenovo\Desktop\Praha
2020-01-02 19:40 - 2012-01-25 17:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-02 19:18 - 2011-02-12 20:33 - 000000000 ____D C:\windows\Panther
2020-01-02 18:11 - 2011-08-23 02:16 - 000000000 ____D C:\ProgramData\Temp
2020-01-02 17:49 - 2011-08-23 02:26 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-02 16:57 - 2011-08-23 02:34 - 000000000 ____D C:\Program Files (x86)\Windows Live
2020-01-02 16:52 - 2011-08-23 02:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-01-02 16:39 - 2011-08-23 01:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-01-02 16:39 - 2011-08-23 01:16 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-01-02 16:38 - 2012-01-02 11:57 - 000000000 ____D C:\ProgramData\Lenovo
2020-01-02 16:33 - 2011-08-23 02:16 - 000000000 ____D C:\Program Files\Lenovo
2020-01-02 16:33 - 2011-08-23 01:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-01-02 16:31 - 2015-11-29 16:16 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\HpUpdate
2020-01-02 16:31 - 2015-11-29 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-01-02 16:31 - 2015-11-29 16:15 - 000000000 ____D C:\Program Files (x86)\HP
2020-01-02 15:51 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-01-02 15:40 - 2012-01-02 11:52 - 000002004 _____ C:\Users\Lenovo\Desktop\Lenovo Power2Go.lnk
2020-01-02 15:24 - 2015-01-31 16:35 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\BSplayer
2020-01-02 15:24 - 2015-01-31 16:35 - 000000000 ____D C:\Program Files (x86)\Webteh
2020-01-01 18:58 - 2013-06-10 15:05 - 000000000 ____D C:\Users\Lenovo\Desktop\Tereza
2019-12-31 12:22 - 2011-08-23 02:28 - 000000000 ____D C:\Program Files\Google
2019-12-29 18:06 - 2012-09-10 10:28 - 000000000 ____D C:\windows\Minidump
2019-12-26 18:40 - 2018-10-26 18:19 - 000000000 ____D C:\Users\Lenovo\Desktop\Němčina
2019-12-12 19:18 - 2009-07-14 04:20 - 000000000 ____D C:\windows\rescache
2019-12-12 10:30 - 2009-07-14 05:45 - 000414720 _____ C:\windows\system32\FNTCACHE.DAT
2019-12-11 23:35 - 2014-02-26 14:46 - 001559340 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2019-12-11 07:43 - 2013-08-15 12:22 - 000000000 ____D C:\windows\system32\MRT
2019-12-11 07:43 - 2012-01-02 12:26 - 129221664 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Files in the root of some directories ========

2011-08-23 02:16 - 2011-08-23 02:16 - 001914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2013-10-07 12:36 - 2013-12-08 19:55 - 000004608 _____ () C:\Users\Lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-29 14:30
==================== End of FRST.txt ========================[/QUOTE]
RSITinfoLA:
[QUOTE]info.txt logfile of random's system information tool 1.10 2020-01-08 08:16:03

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9AF8E5FC3E00008020210007DF130C000800000020030000DF140C07FEFFFF0028030000D8F61900FEFFFF12FEFFFF0000FA19705922030000000000000000000000000000000055AA

======Uninstall list======

-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
-->MsiExec.exe /I{71B7840D-BB4D-409C-87A2-9EFD10BC0C3D}
7-Zip 19.00 (x64)-->C:\Program Files\7-Zip\Uninstall.exe
Adobe Flash Player 18 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_203_ActiveX.exe -maintain activex
Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\setup\Instup.exe /control_panel
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Graphics Media Accelerator Driver-->C:\windows\SysWOW64\igxpun.exe -uninstall
Intel(R) Network Connections 14.8.43.0-->MsiExec.exe /i{11107A2A-AD44-4BC8-ABB5-E88E63BCA785} ARPREMOVE=1
Intel(R) Network Connections 14.8.43.0-->MsiExec.exe /i{11107A2A-AD44-4BC8-ABB5-E88E63BCA785} ARPREMOVE=1
KA15-->MsiExec.exe /I{8390FC2E-0351-4A83-BA6C-7AF436BC3484}
Lenovo Driver and Application Installation-->C:\Program Files (x86)\InstallShield Installation Information\{45970CD1-D599-47D4-938F-3E9800D54ED1}\setup.exe -runfromtemp -removeonly
Lenovo Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" /z-uninstall
Lenovo Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" /z-uninstall
Lenovo Rescue System-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Lenovo Rescue System-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Lenovo USB2.0 UVC Camera-->C:\Program Files (x86)\InstallShield Installation Information\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}\Setup.exe -runfromtemp -l0x0009 -removeonly
Lenovo YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Lenovo YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Lenovo_Wireless_Driver-->C:\Program Files (x86)\InstallShield Installation Information\{28ABE740-47F3-441B-9437-852F6A64EFF8}\Setup.exe -runfromtemp -l0x0009 -removeonly
LXH-JME2207FN Hotkey Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{42B21298-C850-4272-AFD9-636CBC005421}\setup.exe" -l0x9 -removeonly
Microsoft .NET Framework 4.7.2 (CSY)-->MsiExec.exe /X{F4C44834-E4FA-3DA9-B999-A30EC54E95B0}
Microsoft .NET Framework 4.7.2 (čeština)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.7.2-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.7.2-->MsiExec.exe /X{09CCBE8E-B964-30EF-AE84-6537AB4197F9}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411-->MsiExec.exe /X{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox 71.0 (x64 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MPC-HC 1.7.13 (64-bit)-->"C:\Program Files\MPC-HC\unins000.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
PDF-Viewer-->"C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Setup.exe" -runfromtemp -removeonly
Skype Click to Call-->MsiExec.exe /I{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}
Skype™ 7.6-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Software602 Form Filler-->MsiExec.exe /X{51C3B2AE-0127-45CC-B10F-6AD308AC6AFE}
Spooky2-->"C:\Spooky2\Spooky2_Setup_01122015_17910.exe"
Update for Microsoft .NET Framework 4.7.2 (KB4087364)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {47522EA0-1EBC-3662-97CC-B18525AE978B}
Update for Microsoft .NET Framework 4.7.2 (KB4457016)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {7F832E01-7D03-3152-AF33-096F6540C20F}
Update for Microsoft .NET Framework 4.7.2 (KB4457035)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {CEE50C8E-F11C-390D-9289-47C47B7DEEF7}
Update for Microsoft .NET Framework 4.7.2 (KB4459942)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {8BAAC1B0-F0D6-307B-A896-A8C477A11570}
Update for Microsoft .NET Framework 4.7.2 (KB4470640)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {14050810-1A36-3D3B-A9F9-E1C5D6E6DCD0}
Update for Microsoft .NET Framework 4.7.2 (KB4480055)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {161E4659-045E-3B5A-B2AB-E6D72CDF1CE7}
Update for Microsoft .NET Framework 4.7.2 (KB4483451)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {848DCF02-4F9E-3ADB-8E03-A895A0A7AD3D}
Update for Microsoft .NET Framework 4.7.2 (KB4495588)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {0B4440C5-8D3A-3A74-B1B0-BC4F8927746D}
Update for Microsoft .NET Framework 4.7.2 (KB4506997)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {B89F28D7-403B-3FB8-A37B-B371F36AAF49}
Update for Microsoft .NET Framework 4.7.2 (KB4511516)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {DBEC8235-38BE-3595-8CC7-BEF21A37F3B8}
Update for Microsoft .NET Framework 4.7.2 (KB4515854)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {B64A7579-28D7-3540-9144-9977587718DA}
Update for Microsoft .NET Framework 4.7.2 (KB4533012)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.7.03062\setup.exe /uninstallpatch {ABD26387-2CBE-3AA1-BBAF-CBEC44EBB3EC}
Základní software zařízení HP Deskjet 1510 series-->MsiExec.exe /I{BF7E34C1-4669-46ED-A8DA-244125F41B89}

======System event log======

Computer Name: Lenovo-PC
Event Code: 1014
Message: Překlad názvu teredo.ipv6.microsoft.com nebyl v požadované době dokončen. Žádný z nakonfigurovaných serverů DNS neodpověděl.
Record Number: 321902
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20180325203741.369627-000
Event Type: Upozornění
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Lenovo-PC
Event Code: 7036
Message: Stav služby Podpora rozhraní NetBIOS nad protokolem TCP/IP byl změněn na: Zastaveno
Record Number: 321901
Source Name: Service Control Manager
Time Written: 20180325203731.062098-000
Event Type: Informace
User:

Computer Name: Lenovo-PC
Event Code: 7042
Message: Službě Podpora rozhraní NetBIOS nad protokolem TCP/IP byl úspěšně odeslán ovládací prvek Zastaveno.

Byl zadán důvod: 0x40030011 [Operační systém: Připojení k síti (Plánováno)]

Komentář: Žádné
Record Number: 321900
Source Name: Service Control Manager
Time Written: 20180325203731.062098-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Lenovo-PC
Event Code: 7036
Message: Stav služby Podpora rozhraní NetBIOS nad protokolem TCP/IP byl změněn na: Spuštěno
Record Number: 321899
Source Name: Service Control Manager
Time Written: 20180325203729.065295-000
Event Type: Informace
User:

Computer Name: Lenovo-PC
Event Code: 7036
Message: Stav služby Podpora rozhraní NetBIOS nad protokolem TCP/IP byl změněn na: Zastaveno
Record Number: 321898
Source Name: Service Control Manager
Time Written: 20180325203722.055882-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Lenovo-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows nemohl zpracovat událost upozornění.
Record Number: 44542
Source Name: Microsoft-Windows-Winlogon
Time Written: 20151026222119.000000-000
Event Type: Informace
User:

Computer Name: Lenovo-PC
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0x40010004).
Record Number: 44541
Source Name: Desktop Window Manager
Time Written: 20151026222119.000000-000
Event Type: Informace
User:

Computer Name: Lenovo-PC
Event Code: 903
Message: Služba Ochrana softwaru byla ukončena.

Record Number: 44540
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20151026221549.000000-000
Event Type: Informace
User:

Computer Name: Lenovo-PC
Event Code: 902
Message: Služba Ochrana softwaru byla spuštěna.
6.1.7601.17514
Record Number: 44539
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20151026221036.000000-000
Event Type: Informace
User:

Computer Name: Lenovo-PC
Event Code: 1003
Message: Služba Ochrana softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
1: 01f5fc37-a99e-45c5-b65e-d762f3518ead, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
2: 2e7d060d-4714-40f2-9896-1e4f15b612ad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
3: 3b965dfc-31d9-4903-886f-873a0382776c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
4: 586bc076-c93d-429a-afe5-a69fbc644e88, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
5: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
6: 5e35dc43-389b-47c5-b889-2088b06738cb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
7: 6a7d5d8a-92af-4e6a-af4b-8fddaec800e5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
8: 9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
9: 9f83d90f-a151-4665-ae69-30b3f63ec659, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
10: a63275f4-530c-48a7-b0d3-4f00d688d151, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
11: b8a4bb91-69b1-460d-93f8-40e0670af04a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
12: d2c04e90-c3dd-4260-b0f3-f845f5d27d64, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
13: e68b141f-4dfa-4387-b3b7-e65c4889216e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
14: ee4e1629-bcdc-4b42-a68f-b92e135f78d7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
16: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]


Record Number: 44538
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20151026221036.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Lenovo-PC
Event Code: 5061
Message: Kryptografická operace.

Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 3300ee0a-c15f-4c02-89f0-a623295c4cf3
Typ klíče: Klíč počítače

Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 112296
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180218142147.877993-000
Event Type: Úspěšný audit
User:

Computer Name: Lenovo-PC
Event Code: 5058
Message: Operace se souborem klíče.

Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: 3300ee0a-c15f-4c02-89f0-a623295c4cf3
Typ klíče: Klíč počítače

Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1750d0a699c93cb80af230de3c081a73_724a0d88-8acf-44fc-b5e9-697ef4a39c9b
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 112295
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180218142147.876993-000
Event Type: Úspěšný audit
User:

Computer Name: Lenovo-PC
Event Code: 5061
Message: Kryptografická operace.

Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 3300ee0a-c15f-4c02-89f0-a623295c4cf3
Typ klíče: Klíč počítače

Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 112294
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180218105846.187188-000
Event Type: Úspěšný audit
User:

Computer Name: Lenovo-PC
Event Code: 5058
Message: Operace se souborem klíče.

Předmět:
ID zabezpečení: S-1-5-19
Název účtu: LOCAL SERVICE
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e5

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: Není k dispozici.
Název klíče: 3300ee0a-c15f-4c02-89f0-a623295c4cf3
Typ klíče: Klíč počítače

Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1750d0a699c93cb80af230de3c081a73_724a0d88-8acf-44fc-b5e9-697ef4a39c9b
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 112293
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180218105846.187188-000
Event Type: Úspěšný audit
User:

Computer Name: Lenovo-PC
Event Code: 5061
Message: Kryptografická operace.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LENOVO-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: {CE3F5564-F125-42E1-B8DB-F87270F9561D}
Typ klíče: Klíč počítače

Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 112292
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180218105840.729976-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\DMIX;C:\Program Files (x86)\Skype\Phone\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 28 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=1c0a
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3

-----------------EOF-----------------
[/QUOTE]
RSITlogLA:
[QUOTE]Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2020-01-08 08:15:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 79 GB (37%) free of 213 GB
Total RAM: 3574 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:15:53, on 8.1.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19572)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\jmesoft\hotkey.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files\trend micro\Lenovo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/?PC=UF01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.allianz.cz
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {CEF002D2-5A9F-4656-AA41-85DA2534ACBD} (IBM Lotus iNotes 8.5 Control) - https://portal.allianz.cz/dwa85W.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7628 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
taskeng.exe {D7886A84-45EA-4AFD-A810-F2F45E31065C}
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\windows\System32\lpksetup.exe -v
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
AvastUI.exe /nogui
"C:\windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN55E2C0V505YR;CONNECTION=USB;MONITOR=1;
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\jmesoft\hotkey.exe"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=3264,9265552714679057250,9311269047651454017,131072 --no-sandbox --log-file="C:\Users\Lenovo\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (19.8.2393)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAMAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=4779970278650876446 --mojo-platform-channel-handle=3228 /prefetch:2
C:\windows\system32\sppsvc.exe

"C:\Users\Lenovo\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5f1aa1vt.default-release

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-04-22 165912]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-04-22 385560]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-04-22 364056]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-10-30 11543656]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-01-02 268680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\Program Files (x86)\jmesoft\hotkey.exe [2009-07-16 114688]
"CLMLServer"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]
"UpdateP2GoShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - C:\windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-04-19 261120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2020-01-08 08:15:43 ----D---- C:\rsit
2020-01-08 08:15:43 ----D---- C:\Program Files\trend micro
2020-01-02 19:42:54 ----D---- C:\Users\Lenovo\AppData\Roaming\AVAST Software
2020-01-02 19:40:41 ----A---- C:\windows\system32\aswBoot.exe
2020-01-02 19:40:37 ----A---- C:\windows\system32\drivers\aswVmm.sys
2020-01-02 19:40:37 ----A---- C:\windows\system32\drivers\aswStm.sys
2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswSP.sys
2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswSnx.sys
2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswKbd.sys
2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswbuniv.sys
2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswArPot.sys
2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswArDisk.sys
2020-01-02 19:40:35 ----D---- C:\Program Files\Common Files\AVAST Software
2020-01-02 19:40:35 ----A---- C:\windows\system32\drivers\aswbidsh.sys
2020-01-02 19:40:35 ----A---- C:\windows\system32\drivers\aswbidsdriver.sys
2020-01-02 19:38:10 ----D---- C:\Program Files\AVAST Software
2020-01-02 19:05:48 ----D---- C:\Program Files\CCleaner
2020-01-02 19:03:04 ----D---- C:\Program Files\Tracker Software
2020-01-02 18:59:38 ----D---- C:\Program Files\7-Zip
2020-01-02 18:57:03 ----D---- C:\Users\Lenovo\AppData\Roaming\MPC-HC
2020-01-02 18:55:59 ----D---- C:\Program Files\MPC-HC
2020-01-02 18:51:31 ----D---- C:\Users\Lenovo\AppData\Roaming\Mozilla
2020-01-02 18:51:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-02 18:51:14 ----D---- C:\ProgramData\Mozilla
2020-01-02 18:51:10 ----D---- C:\Program Files\Mozilla Firefox
2020-01-02 15:46:27 ----SHD---- C:\Config.Msi
2019-12-11 21:35:14 ----A---- C:\windows\SYSWOW64\mshtml.dll
2019-12-11 21:35:11 ----A---- C:\windows\system32\win32k.sys
2019-12-11 21:35:11 ----A---- C:\windows\system32\printfilterpipelinesvc.exe
2019-12-11 21:35:11 ----A---- C:\windows\system32\printfilterpipelineprxy.dll
2019-12-11 21:35:11 ----A---- C:\windows\system32\appraiser.dll
2019-12-11 21:35:10 ----A---- C:\windows\SYSWOW64\vbscript.dll
2019-12-11 21:35:10 ----A---- C:\windows\SYSWOW64\quartz.dll
2019-12-11 21:35:10 ----A---- C:\windows\system32\quartz.dll
2019-12-11 21:35:10 ----A---- C:\windows\system32\EOSNotify.exe
2019-12-11 21:35:09 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2019-12-11 21:35:09 ----A---- C:\windows\SYSWOW64\mscms.dll
2019-12-11 21:35:09 ----A---- C:\windows\system32\winload.exe
2019-12-11 21:35:09 ----A---- C:\windows\system32\vbscript.dll
2019-12-11 21:35:09 ----A---- C:\windows\system32\t2embed.dll
2019-12-11 21:35:09 ----A---- C:\windows\system32\mshtml.dll
2019-12-11 21:35:09 ----A---- C:\windows\system32\mscms.dll
2019-12-11 21:35:09 ----A---- C:\windows\system32\fontsub.dll
2019-12-11 21:35:06 ----A---- C:\windows\SYSWOW64\icm32.dll
2019-12-11 21:35:06 ----A---- C:\windows\system32\oleaut32.dll
2019-12-11 21:35:05 ----A---- C:\windows\SYSWOW64\t2embed.dll
2019-12-11 21:35:05 ----A---- C:\windows\SYSWOW64\gdi32.dll
2019-12-11 21:35:05 ----A---- C:\windows\system32\wow64win.dll
2019-12-11 21:35:05 ----A---- C:\windows\system32\WcsPlugInService.dll
2019-12-11 21:35:05 ----A---- C:\windows\system32\services.exe
2019-12-11 21:35:05 ----A---- C:\windows\system32\jscript.dll
2019-12-11 21:35:05 ----A---- C:\windows\system32\icm32.dll
2019-12-11 21:35:05 ----A---- C:\windows\system32\gdi32.dll
2019-12-11 21:35:04 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2019-12-11 21:35:04 ----A---- C:\windows\system32\ntoskrnl.exe
2019-12-11 21:35:04 ----A---- C:\windows\system32\ntdll.dll
2019-12-11 21:35:03 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2019-12-11 21:35:03 ----A---- C:\windows\SYSWOW64\fontsub.dll
2019-12-11 21:35:03 ----A---- C:\windows\system32\hal.dll
2019-12-11 21:35:03 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2019-12-11 21:35:03 ----A---- C:\windows\system32\drivers\ksecdd.sys
2019-12-11 21:35:02 ----A---- C:\windows\SYSWOW64\WcsPlugInService.dll
2019-12-11 21:35:02 ----A---- C:\windows\SYSWOW64\ntdll.dll
2019-12-11 21:35:02 ----A---- C:\windows\SYSWOW64\jscript9.dll
2019-12-11 21:35:02 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2019-12-11 21:35:02 ----A---- C:\windows\SYSWOW64\atmfd.dll
2019-12-11 21:35:02 ----A---- C:\windows\system32\iedkcs32.dll
2019-12-11 21:35:02 ----A---- C:\windows\system32\CompatTelRunner.exe
2019-12-11 21:35:02 ----A---- C:\windows\system32\atmfd.dll
2019-12-11 21:35:00 ----A---- C:\windows\SYSWOW64\jscript.dll
2019-12-11 21:35:00 ----A---- C:\windows\SYSWOW64\certcli.dll
2019-12-11 21:35:00 ----A---- C:\windows\system32\jscript9.dll
2019-12-11 21:35:00 ----A---- C:\windows\system32\certcli.dll
2019-12-11 21:34:59 ----A---- C:\windows\system32\wininet.dll
2019-12-11 21:34:59 ----A---- C:\windows\system32\mshtmlmedia.dll
2019-12-11 21:34:59 ----A---- C:\windows\system32\ieframe.dll
2019-12-11 21:34:57 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2019-12-11 21:34:57 ----A---- C:\windows\SYSWOW64\ieframe.dll
2019-12-11 21:34:57 ----A---- C:\windows\system32\urlmon.dll
2019-12-11 21:34:56 ----A---- C:\windows\SYSWOW64\wininet.dll
2019-12-11 21:34:55 ----A---- C:\windows\SYSWOW64\urlmon.dll
2019-12-11 21:34:55 ----A---- C:\windows\system32\msfeeds.dll
2019-12-11 21:34:55 ----A---- C:\windows\system32\iertutil.dll
2019-12-11 21:34:54 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2019-12-11 21:34:54 ----A---- C:\windows\SYSWOW64\iertutil.dll
2019-12-11 21:34:54 ----A---- C:\windows\system32\rpcrt4.dll
2019-12-11 21:34:54 ----A---- C:\windows\system32\ole32.dll
2019-12-11 21:34:53 ----A---- C:\windows\system32\ieui.dll
2019-12-11 21:34:53 ----A---- C:\windows\system32\ieapfltr.dll
2019-12-11 21:34:53 ----A---- C:\windows\system32\drivers\srvnet.sys
2019-12-11 21:34:53 ----A---- C:\windows\system32\drivers\srv.sys
2019-12-11 21:34:52 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2019-12-11 21:34:52 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2019-12-11 21:34:52 ----A---- C:\windows\system32\webcheck.dll
2019-12-11 21:34:52 ----A---- C:\windows\system32\msrating.dll
2019-12-11 21:34:52 ----A---- C:\windows\system32\mshtmled.dll
2019-12-11 21:34:52 ----A---- C:\windows\system32\lsasrv.dll
2019-12-11 21:34:52 ----A---- C:\windows\system32\dxtrans.dll
2019-12-11 21:34:52 ----A---- C:\windows\system32\dxtmsft.dll
2019-12-11 21:34:52 ----A---- C:\windows\system32\drivers\videoprt.sys
2019-12-11 21:34:51 ----A---- C:\windows\system32\occache.dll
2019-12-11 21:34:51 ----A---- C:\windows\system32\kerberos.dll
2019-12-11 21:34:51 ----A---- C:\windows\system32\jscript9diag.dll
2019-12-11 21:34:51 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2019-12-11 21:34:50 ----A---- C:\windows\SYSWOW64\webcheck.dll
2019-12-11 21:34:50 ----A---- C:\windows\SYSWOW64\ieui.dll
2019-12-11 21:34:50 ----A---- C:\windows\system32\user32.dll
2019-12-11 21:34:50 ----A---- C:\windows\system32\advapi32.dll
2019-12-11 21:34:49 ----A---- C:\windows\SYSWOW64\ole32.dll
2019-12-11 21:34:49 ----A---- C:\windows\system32\smss.exe
2019-12-11 21:34:48 ----A---- C:\windows\SYSWOW64\user32.dll
2019-12-11 21:34:48 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2019-12-11 21:34:48 ----A---- C:\windows\system32\rpcss.dll
2019-12-11 21:34:48 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2019-12-11 21:34:48 ----A---- C:\windows\system32\kernel32.dll
2019-12-11 21:34:48 ----A---- C:\windows\system32\jsproxy.dll
2019-12-11 21:34:47 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2019-12-11 21:34:47 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2019-12-11 21:34:47 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2019-12-11 21:34:47 ----A---- C:\windows\system32\drivers\srv2.sys
2019-12-11 21:34:46 ----A---- C:\windows\SYSWOW64\occache.dll
2019-12-11 21:34:46 ----A---- C:\windows\SYSWOW64\msrating.dll
2019-12-11 21:34:46 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2019-12-11 21:34:46 ----A---- C:\windows\system32\srvsvc.dll
2019-12-11 21:34:46 ----A---- C:\windows\system32\schannel.dll
2019-12-11 21:34:46 ----A---- C:\windows\system32\msv1_0.dll
2019-12-11 21:34:46 ----A---- C:\windows\system32\MshtmlDac.dll
2019-12-11 21:34:46 ----A---- C:\windows\system32\inseng.dll
2019-12-11 21:34:46 ----A---- C:\windows\system32\ieUnatt.exe
2019-12-11 21:34:46 ----A---- C:\windows\system32\ieetwproxystub.dll
2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\sspicli.dll
2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\kerberos.dll
2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\inseng.dll
2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\advapi32.dll
2019-12-11 21:34:45 ----A---- C:\windows\system32\winsrv.dll
2019-12-11 21:34:45 ----A---- C:\windows\system32\ncrypt.dll
2019-12-11 21:34:45 ----A---- C:\windows\system32\KernelBase.dll
2019-12-11 21:34:45 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 21:34:45 ----A---- C:\windows\system32\iesetup.dll
2019-12-11 21:34:45 ----A---- C:\windows\system32\ie4uinit.exe
2019-12-11 21:34:45 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2019-12-11 21:34:44 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2019-12-11 21:34:44 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2019-12-11 21:34:44 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2019-12-11 21:34:44 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-12-11 21:34:44 ----A---- C:\windows\SYSWOW64\iesetup.dll
2019-12-11 21:34:44 ----A---- C:\windows\system32\wow64.dll
2019-12-11 21:34:44 ----A---- C:\windows\system32\wdigest.dll
2019-12-11 21:34:44 ----A---- C:\windows\system32\TSpkg.dll
2019-12-11 21:34:44 ----A---- C:\windows\system32\sspicli.dll
2019-12-11 21:34:44 ----A---- C:\windows\system32\srcore.dll
2019-12-11 21:34:44 ----A---- C:\windows\system32\rpchttp.dll
2019-12-11 21:34:44 ----A---- C:\windows\system32\iernonce.dll
2019-12-11 21:34:44 ----A---- C:\windows\system32\ieetwcollector.exe
2019-12-11 21:34:44 ----A---- C:\windows\system32\conhost.exe
2019-12-11 21:34:44 ----A---- C:\windows\system32\bcrypt.dll
2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\wdigest.dll
2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\schannel.dll
2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\iernonce.dll
2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\bcrypt.dll
2019-12-11 21:34:43 ----A---- C:\windows\system32\wow64cpu.dll
2019-12-11 21:34:43 ----A---- C:\windows\system32\sspisrv.dll
2019-12-11 21:34:43 ----A---- C:\windows\system32\sscore.dll
2019-12-11 21:34:43 ----A---- C:\windows\system32\srclient.dll
2019-12-11 21:34:43 ----A---- C:\windows\system32\secur32.dll
2019-12-11 21:34:43 ----A---- C:\windows\system32\lsass.exe
2019-12-11 21:34:43 ----A---- C:\windows\system32\lpk.dll
2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\processr.sys
2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\intelppm.sys
2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\appid.sys
2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\amdppm.sys
2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\amdk8.sys
2019-12-11 21:34:43 ----A---- C:\windows\system32\csrsrv.dll
2019-12-11 21:34:43 ----A---- C:\windows\system32\cryptbase.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\wow32.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\sscore.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\srclient.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\secur32.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\lpk.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\kernel32.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\dciman32.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\credssp.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\comcat.dll
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\auditpol.exe
2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\appidapi.dll
2019-12-11 21:34:42 ----A---- C:\windows\system32\setbcdlocale.dll
2019-12-11 21:34:42 ----A---- C:\windows\system32\rstrui.exe
2019-12-11 21:34:42 ----A---- C:\windows\system32\ntvdm64.dll
2019-12-11 21:34:42 ----A---- C:\windows\system32\drivers\npfs.sys
2019-12-11 21:34:42 ----A---- C:\windows\system32\dciman32.dll
2019-12-11 21:34:42 ----A---- C:\windows\system32\credssp.dll
2019-12-11 21:34:42 ----A---- C:\windows\system32\comcat.dll
2019-12-11 21:34:42 ----A---- C:\windows\system32\auditpol.exe
2019-12-11 21:34:42 ----A---- C:\windows\system32\appidsvc.dll
2019-12-11 21:34:42 ----A---- C:\windows\system32\appidpolicyconverter.exe
2019-12-11 21:34:42 ----A---- C:\windows\system32\appidcertstorecheck.exe
2019-12-11 21:34:42 ----A---- C:\windows\system32\appidapi.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 21:34:41 ----A---- C:\windows\SYSWOW64\user.exe
2019-12-11 21:34:41 ----A---- C:\windows\SYSWOW64\setup16.exe
2019-12-11 21:34:41 ----A---- C:\windows\SYSWOW64\instnm.exe
2019-12-11 21:34:41 ----A---- C:\windows\SYSWOW64\atmlib.dll
2019-12-11 21:34:41 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2019-12-11 21:34:41 ----A---- C:\windows\system32\atmlib.dll
2019-12-11 21:34:41 ----A---- C:\windows\system32\apisetschema.dll
2019-12-11 21:34:40 ----A---- C:\windows\SYSWOW64\adtschema.dll
2019-12-11 21:34:40 ----A---- C:\windows\system32\adtschema.dll
2019-12-11 21:34:39 ----A---- C:\windows\SYSWOW64\oleres.dll
2019-12-11 21:34:39 ----A---- C:\windows\SYSWOW64\msobjs.dll
2019-12-11 21:34:39 ----A---- C:\windows\SYSWOW64\msaudite.dll
2019-12-11 21:34:39 ----A---- C:\windows\system32\oleres.dll
2019-12-11 21:34:39 ----A---- C:\windows\system32\msobjs.dll
2019-12-11 21:34:39 ----A---- C:\windows\system32\msaudite.dll
2019-12-11 21:34:39 ----A---- C:\windows\system32\ieetwcollectorres.dll
2019-12-11 21:32:29 ----A---- C:\windows\SYSWOW64\poqexec.exe
2019-12-11 21:32:29 ----A---- C:\windows\system32\poqexec.exe
2019-11-24 08:37:00 ----A---- C:\windows\SYSWOW64\netlogon.dll
2019-11-24 08:37:00 ----A---- C:\windows\system32\netlogon.dll
2019-11-24 08:36:59 ----A---- C:\windows\system32\iphlpsvc.dll
2019-11-24 08:36:57 ----A---- C:\windows\SYSWOW64\upnphost.dll
2019-11-24 08:36:57 ----A---- C:\windows\SYSWOW64\udhisapi.dll
2019-11-24 08:36:57 ----A---- C:\windows\system32\upnphost.dll
2019-11-24 08:36:57 ----A---- C:\windows\system32\udhisapi.dll
2019-11-24 08:36:56 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2019-11-24 08:36:56 ----A---- C:\windows\system32\netcorehc.dll
2019-11-24 08:36:56 ----A---- C:\windows\system32\AxInstSv.dll
2019-11-24 08:36:55 ----A---- C:\windows\system32\aeinv.dll
2019-11-24 08:36:54 ----A---- C:\windows\SYSWOW64\DWrite.dll
2019-11-24 08:36:54 ----A---- C:\windows\system32\FntCache.dll
2019-11-24 08:36:54 ----A---- C:\windows\system32\DWrite.dll
2019-11-24 08:36:52 ----A---- C:\windows\system32\devinv.dll
2019-11-24 08:36:52 ----A---- C:\windows\system32\centel.dll
2019-11-24 08:36:50 ----A---- C:\windows\SYSWOW64\msjet40.dll
2019-11-24 08:36:50 ----A---- C:\windows\system32\invagent.dll
2019-11-24 08:36:50 ----A---- C:\windows\system32\generaltel.dll
2019-11-24 08:36:49 ----A---- C:\windows\SYSWOW64\usp10.dll
2019-11-24 08:36:49 ----A---- C:\windows\SYSWOW64\upnpcont.exe
2019-11-24 08:36:49 ----A---- C:\windows\system32\upnpcont.exe
2019-11-24 08:36:49 ----A---- C:\windows\system32\drivers\msrpc.sys
2019-11-24 08:36:49 ----A---- C:\windows\system32\cryptui.dll
2019-11-24 08:36:48 ----A---- C:\windows\SYSWOW64\userenv.dll
2019-11-24 08:36:48 ----A---- C:\windows\SYSWOW64\cryptui.dll
2019-11-24 08:36:48 ----A---- C:\windows\system32\usp10.dll
2019-11-24 08:36:48 ----A---- C:\windows\system32\userenv.dll
2019-11-24 08:36:48 ----A---- C:\windows\system32\consent.exe
2019-11-24 08:36:48 ----A---- C:\windows\system32\AxInstUI.exe
2019-11-24 08:36:48 ----A---- C:\windows\system32\aepic.dll
2019-11-24 08:36:48 ----A---- C:\windows\system32\acmigration.dll
2019-11-24 08:36:47 ----A---- C:\windows\SYSWOW64\mf3216.dll
2019-11-24 08:36:47 ----A---- C:\windows\system32\mf3216.dll
2019-11-24 08:36:46 ----A---- C:\windows\SYSWOW64\tzres.dll
2019-11-24 08:36:46 ----A---- C:\windows\system32\tzres.dll
2019-11-24 08:36:45 ----A---- C:\windows\SYSWOW64\msihnd.dll
2019-11-24 08:36:45 ----A---- C:\windows\system32\msihnd.dll
2019-11-24 08:36:44 ----A---- C:\windows\SYSWOW64\msiexec.exe
2019-11-24 08:36:44 ----A---- C:\windows\SYSWOW64\authui.dll
2019-11-24 08:36:44 ----A---- C:\windows\system32\msiexec.exe
2019-11-24 08:36:44 ----A---- C:\windows\system32\authui.dll
2019-11-24 08:36:44 ----A---- C:\windows\system32\appinfo.dll
2019-11-24 08:36:42 ----A---- C:\windows\system32\msi.dll
2019-11-24 08:36:41 ----A---- C:\windows\SYSWOW64\msi.dll
2019-11-24 08:36:36 ----A---- C:\windows\SYSWOW64\msimsg.dll
2019-11-24 08:36:36 ----A---- C:\windows\system32\msimsg.dll
2019-11-24 08:36:34 ----A---- C:\windows\system32\msimg32.dll
2019-11-24 08:36:33 ----A---- C:\windows\SYSWOW64\msimg32.dll
2019-11-24 08:36:32 ----A---- C:\windows\system32\aitstatic.exe
2019-10-20 19:39:16 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2019-10-20 19:39:16 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2019-10-20 19:39:16 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2019-10-20 19:39:16 ----A---- C:\windows\system32\audiosrv.dll
2019-10-20 19:39:16 ----A---- C:\windows\system32\AudioSes.dll
2019-10-20 19:39:16 ----A---- C:\windows\system32\AUDIOKSE.dll
2019-10-20 19:39:16 ----A---- C:\windows\system32\AudioEng.dll
2019-10-20 19:39:14 ----A---- C:\windows\SYSWOW64\wer.dll
2019-10-20 19:39:14 ----A---- C:\windows\system32\werconcpl.dll
2019-10-20 19:39:14 ----A---- C:\windows\system32\wer.dll
2019-10-20 19:39:14 ----A---- C:\windows\system32\umpo.dll
2019-10-20 19:39:14 ----A---- C:\windows\system32\EncDump.dll
2019-10-20 19:39:14 ----A---- C:\windows\system32\audiodg.exe
2019-10-20 19:39:13 ----A---- C:\windows\SYSWOW64\WerFault.exe
2019-10-20 19:39:13 ----A---- C:\windows\SYSWOW64\DWWIN.EXE
2019-10-20 19:39:13 ----A---- C:\windows\system32\WerFault.exe
2019-10-20 19:39:13 ----A---- C:\windows\system32\DWWIN.EXE
2019-10-20 19:39:13 ----A---- C:\windows\system32\drivers\monitor.sys
2019-10-20 19:39:13 ----A---- C:\windows\system32\ci.dll
2019-10-20 19:39:12 ----A---- C:\windows\SYSWOW64\msrd3x40.dll
2019-10-20 19:39:12 ----A---- C:\windows\SYSWOW64\msltus40.dll
2019-10-20 19:39:12 ----A---- C:\windows\SYSWOW64\Faultrep.dll
2019-10-20 19:39:12 ----A---- C:\windows\system32\wercplsupport.dll
2019-10-20 19:39:12 ----A---- C:\windows\system32\Faultrep.dll
2019-10-20 19:39:12 ----A---- C:\windows\system32\drivers\rdbss.sys
2019-10-20 19:39:09 ----A---- C:\windows\SYSWOW64\werui.dll
2019-10-20 19:39:09 ----A---- C:\windows\SYSWOW64\wermgr.exe
2019-10-20 19:39:09 ----A---- C:\windows\SYSWOW64\WerFaultSecure.exe
2019-10-20 19:39:09 ----A---- C:\windows\SYSWOW64\werdiagcontroller.dll
2019-10-20 19:39:09 ----A---- C:\windows\system32\werui.dll
2019-10-20 19:39:09 ----A---- C:\windows\system32\wermgr.exe
2019-10-20 19:39:09 ----A---- C:\windows\system32\WerFaultSecure.exe
2019-10-20 19:39:09 ----A---- C:\windows\system32\werdiagcontroller.dll

======List of files/folders modified in the last 3 months======

2020-01-08 08:15:53 ----D---- C:\windows\Prefetch
2020-01-08 08:15:43 ----D---- C:\Program Files
2020-01-08 08:13:26 ----D---- C:\windows\Temp
2020-01-08 07:57:52 ----D---- C:\windows\tracing
2020-01-08 07:20:30 ----D---- C:\windows\system32\config
2020-01-05 20:43:36 ----AD---- C:\windows\System32
2020-01-05 20:43:36 ----A---- C:\windows\system32\PerfStringBackup.INI
2020-01-05 20:43:35 ----D---- C:\windows\inf
2020-01-04 11:50:21 ----SHD---- C:\System Volume Information
2020-01-02 22:44:59 ----D---- C:\Windows
2020-01-02 19:41:41 ----D---- C:\windows\system32\Tasks
2020-01-02 19:41:23 ----D---- C:\windows\system32\drivers
2020-01-02 19:41:06 ----D---- C:\windows\winsxs
2020-01-02 19:40:35 ----D---- C:\ProgramData\AVAST Software
2020-01-02 19:40:35 ----D---- C:\Program Files\Common Files
2020-01-02 19:18:24 ----D---- C:\windows\Panther
2020-01-02 19:18:08 ----D---- C:\windows\Logs
2020-01-02 19:18:08 ----D---- C:\windows\debug
2020-01-02 18:51:16 ----RD---- C:\Program Files (x86)
2020-01-02 18:51:14 ----HD---- C:\ProgramData
2020-01-02 18:11:17 ----AD---- C:\ProgramData\Temp
2020-01-02 17:49:42 ----D---- C:\Program Files (x86)\Google
2020-01-02 17:49:39 ----SHD---- C:\windows\Installer
2020-01-02 16:57:23 ----D---- C:\Program Files (x86)\Windows Live
2020-01-02 16:52:12 ----SD---- C:\ProgramData\Microsoft
2020-01-02 16:52:06 ----D---- C:\Program Files (x86)\Microsoft Office
2020-01-02 16:48:23 ----RSD---- C:\windows\assembly
2020-01-02 16:39:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2020-01-02 16:39:08 ----D---- C:\Program Files (x86)\Lenovo
2020-01-02 16:33:25 ----D---- C:\Program Files\Lenovo
2020-01-02 16:31:56 ----D---- C:\Program Files (x86)\HP
2020-01-02 16:31:08 ----D---- C:\Users\Lenovo\AppData\Roaming\HpUpdate
2020-01-02 16:14:33 ----D---- C:\windows\Microsoft.NET
2020-01-02 15:51:10 ----D---- C:\Program Files\Common Files\Microsoft Shared
2020-01-02 15:48:17 ----D---- C:\windows\SysWOW64
2020-01-02 15:37:59 ----D---- C:\Program Files (x86)\Common Files
2020-01-02 15:24:37 ----D---- C:\Users\Lenovo\AppData\Roaming\BSplayer
2020-01-02 15:24:37 ----D---- C:\Program Files (x86)\Webteh
2019-12-31 12:22:56 ----D---- C:\Program Files\Google
2019-12-30 13:19:35 ----SD---- C:\Users\Lenovo\AppData\Roaming\Microsoft
2019-12-29 23:39:12 ----D---- C:\windows\system32\catroot2
2019-12-29 18:06:18 ----D---- C:\windows\Minidump
2019-12-12 19:18:21 ----D---- C:\windows\rescache
2019-12-12 10:24:31 ----D---- C:\Program Files\Internet Explorer
2019-12-12 10:24:26 ----D---- C:\windows\SYSWOW64\cs-CZ
2019-12-12 10:24:26 ----D---- C:\Program Files (x86)\Internet Explorer
2019-12-12 10:24:25 ----D---- C:\windows\SYSWOW64\en-US
2019-12-12 10:24:21 ----D---- C:\windows\system32\drivers\en-US
2019-12-12 10:24:21 ----D---- C:\windows\system32\cs-CZ
2019-12-12 10:24:19 ----D---- C:\windows\system32\en-US
2019-12-12 10:24:11 ----D---- C:\windows\AppPatch
2019-12-12 10:24:08 ----D---- C:\windows\system32\Boot
2019-12-12 10:24:04 ----D---- C:\windows\system32\DriverStore
2019-12-11 23:35:18 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2019-12-11 07:43:41 ----D---- C:\windows\system32\MRT
2019-12-11 07:43:23 ----AC---- C:\windows\system32\MRT.exe
2019-12-06 19:34:52 ----SD---- C:\windows\system32\CompatTel
2019-12-06 19:34:52 ----D---- C:\windows\system32\appraiser
2019-12-06 19:34:52 ----D---- C:\windows\PolicyDefinitions
2019-12-06 19:34:36 ----D---- C:\windows\SYSWOW64\migration
2019-12-06 19:34:34 ----D---- C:\windows\system32\migration
2019-11-12 22:03:31 ----N---- C:\windows\system32\MpSigStub.exe
2019-10-30 09:18:37 ----D---- C:\windows\ehome

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\windows\system32\drivers\aswArDisk.sys [2020-01-02 37616]
R0 aswbidsh;aswbidsh; C:\windows\system32\drivers\aswbidsh.sys [2020-01-02 209552]
R0 aswbuniv;aswbuniv; C:\windows\system32\drivers\aswbuniv.sys [2020-01-02 65120]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2020-01-02 83792]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2020-01-02 316528]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\windows\system32\drivers\aswArPot.sys [2020-01-02 204824]
R1 aswbidsdriver;aswbidsdriver; C:\windows\system32\drivers\aswbidsdriver.sys [2020-01-02 274456]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2020-01-02 42736]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2020-01-02 110320]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2020-01-02 848432]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2020-01-02 460448]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2020-01-02 171520]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2020-01-02 236024]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-03-03 1594368]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 FEIExpress;Intel(R) 10/100 Network Connection Driver; C:\windows\system32\DRIVERS\fei62x64.sys [2009-10-02 187392]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-04-19 6179616]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-10-30 2530152]
R3 VMC412;Vimicro Camera Service VMC412; C:\windows\System32\Drivers\VMC412.sys [2010-07-17 237568]
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-03-12 242720]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 151656]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-01-02 996880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-01-02 6259592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-11 268976]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2019-11-19 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-12-02 244936]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-01-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]

-----------------EOF-----------------
[/QUOTE]
kevin00 (10238)|17.1.2020 17:12
V notepadu vytvoř nový soubor a vlož do něj:

[CODE]
Start
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]

EmptyTemp:
Reboot:
End
[/CODE]

Soubor ulož jako fixlist.txt a ulož jej vedle FRST. Spusť FRST a klikni na fix. Vlož nově vytvořený log fixlog.txt.
Ventero (1280)|22.1.2020 09:45
[code]Fix result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Lenovo (22-01-2020 09:31:31) Run:1
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo (Available Profiles: Lenovo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]

EmptyTemp:
Reboot:
End
*****************

"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => removed successfully
"HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd." => not found
C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll => moved successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd." => not found
C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9074446 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 15176864 B
Edge => 0 B
Chrome => 0 B
Firefox => 572067613 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42371403 B
systemprofile32 => 47475723 B
LocalService => 47475723 B
NetworkService => 47475723 B
Lenovo => 50985288 B

RecycleBin => 4455 B
EmptyTemp: => 801.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:32:00 ====[/code]
john (877)|25.1.2020 03:41
muzes pripadne zkusit https://privazer.com/
kevin00 (10238)|26.1.2020 15:33
Udělej scan z Malwarebytes
Ventero (1280)|29.1.2020 09:25
Nastaven na plny vykon a tentokrat uz nic nenasel.
kevin00 (10238)|30.1.2020 16:36
Tak bys měl mít nyní pokoj :)
Ventero (1280)|31.1.2020 06:57
Diky. Ten frst tam neco smazl? Podle ceho si vyextrahoval ty polozky do toho fixu ? - prisli ti podezrele? Nebo necemu branily?
kevin00 (10238)|3.2.2020 19:15
Ano, pomocí fixlistu byly smazány "položky" do něj zapsané. Kontrola logu je prováděna ručně.