Favicon Svetmobilne.cz  Svět mobilně Favicon Svetaudia.cz  Svět audia Favicon TVFreak.cz  TV Freak   Fórum Favicon Digimanie.cz  Digimanie   Fórum   Galerie Společnost oXy Online s.r.o.
Strana 1 z 2 12 PosledníPoslední
Zobrazené výsledky: 1 až 15 z 18

Téma: Cim jeste docistit Windows.

  1. #1
    Starousedlík SHW Avatar uživatele Ventero
    Registrace
    Oct 2012
    Příspěvků
    1,155

    PC s W7 dlouho bez ochrany a tak se nejake ty "deticky" narodily. Proveden sken aktualnim Avastem po restartu a nalezen keylogger 2 kousky. Takze cim to jeste projet, at se ujistim, ze tam nic podobneho neni. Prosim jen o proverene funkcni SW a zadne fakes, ktere PC zase~ou jeste vic. Doufam, ze se ozve Kevin, Salamander nebo nekdo z tech "starsich" zkusenych clenu

    Je i treba neco poradneho, co bezi z Linuxu nebo samoboot nezavisle na napadenem OS?
    Naposledy upraveno uživatelem Ventero: 03-01-2020 v 19:59
    Odpovídat lze po přihlášení

  2. #2
    Starousedlík SHW
    Registrace
    Feb 2008
    Příspěvků
    1,149

    Dobrý je Eset online scanner.
    Ale nechceš tam rovnou dát jiný OS? W7 za chvíli končí podpora.
    Odpovídat lze po přihlášení



  3. #3
    Starousedlík SHW Avatar uživatele Ventero
    Registrace
    Oct 2012
    Příspěvků
    1,155

    To bych udělal nejraději, kdyby to šlo - teď to však musím řešit takto. A stejně potřebuji pořádně projet a pročistit i soubory co tam jsou.
    Jaký je názor na Malwarebytes Anti Malware či na SpyHunter?
    Ještě jsem našel zmínky o Swat It, A-squared či Anti-keylogger?
    Nechci si však instalovat další sajrajt, tak se tu doptávám na zkušenosti a doporučení - jinak googlit umim - to jo
    Odpovídat lze po přihlášení

  4. #4
    Starousedlík SHW
    Registrace
    Feb 2008
    Příspěvků
    1,149

    Eset si myslím bude stačit.
    Odpovídat lze po přihlášení

  5. #5
    Starousedlík SHW Avatar uživatele kevin00
    Registrace
    Feb 2008
    Příspěvků
    10,170

    U operačního systému Win7 doporučuji provést log z RIST (32bit / 64bit) a FRST. Nic nezkažíš ani skenem pomocí Malwarebytes.
    Odpovídat lze po přihlášení

  6. #6
    Starousedlík SHW Avatar uživatele Ventero
    Registrace
    Oct 2012
    Příspěvků
    1,155

    Kevin: Tak mam ty logy - co s nimi? Co hledat či kam ti je můžu poslat, když tu místní admini zrušili privátní zprávy ? Což hodnotím jako připokakaně paranoidní - žádná jiná fóra, která užívám s tím nemají potíž a jistě nejsou v rozporu s GDPR, zatímco Policie ČR toto porušuje zcela nepokrytě a nikdo to neřeší.
    Odpovídat lze po přihlášení

  7. #7
    Starousedlík SHW Avatar uživatele kevin00
    Registrace
    Feb 2008
    Příspěvků
    10,170

    Vlož je do threadu v tagu spoiler
    Odpovídat lze po přihlášení



  8. #8
    Starousedlík SHW Avatar uživatele Ventero
    Registrace
    Oct 2012
    Příspěvků
    1,155

    Takže spoiler jsem tu nikde nenašel, dávám tedy jako přiložený zip se všemi čtyřmi logy. Jinak Malwarebytes také našel 2 hrozby v Downloads - dal jsem odstranit, ale nevím, jestli to tam něco stále aktivního nestahuje ...
    Připojené soubory Připojené soubory
    Odpovídat lze po přihlášení

  9. #9
    Starousedlík SHW Avatar uživatele kevin00
    Registrace
    Feb 2008
    Příspěvků
    10,170

    Tag spoiler je zcela vpravo v posledním řádku pokročilého editoru, ikona +. Stahování *.zip ze zavirovaného PC není zcela ideální
    Odpovídat lze po přihlášení

  10. #10
    Starousedlík SHW Avatar uživatele Ventero
    Registrace
    Oct 2012
    Příspěvků
    1,155

    No - není tam, ať koukám, jak koukám ... No pořeším to alternativně přes citaci z jiného příspěvku:
    FRSTadditionLA:
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
    Ran by Lenovo (08-01-2020 08:41:56)
    Running from C:\Users\Lenovo\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) (2012-01-02 10:52:34)
    Boot Mode: Normal
    ================================================== ========


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3293028386-2514289208-1168274650-500 - Administrator - Disabled)
    Guest (S-1-5-21-3293028386-2514289208-1168274650-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3293028386-2514289208-1168274650-1003 - Limited - Enabled)
    Lenovo (S-1-5-21-3293028386-2514289208-1168274650-1001 - Administrator - Enabled) => C:\Users\Lenovo

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
    Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.203 - Adobe Systems Incorporated)
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
    CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
    Intel(R) Network Connections 14.8.43.0 (HKLM\...\PROSetDX) (Version: 14.8.43.0 - Intel)
    KA15 (HKLM-x32\...\{8390FC2E-0351-4A83-BA6C-7AF436BC3484}) (Version: 5.6.0 - Allianz pojišťovna, a.s.)
    Lenovo Driver and Application Installation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
    Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.4827a - CyberLink Corp.) Hidden
    Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.4827a - CyberLink Corp.)
    Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1029 - CyberLink Corp.) Hidden
    Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1029 - CyberLink Corp.)
    Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
    Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.) Hidden
    Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
    Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
    LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
    Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
    Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
    MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30116 - Realtek Semiconductor Corp.)
    Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
    Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
    Software602 Form Filler (HKLM-x32\...\{51C3B2AE-0127-45CC-B10F-6AD308AC6AFE}) (Version: 4.51 - Software602 a.s.)
    Spooky2 (HKLM-x32\...\Spooky2) (Version: 1.0 - Cancer Clinic NZ Ltd)
    Základní software zařízení HP Deskjet 1510 series (HKLM\...\{BF7E34C1-4669-46ED-A8DA-244125F41B89}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-04-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-02] (AVAST Software s.r.o. -> AVAST Software)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Fi lter="__EventFilter.Name=\"BVTFilter\"::
    WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
    WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

    ==================== Loaded Modules (Whitelisted) =============

    2011-08-23 01:26 - 2009-07-16 17:20 - 000032768 _____ () [File not signed] C:\Program Files (x86)\jmesoft\Keyhook.dll
    2011-08-23 01:26 - 2007-12-31 18:27 - 000007168 _____ () [File not signed] C:\Program Files (x86)\jmesoft\VistaVolume.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:8927A071 [458]
    AlternateDataStreams: C:\ProgramData\Temp282699C [114]
    AlternateDataStreams: C:\Users\Lenovo\Desktop\poslední strana.jpeg:3or4kl4x13tuuug3Byamue2s4b [93]
    AlternateDataStreams: C:\Users\Lenovo\Desktop\poslední strana.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

    ==================== Safe Mode (Whitelisted) ==================

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer trusted/restricted ==========

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\...\allianz.cz -> allianz.cz
    IE trusted site: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\...\mcafee.com -> hxxp://mcafee.com
    IE trusted site: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\...\mcafee.com -> hxxps://mcafee.com

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\windows\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\ Themes\TranscodedWallpaper.jpg
    DNS Servers: 213.46.172.37 - 213.46.172.36
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{2A8A3311-B543-46EF-ABC0-FA193FC5C04D}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
    FirewallRules: [{52465F5F-9D78-4396-B852-AB0920E4486F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
    FirewallRules: [{6C5B8A56-15F8-4881-988D-4044310A175C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{84CF4530-0FE0-41D0-BDBB-8741D21BA0BB}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{18610D6E-94F7-4A4B-A966-092BA572688E}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{0CB45155-DC09-4785-9622-9E40A330F9A7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{F5409D9E-D3EE-45A4-AAAA-BF8D3FEC0016}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

    ==================== Restore Points =========================

    04-01-2020 11:49:46 Naplánovaný kontrolní bod

    ==================== Faulty Device Manager Devices ============


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (01/08/2020 07:58:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (01/08/2020 07:15:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (01/05/2020 05:17:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (01/05/2020 02:58:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (01/05/2020 01:37:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (01/04/2020 09:50:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

    Error: (01/02/2020 10:46:03 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: Index nebyl inicializován.

    Podrobnosti:
    Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (01/02/2020 10:46:03 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: Aplikace nebyla inicializována.

    Kontext: aplikace Windows

    Podrobnosti:
    Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


    System errors:
    =============
    Error: (01/03/2020 01:00:35 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

    Error: (01/03/2020 09:13:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: Při čekání na odezvu transakce služby Netman bylo dosaženo časového limitu (30000 ms).

    Error: (01/02/2020 10:50:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Služba Windows Search přestala během spouštění reagovat.

    Error: (01/02/2020 10:46:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
    Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

    Error: (01/02/2020 10:46:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (30000 ms).

    Error: (01/02/2020 10:46:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

    Error: (01/02/2020 10:46:04 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

    Error: (01/02/2020 01:22:15 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.


    Windows Defender:
    ===================================
    Date: 2019-07-29 12:17:24.960
    Description:
    Prohledávání Windows Defender bylo zastaveno před dokončením.
    ID prohledávání:{DFFA5C64-6960-4E2C-91B5-CD29D01ECE76}
    Typ prohledávání:Antispywarový program
    Parametry prohledávání:Rychlé prohledávání
    Uživatel:NT AUTHORITY\NETWORK SERVICE

    Date: 2019-06-09 05:47:04.285
    Description:
    Prohledávání Windows Defender bylo zastaveno před dokončením.
    ID prohledávání:{108FB083-784B-4404-827A-6A631FB599C6}
    Typ prohledávání:Antispywarový program
    Parametry prohledávání:Rychlé prohledávání
    Uživatel:NT AUTHORITY\NETWORK SERVICE

    Date: 2019-03-21 22:14:48.147
    Description:
    Prohledávání Windows Defender bylo zastaveno před dokončením.
    ID prohledávání:{80199228-2E26-4F67-B759-305D53B19272}
    Typ prohledávání:Antispywarový program
    Parametry prohledávání:Rychlé prohledávání
    Uživatel:NT AUTHORITY\NETWORK SERVICE

    Date: 2016-01-12 04:50:57.707
    Description:
    Prohledávání Windows Defender bylo zastaveno před dokončením.
    ID prohledávání:{A7352D1A-AFC8-4B03-8E22-FE3D78DD6C8C}
    Typ prohledávání:Antispywarový program
    Parametry prohledávání:Rychlé prohledávání
    Uživatel:NT AUTHORITY\NETWORK SERVICE

    Date: 2016-01-04 04:46:10.036
    Description:
    Prohledávání Windows Defender bylo zastaveno před dokončením.
    ID prohledávání:{83CB5987-19E7-42D7-BE95-D634DBB7815D}
    Typ prohledávání:Antispywarový program
    Parametry prohledávání:Rychlé prohledávání
    Uživatel:NT AUTHORITY\NETWORK SERVICE

    Date: 2016-01-11 19:44:35.963
    Description:
    Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
    Podpisy, které se měly načíst:Aktuální
    Kód chyby:0x80070002
    Popis chyby:Systém nemůže nalézt uvedený soubor.
    Verze podpisu:0.0.0.0
    Verze modulu:0.0.0.0

    Date: 2013-04-29 21:02:01.351
    Description:
    Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
    Podpisy, které se měly načíst:Aktuální
    Kód chyby:0x80070002
    Popis chyby:Systém nemůže nalézt uvedený soubor.
    Verze podpisu:0.0.0.0
    Verze modulu:0.0.0.0

    Date: 2012-09-14 15:34:13.138
    Description:
    Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
    Podpisy, které se měly načíst:Aktuální
    Kód chyby:0x80070002
    Popis chyby:Systém nemůže nalézt uvedený soubor.
    Verze podpisu:0.0.0.0
    Verze modulu:0.0.0.0

    ==================== Memory info ===========================

    BIOS: LENOVO DJKT06AUS 11/22/2010
    Motherboard: LENOVO To be filled by O.E.M.
    Processor: Intel(R) Atom(TM) CPU D525 @ 1.80GHz
    Percentage of memory in use: 72%
    Total physical RAM: 3574.3 MB
    Available physical RAM: 991.3 MB
    Total Virtual: 7146.75 MB
    Available Virtual: 4507.5 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:207.71 GB) (Free:76.38 GB) NTFS

    \\?\Volume{3483576a-cd1c-11e0-98c9-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

    ==================== MBR & Partition Table ====================

    ================================================== ========
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 3EFCE5F8)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=207.7 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

    ==================== End of Addition.txt =======================
    FRST-LA:
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
    Ran by Lenovo (administrator) on LENOVO-PC (LENOVO Lenovo C200) (08-01-2020 08:37:47)
    Running from C:\Users\Lenovo\Downloads
    Loaded Profiles: Lenovo (Available Profiles: Lenovo)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
    (CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
    (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (JME) [File not signed] C:\Program Files (x86)\jmesoft\hotkey.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME) [File not signed]
    HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink -> CyberLink)
    HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink -> CyberLink Corp.)
    HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
    HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink -> CyberLink Corp.) [File not signed]
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
    HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-05-31]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
    Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk [2020-01-08]
    ShortcutAndArgument: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk -> C:\windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN55E2C0V505YR;CONNECTION=USB;MONITOR =1;
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {269F78C3-F9DD-42E6-AF13-32591F7F37E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
    Task: {38488E07-CE03-4C9A-AF22-3FD6B9EEE277} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
    Task: {3F129AF3-454D-490F-9255-9D16D2B8C4AD} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink -> CyberLink)
    Task: {4E3DD643-53BA-4800-AA6A-FE2C92ABEE42} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    Task: {5F9B65B2-C3A3-49B9-9252-7A0ABD48A56C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    Task: {D51540CD-D765-4C14-8EDC-C8B6C6D029BA} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [268976 2015-07-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {EC001549-8FB1-4832-A802-7DFD8EFDA548} - System32\Tasks\{D0DB1240-A910-4AAE-B735-3176AAD0F103} => C:\windows\system32\pcalua.exe -a E:\OFFICE_2007_CZ_E\setup.exe -d E:\OFFICE_2007_CZ_E

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
    Tcpip\..\Interfaces\{5255F0B2-7E5A-4BA8-B19B-583333642B4F}: [DhcpNameServer] 213.46.172.37 213.46.172.36
    Tcpip\..\Interfaces\{D068E402-0F40-42B7-970C-BD4ACC1924C8}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
    HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.msn.com/?PC=UF01
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://badoo.com/startpage/?source=bsb&q={searchTerms}
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    IE Session Restore: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> is enabled.
    DPF: HKLM-x32 {CEF002D2-5A9F-4656-AA41-85DA2534ACBD} hxxps://portal.allianz.cz/dwa85W.cab

    FireFox:
    ========
    FF DefaultProfile: bx1a6fja.default
    FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\bx1a6fja.default [2020-01-02]
    FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\5f1aa1vt.default-release [2020-01-08]
    FF Session Restore: Mozilla\Firefox\Profiles\5f1aa1vt.default-release -> is enabled.
    FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\5f1aa1vt.default-release\Extensions\cs@dictionaries.addons.mozilla. org.xpi [2020-01-02]
    FF Extension: (Avast Online Security) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\5f1aa1vt.default-release\Extensions\wrc@avast.com.xpi [2020-01-03]
    FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
    FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
    FF Plugin HKU\S-1-5-21-3293028386-2514289208-1168274650-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
    R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37616 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [204824 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [274456 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [209552 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [65120 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42736 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [171520 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110320 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83792 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848432 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswSP; C:\windows\System32\drivers\aswSP.sys [460448 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R2 aswStm; C:\windows\System32\drivers\aswStm.sys [236024 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316528 2020-01-02] (AVAST Software s.r.o. -> AVAST Software)
    R3 athr; C:\windows\System32\DRIVERS\athrx.sys [1594368 2010-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
    S3 atikmdag; C:\windows\System32\DRIVERS\atikmdag.sys [5020672 2009-07-13] (Microsoft Windows -> ATI Technologies Inc.)
    R3 clwvd; C:\windows\System32\DRIVERS\clwvd.sys [31088 2011-01-29] (CyberLink -> CyberLink Corporation)
    R3 FEIExpress; C:\windows\System32\DRIVERS\fei62x64.sys [187392 2009-10-02] (Intel Corporation -> Intel Corporation)
    R3 VMC412; C:\windows\System32\Drivers\VMC412.sys [237568 2010-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
    S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ===================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-01-08 08:37 - 2020-01-08 08:39 - 000014273 _____ C:\Users\Lenovo\Downloads\FRST.txt
    2020-01-08 08:36 - 2020-01-08 08:38 - 000000000 ____D C:\FRST
    2020-01-08 08:33 - 2020-01-08 08:33 - 002272256 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
    2020-01-08 08:15 - 2020-01-08 08:16 - 000000000 ____D C:\rsit
    2020-01-08 08:15 - 2020-01-08 08:15 - 000000000 ____D C:\Program Files\trend micro
    2020-01-08 08:13 - 2020-01-08 08:13 - 001222144 _____ C:\Users\Lenovo\Downloads\RSITx64.exe
    2020-01-04 17:18 - 2020-01-04 19:21 - 2249727668 _____ C:\Users\Lenovo\Downloads\Velká.nádhera.-.La.Grande.Bellezza.2013.CZ.Titulky.avi
    2020-01-04 09:56 - 2020-01-04 09:57 - 000001293 _____ C:\Users\Lenovo\Desktop\Aktualizace.lnk
    2020-01-02 19:42 - 2020-01-02 19:42 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\AVAST Software
    2020-01-02 19:42 - 2020-01-02 19:42 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CEF
    2020-01-02 19:41 - 2020-01-08 07:18 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
    2020-01-02 19:41 - 2020-01-02 19:41 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
    2020-01-02 19:41 - 2020-01-02 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2020-01-02 19:40 - 2020-01-02 19:41 - 000848432 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
    2020-01-02 19:40 - 2020-01-02 19:41 - 000460448 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
    2020-01-02 19:40 - 2020-01-02 19:40 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
    2020-01-02 19:40 - 2020-01-02 19:39 - 000355720 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
    2020-01-02 19:40 - 2020-01-02 19:39 - 000316528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
    2020-01-02 19:40 - 2020-01-02 19:39 - 000274456 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
    2020-01-02 19:40 - 2020-01-02 19:39 - 000236024 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
    2020-01-02 19:40 - 2020-01-02 19:39 - 000209552 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
    2020-01-02 19:40 - 2020-01-02 19:39 - 000204824 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
    2020-01-02 19:40 - 2020-01-02 19:39 - 000171520 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
    2020-01-02 19:40 - 2020-01-02 19:39 - 000110320 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
    2020-01-02 19:40 - 2020-01-02 19:39 - 000083792 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
    2020-01-02 19:40 - 2020-01-02 19:39 - 000065120 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
    2020-01-02 19:40 - 2020-01-02 19:39 - 000042736 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
    2020-01-02 19:40 - 2020-01-02 19:39 - 000037616 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
    2020-01-02 19:38 - 2020-01-02 19:38 - 000000000 ____D C:\Program Files\AVAST Software
    2020-01-02 19:34 - 2020-01-02 19:35 - 377174600 _____ (AVAST Software) C:\Users\Lenovo\Downloads\avast_free_antivirus_set up_offline.exe
    2020-01-02 19:06 - 2020-01-02 19:06 - 000002812 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
    2020-01-02 19:05 - 2020-01-02 19:06 - 000000000 ____D C:\Program Files\CCleaner
    2020-01-02 19:05 - 2020-01-02 19:05 - 024578944 _____ (Piriform Software Ltd) C:\Users\Lenovo\Downloads\ccsetup563.exe
    2020-01-02 19:05 - 2020-01-02 19:05 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
    2020-01-02 19:05 - 2020-01-02 19:05 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2020-01-02 19:05 - 2020-01-02 19:05 - 000000782 _____ C:\ProgramData\Desktop\CCleaner.lnk
    2020-01-02 19:05 - 2020-01-02 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2020-01-02 19:03 - 2020-01-02 19:03 - 000000978 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
    2020-01-02 19:03 - 2020-01-02 19:03 - 000000978 _____ C:\ProgramData\Desktop\PDF-Viewer.lnk
    2020-01-02 19:03 - 2020-01-02 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
    2020-01-02 19:03 - 2020-01-02 19:03 - 000000000 ____D C:\Program Files\Tracker Software
    2020-01-02 19:00 - 2020-01-02 19:01 - 018181936 _____ (Tracker Software Products Ltd ) C:\Users\Lenovo\Downloads\PDFXVwer.exe
    2020-01-02 18:59 - 2020-01-02 18:59 - 001447178 _____ (Igor Pavlov) C:\Users\Lenovo\Downloads\7z1900-x64.exe
    2020-01-02 18:59 - 2020-01-02 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2020-01-02 18:59 - 2020-01-02 18:59 - 000000000 ____D C:\Program Files\7-Zip
    2020-01-02 18:57 - 2020-01-03 15:47 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\MPC-HC
    2020-01-02 18:56 - 2020-01-02 18:56 - 000001664 _____ C:\Users\Public\Desktop\Přehrávač.lnk
    2020-01-02 18:56 - 2020-01-02 18:56 - 000001664 _____ C:\ProgramData\Desktop\Přehrávač.lnk
    2020-01-02 18:56 - 2020-01-02 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
    2020-01-02 18:55 - 2020-01-02 18:56 - 000000000 ____D C:\Program Files\MPC-HC
    2020-01-02 18:55 - 2020-01-02 18:55 - 014185472 _____ (MPC-HC Team ) C:\Users\Lenovo\Downloads\MPC-HC.1.7.13.x64.exe
    2020-01-02 18:51 - 2020-01-08 08:37 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
    2020-01-02 18:51 - 2020-01-02 18:51 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2020-01-02 18:51 - 2020-01-02 18:51 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Mozilla
    2020-01-02 18:51 - 2020-01-02 18:51 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Mozilla
    2020-01-02 18:51 - 2020-01-02 18:51 - 000000000 ____D C:\ProgramData\Mozilla
    2020-01-02 18:51 - 2020-01-02 18:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2020-01-02 18:51 - 2020-01-02 18:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2020-01-02 17:46 - 2020-01-02 17:46 - 051782160 _____ (Mozilla) C:\Users\Lenovo\Downloads\Firefox Setup 71.0.exe
    2020-01-02 17:42 - 2020-01-02 17:45 - 004456392 _____ (Microsoft Corporation) C:\Users\Lenovo\Downloads\OdfAddInForOfficeSetup-en_4.0.5309.exe
    2020-01-02 17:37 - 2020-01-02 17:39 - 307423864 _____ (Microsoft Corporation) C:\Users\Lenovo\Downloads\office2007sp2-kb953195-fullfile-cs-cz.exe
    2020-01-02 15:45 - 2020-01-02 15:45 - 000000000 ____D C:\Users\Lenovo\Documents\Youcam
    2020-01-02 15:45 - 2020-01-02 15:45 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CyberLink
    2019-12-31 18:40 - 2019-12-31 21:47 - 3415833587 _____ C:\Users\Lenovo\Downloads\Marie Terezie 3.díl historický Česko 2019.1080p.TvRip.Sk.Cz.67%.STEN.ok.mkv
    2019-12-29 18:19 - 2019-12-29 20:34 - 1488880162 _____ C:\Users\Lenovo\Downloads\Marie Terezie 1 (výpravná koprodukční minisérie ČT) 1080p HEVC.mp4
    2019-12-28 17:44 - 2019-12-28 17:45 - 012254872 _____ C:\Users\Lenovo\Downloads\Nepotvrzeno 606982.crdownload
    2019-12-28 16:22 - 2019-12-28 17:35 - 1336066048 _____ C:\Users\Lenovo\Downloads\Pásla kone na betóne (1982) HD SK.mkv
    2019-12-27 14:17 - 2019-12-27 14:17 - 000143183 _____ C:\Users\Lenovo\Desktop\SZZ germanistika.pdf
    2019-12-25 19:58 - 2019-12-25 21:23 - 1562181309 _____ C:\Users\Lenovo\Downloads\Nepotvrzeno 913749.crdownload
    2019-12-24 17:13 - 2019-12-24 18:33 - 1468666070 _____ C:\Users\Lenovo\Downloads\Final Cut - Dámy a pánové--Final Cut-Hölgyeim és uraim .2012.DVDRip-srt.cz.avi
    2019-12-11 21:35 - 2019-12-06 06:27 - 000492032 _____ (Microsoft Corporation) C:\windows\system32\EOSNotify.exe
    2019-12-11 21:35 - 2019-11-28 04:33 - 000710072 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
    2019-12-11 21:35 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
    2019-12-11 21:35 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
    2019-12-11 21:35 - 2019-11-28 04:32 - 001320248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
    2019-12-11 21:35 - 2019-11-28 04:32 - 000627664 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
    2019-12-11 21:35 - 2019-11-28 04:32 - 000264120 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
    2019-12-11 21:35 - 2019-11-28 04:32 - 000155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
    2019-12-11 21:35 - 2019-11-28 04:32 - 000097208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
    2019-12-11 21:35 - 2019-11-28 04:31 - 005554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
    2019-12-11 21:35 - 2019-11-28 04:31 - 001671504 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
    2019-12-11 21:35 - 2019-11-28 04:29 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
    2019-12-11 21:35 - 2019-11-28 04:29 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
    2019-12-11 21:35 - 2019-11-28 04:29 - 000313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
    2019-12-11 21:35 - 2019-11-28 04:28 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
    2019-12-11 21:35 - 2019-11-28 04:28 - 000405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
    2019-12-11 21:35 - 2019-11-28 03:57 - 003233280 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2019-12-11 21:35 - 2019-11-23 08:48 - 000390752 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2019-12-11 21:35 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2019-12-11 21:35 - 2019-11-21 03:16 - 000580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2019-12-11 21:35 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2019-12-11 21:35 - 2019-11-21 01:48 - 000629984 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
    2019-12-11 21:35 - 2019-11-19 21:56 - 025753088 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2019-12-11 21:35 - 2019-11-19 21:18 - 000797184 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
    2019-12-11 21:35 - 2019-11-19 21:17 - 005500928 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2019-12-11 21:35 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2019-12-11 21:35 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
    2019-12-11 21:35 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2019-12-11 21:35 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
    2019-12-11 21:35 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
    2019-12-11 21:35 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
    2019-12-11 21:35 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
    2019-12-11 21:35 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\icm32.dll
    2019-12-11 21:35 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
    2019-12-11 21:35 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
    2019-12-11 21:35 - 2019-11-15 03:25 - 000385248 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
    2019-12-11 21:35 - 2019-11-15 03:22 - 001574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
    2019-12-11 21:35 - 2019-11-15 03:22 - 000878080 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
    2019-12-11 21:35 - 2019-11-15 03:22 - 000151552 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
    2019-12-11 21:35 - 2019-11-15 03:22 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
    2019-12-11 21:35 - 2019-11-15 03:22 - 000035840 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelineprxy.dll
    2019-12-11 21:35 - 2019-11-15 03:21 - 000623104 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
    2019-12-11 21:35 - 2019-11-15 03:21 - 000250880 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
    2019-12-11 21:35 - 2019-11-15 03:21 - 000101376 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
    2019-12-11 21:35 - 2019-11-15 03:06 - 000748544 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelinesvc.exe
    2019-12-11 21:35 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\WcsPlugInService.dll
    2019-12-11 21:35 - 2019-11-15 02:45 - 000327680 _____ (Microsoft Corporation) C:\windows\system32\services.exe
    2019-12-11 21:35 - 2019-11-05 22:25 - 000162016 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
    2019-12-11 21:35 - 2019-10-26 01:17 - 001717760 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 001211392 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 001010176 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000834048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000275968 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000236032 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 001472512 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 001162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000733184 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000408576 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
    2019-12-11 21:34 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
    2019-12-11 21:34 - 2019-11-28 04:00 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
    2019-12-11 21:34 - 2019-11-28 04:00 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
    2019-12-11 21:34 - 2019-11-28 04:00 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
    2019-12-11 21:34 - 2019-11-28 03:59 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
    2019-12-11 21:34 - 2019-11-28 03:58 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
    2019-12-11 21:34 - 2019-11-28 03:58 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
    2019-12-11 21:34 - 2019-11-28 03:58 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
    2019-12-11 21:34 - 2019-11-28 03:58 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
    2019-12-11 21:34 - 2019-11-28 03:57 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
    2019-12-11 21:34 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
    2019-12-11 21:34 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2019-12-11 21:34 - 2019-11-28 03:56 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
    2019-12-11 21:34 - 2019-11-28 03:56 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
    2019-12-11 21:34 - 2019-11-28 03:53 - 000464384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
    2019-12-11 21:34 - 2019-11-28 03:53 - 000161280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
    2019-12-11 21:34 - 2019-11-28 03:52 - 000406016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
    2019-12-11 21:34 - 2019-11-28 03:52 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
    2019-12-11 21:34 - 2019-11-28 03:52 - 000169984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
    2019-12-11 21:34 - 2019-11-28 03:52 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
    2019-12-11 21:34 - 2019-11-28 03:51 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
    2019-12-11 21:34 - 2019-11-28 03:51 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
    2019-12-11 21:34 - 2019-11-28 03:51 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
    2019-12-11 21:34 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
    2019-12-11 21:34 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
    2019-12-11 21:34 - 2019-11-28 03:51 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
    2019-12-11 21:34 - 2019-11-28 03:51 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
    2019-12-11 21:34 - 2019-11-19 21:44 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
    2019-12-11 21:34 - 2019-11-19 21:44 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
    2019-12-11 21:34 - 2019-11-19 21:31 - 002910720 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2019-12-11 21:34 - 2019-11-19 21:30 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
    2019-12-11 21:34 - 2019-11-19 21:29 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
    2019-12-11 21:34 - 2019-11-19 21:29 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
    2019-12-11 21:34 - 2019-11-19 21:29 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
    2019-12-11 21:34 - 2019-11-19 21:22 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
    2019-12-11 21:34 - 2019-11-19 21:21 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
    2019-12-11 21:34 - 2019-11-19 21:19 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2019-12-11 21:34 - 2019-11-19 21:18 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
    2019-12-11 21:34 - 2019-11-19 21:18 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
    2019-12-11 21:34 - 2019-11-19 21:18 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
    2019-12-11 21:34 - 2019-11-19 21:10 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
    2019-12-11 21:34 - 2019-11-19 21:07 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
    2019-12-11 21:34 - 2019-11-19 21:01 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
    2019-12-11 21:34 - 2019-11-19 21:00 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
    2019-12-11 21:34 - 2019-11-19 21:00 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
    2019-12-11 21:34 - 2019-11-19 20:56 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
    2019-12-11 21:34 - 2019-11-19 20:56 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2019-12-11 21:34 - 2019-11-19 20:54 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2019-12-11 21:34 - 2019-11-19 20:52 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
    2019-12-11 21:34 - 2019-11-19 20:43 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
    2019-12-11 21:34 - 2019-11-19 20:41 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2019-12-11 21:34 - 2019-11-19 20:41 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2019-12-11 21:34 - 2019-11-19 20:39 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2019-12-11 21:34 - 2019-11-19 20:39 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
    2019-12-11 21:34 - 2019-11-19 20:36 - 015445504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2019-12-11 21:34 - 2019-11-19 20:26 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2019-12-11 21:34 - 2019-11-19 20:15 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2019-12-11 21:34 - 2019-11-19 20:04 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2019-12-11 21:34 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
    2019-12-11 21:34 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
    2019-12-11 21:34 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
    2019-12-11 21:34 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
    2019-12-11 21:34 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
    2019-12-11 21:34 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2019-12-11 21:34 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
    2019-12-11 21:34 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
    2019-12-11 21:34 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2019-12-11 21:34 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2019-12-11 21:34 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
    2019-12-11 21:34 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
    2019-12-11 21:34 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
    2019-12-11 21:34 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
    2019-12-11 21:34 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
    2019-12-11 21:34 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
    2019-12-11 21:34 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2019-12-11 21:34 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2019-12-11 21:34 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
    2019-12-11 21:34 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
    2019-12-11 21:34 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2019-12-11 21:34 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2019-12-11 21:34 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
    2019-12-11 21:34 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2019-12-11 21:34 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2019-12-11 21:34 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2019-12-11 21:34 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2019-12-11 21:34 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
    2019-12-11 21:34 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
    2019-12-11 21:34 - 2019-11-15 03:29 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
    2019-12-11 21:34 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
    2019-12-11 21:34 - 2019-11-15 03:22 - 002072576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
    2019-12-11 21:34 - 2019-11-15 03:22 - 000517632 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
    2019-12-11 21:34 - 2019-11-15 03:22 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
    2019-12-11 21:34 - 2019-11-15 03:21 - 000046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
    2019-12-11 21:34 - 2019-11-15 03:21 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
    2019-12-11 21:34 - 2019-11-15 03:21 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
    2019-12-11 21:34 - 2019-11-15 03:21 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
    2019-12-11 21:34 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
    2019-12-11 21:34 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
    2019-12-11 21:32 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
    2019-12-11 21:32 - 2019-11-15 02:48 - 000142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-01-08 08:31 - 2015-07-11 11:05 - 000000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
    2020-01-08 08:18 - 2009-07-14 05:45 - 000020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2020-01-08 08:18 - 2009-07-14 05:45 - 000020688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2020-01-08 07:57 - 2013-09-18 19:07 - 000065536 _____ C:\windows\system32\Ikeext.etl
    2020-01-08 07:57 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
    2020-01-08 07:57 - 2009-07-14 04:20 - 000000000 ____D C:\windows\tracing
    2020-01-05 20:43 - 2011-08-23 01:41 - 000668882 _____ C:\windows\system32\perfh005.dat
    2020-01-05 20:43 - 2011-08-23 01:41 - 000141542 _____ C:\windows\system32\perfc005.dat
    2020-01-05 20:43 - 2009-07-14 06:13 - 001584626 _____ C:\windows\system32\PerfStringBackup.INI
    2020-01-05 20:43 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
    2020-01-02 20:30 - 2017-12-28 18:27 - 000000000 ____D C:\Users\Lenovo\Desktop\Praha
    2020-01-02 19:40 - 2012-01-25 17:41 - 000000000 ____D C:\ProgramData\AVAST Software
    2020-01-02 19:18 - 2011-02-12 20:33 - 000000000 ____D C:\windows\Panther
    2020-01-02 18:11 - 2011-08-23 02:16 - 000000000 ____D C:\ProgramData\Temp
    2020-01-02 17:49 - 2011-08-23 02:26 - 000000000 ____D C:\Program Files (x86)\Google
    2020-01-02 16:57 - 2011-08-23 02:34 - 000000000 ____D C:\Program Files (x86)\Windows Live
    2020-01-02 16:52 - 2011-08-23 02:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2020-01-02 16:39 - 2011-08-23 01:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2020-01-02 16:39 - 2011-08-23 01:16 - 000000000 ____D C:\Program Files (x86)\Lenovo
    2020-01-02 16:38 - 2012-01-02 11:57 - 000000000 ____D C:\ProgramData\Lenovo
    2020-01-02 16:33 - 2011-08-23 02:16 - 000000000 ____D C:\Program Files\Lenovo
    2020-01-02 16:33 - 2011-08-23 01:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
    2020-01-02 16:31 - 2015-11-29 16:16 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\HpUpdate
    2020-01-02 16:31 - 2015-11-29 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2020-01-02 16:31 - 2015-11-29 16:15 - 000000000 ____D C:\Program Files (x86)\HP
    2020-01-02 15:51 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2020-01-02 15:40 - 2012-01-02 11:52 - 000002004 _____ C:\Users\Lenovo\Desktop\Lenovo Power2Go.lnk
    2020-01-02 15:24 - 2015-01-31 16:35 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\BSplayer
    2020-01-02 15:24 - 2015-01-31 16:35 - 000000000 ____D C:\Program Files (x86)\Webteh
    2020-01-01 18:58 - 2013-06-10 15:05 - 000000000 ____D C:\Users\Lenovo\Desktop\Tereza
    2019-12-31 12:22 - 2011-08-23 02:28 - 000000000 ____D C:\Program Files\Google
    2019-12-29 18:06 - 2012-09-10 10:28 - 000000000 ____D C:\windows\Minidump
    2019-12-26 18:40 - 2018-10-26 18:19 - 000000000 ____D C:\Users\Lenovo\Desktop\Němčina
    2019-12-12 19:18 - 2009-07-14 04:20 - 000000000 ____D C:\windows\rescache
    2019-12-12 10:30 - 2009-07-14 05:45 - 000414720 _____ C:\windows\system32\FNTCACHE.DAT
    2019-12-11 23:35 - 2014-02-26 14:46 - 001559340 _____ C:\windows\SysWOW64\PerfStringBackup.INI
    2019-12-11 07:43 - 2013-08-15 12:22 - 000000000 ____D C:\windows\system32\MRT
    2019-12-11 07:43 - 2012-01-02 12:26 - 129221664 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe

    ==================== Files in the root of some directories ========

    2011-08-23 02:16 - 2011-08-23 02:16 - 001914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
    2013-10-07 12:36 - 2013-12-08 19:55 - 000004608 _____ () C:\Users\Lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)


    LastRegBack: 2019-12-29 14:30
    ==================== End of FRST.txt ========================
    RSITinfoLA:
    info.txt logfile of random's system information tool 1.10 2020-01-08 08:16:03

    ======MBR======

    0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450 681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2 F1CD1888560055C6461105C6461000B441BBAA55CD135D720F 81FB55AA7509F7C101007403FE46106660807E100074266668 0000000066FF760868000068007C680100681000B4428A5600 8BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E 028A6E03CD136661731CFE4E11750C807E00800F848A00B280 EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E8 8D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E875 00FBB800BBCD1A6623C0753B6681FB54435041753281F90201 722C666807BB00006668000200006668080000006653665366 556668000000006668007C0000666168000007CD1A5A32F6EA 007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078B F0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB0024 02E0F82402C3496E76616C696420706172746974696F6E2074 61626C65004572726F72206C6F6164696E67206F7065726174 696E672073797374656D004D697373696E67206F7065726174 696E672073797374656D000000637B9AF8E5FC3E0000802021 0007DF130C000800000020030000DF140C07FEFFFF00280300 00D8F61900FEFFFF12FEFFFF0000FA19705922030000000000 000000000000000000000055AA

    ======Uninstall list======

    -->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
    -->MsiExec.exe /I{71B7840D-BB4D-409C-87A2-9EFD10BC0C3D}
    7-Zip 19.00 (x64)-->C:\Program Files\7-Zip\Uninstall.exe
    Adobe Flash Player 18 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_18 _0_0_203_ActiveX.exe -maintain activex
    Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\setup\Instup.exe /control_panel
    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Intel(R) Graphics Media Accelerator Driver-->C:\windows\SysWOW64\igxpun.exe -uninstall
    Intel(R) Network Connections 14.8.43.0-->MsiExec.exe /i{11107A2A-AD44-4BC8-ABB5-E88E63BCA785} ARPREMOVE=1
    Intel(R) Network Connections 14.8.43.0-->MsiExec.exe /i{11107A2A-AD44-4BC8-ABB5-E88E63BCA785} ARPREMOVE=1
    KA15-->MsiExec.exe /I{8390FC2E-0351-4A83-BA6C-7AF436BC3484}
    Lenovo Driver and Application Installation-->C:\Program Files (x86)\InstallShield Installation Information\{45970CD1-D599-47D4-938F-3E9800D54ED1}\setup.exe -runfromtemp -removeonly
    Lenovo Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" /z-uninstall
    Lenovo Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" /z-uninstall
    Lenovo Rescue System-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
    Lenovo Rescue System-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
    Lenovo USB2.0 UVC Camera-->C:\Program Files (x86)\InstallShield Installation Information\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}\Setup.exe -runfromtemp -l0x0009 -removeonly
    Lenovo YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    Lenovo YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    Lenovo_Wireless_Driver-->C:\Program Files (x86)\InstallShield Installation Information\{28ABE740-47F3-441B-9437-852F6A64EFF8}\Setup.exe -runfromtemp -l0x0009 -removeonly
    LXH-JME2207FN Hotkey Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{42B21298-C850-4272-AFD9-636CBC005421}\setup.exe" -l0x9 -removeonly
    Microsoft .NET Framework 4.7.2 (CSY)-->MsiExec.exe /X{F4C44834-E4FA-3DA9-B999-A30EC54E95B0}
    Microsoft .NET Framework 4.7.2 (čeština)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
    Microsoft .NET Framework 4.7.2-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\\Setup.exe /repair /x86 /x64
    Microsoft .NET Framework 4.7.2-->MsiExec.exe /X{09CCBE8E-B964-30EF-AE84-6537AB4197F9}
    Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
    Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
    Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
    Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
    Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
    Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
    Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
    Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
    Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411-->MsiExec.exe /X{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Mozilla Firefox 71.0 (x64 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
    Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
    MPC-HC 1.7.13 (64-bit)-->"C:\Program Files\MPC-HC\unins000.exe"
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
    PDF-Viewer-->"C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
    Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Setup.exe" -runfromtemp -removeonly
    Skype Click to Call-->MsiExec.exe /I{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}
    Skype™ 7.6-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
    Software602 Form Filler-->MsiExec.exe /X{51C3B2AE-0127-45CC-B10F-6AD308AC6AFE}
    Spooky2-->"C:\Spooky2\Spooky2_Setup_01122015_17910.exe"
    Update for Microsoft .NET Framework 4.7.2 (KB4087364)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {47522EA0-1EBC-3662-97CC-B18525AE978B}
    Update for Microsoft .NET Framework 4.7.2 (KB4457016)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {7F832E01-7D03-3152-AF33-096F6540C20F}
    Update for Microsoft .NET Framework 4.7.2 (KB4457035)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {CEE50C8E-F11C-390D-9289-47C47B7DEEF7}
    Update for Microsoft .NET Framework 4.7.2 (KB4459942)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {8BAAC1B0-F0D6-307B-A896-A8C477A11570}
    Update for Microsoft .NET Framework 4.7.2 (KB4470640)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {14050810-1A36-3D3B-A9F9-E1C5D6E6DCD0}
    Update for Microsoft .NET Framework 4.7.2 (KB4480055)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {161E4659-045E-3B5A-B2AB-E6D72CDF1CE7}
    Update for Microsoft .NET Framework 4.7.2 (KB4483451)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {848DCF02-4F9E-3ADB-8E03-A895A0A7AD3D}
    Update for Microsoft .NET Framework 4.7.2 (KB4495588)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {0B4440C5-8D3A-3A74-B1B0-BC4F8927746D}
    Update for Microsoft .NET Framework 4.7.2 (KB4506997)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {B89F28D7-403B-3FB8-A37B-B371F36AAF49}
    Update for Microsoft .NET Framework 4.7.2 (KB4511516)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {DBEC8235-38BE-3595-8CC7-BEF21A37F3B8}
    Update for Microsoft .NET Framework 4.7.2 (KB4515854)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {B64A7579-28D7-3540-9144-9977587718DA}
    Update for Microsoft .NET Framework 4.7.2 (KB4533012)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\v4.7.03062\setup.exe /uninstallpatch {ABD26387-2CBE-3AA1-BBAF-CBEC44EBB3EC}
    Základní software zařízení HP Deskjet 1510 series-->MsiExec.exe /I{BF7E34C1-4669-46ED-A8DA-244125F41B89}

    ======System event log======

    Computer Name: Lenovo-PC
    Event Code: 1014
    Message: Překlad názvu teredo.ipv6.microsoft.com nebyl v požadované době dokončen. Žádný z nakonfigurovaných serverů DNS neodpověděl.
    Record Number: 321902
    Source Name: Microsoft-Windows-DNS-Client
    Time Written: 20180325203741.369627-000
    Event Type: Upozornění
    User: NT AUTHORITY\NETWORK SERVICE

    Computer Name: Lenovo-PC
    Event Code: 7036
    Message: Stav služby Podpora rozhraní NetBIOS nad protokolem TCP/IP byl změněn na: Zastaveno
    Record Number: 321901
    Source Name: Service Control Manager
    Time Written: 20180325203731.062098-000
    Event Type: Informace
    User:

    Computer Name: Lenovo-PC
    Event Code: 7042
    Message: Službě Podpora rozhraní NetBIOS nad protokolem TCP/IP byl úspěšně odeslán ovládací prvek Zastaveno.

    Byl zadán důvod: 0x40030011 [Operační systém: Připojení k síti (Plánováno)]

    Komentář: Žádné
    Record Number: 321900
    Source Name: Service Control Manager
    Time Written: 20180325203731.062098-000
    Event Type: Informace
    User: NT AUTHORITY\SYSTEM

    Computer Name: Lenovo-PC
    Event Code: 7036
    Message: Stav služby Podpora rozhraní NetBIOS nad protokolem TCP/IP byl změněn na: Spuštěno
    Record Number: 321899
    Source Name: Service Control Manager
    Time Written: 20180325203729.065295-000
    Event Type: Informace
    User:

    Computer Name: Lenovo-PC
    Event Code: 7036
    Message: Stav služby Podpora rozhraní NetBIOS nad protokolem TCP/IP byl změněn na: Zastaveno
    Record Number: 321898
    Source Name: Service Control Manager
    Time Written: 20180325203722.055882-000
    Event Type: Informace
    User:

    =====Application event log=====

    Computer Name: Lenovo-PC
    Event Code: 6000
    Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
    Record Number: 44542
    Source Name: Microsoft-Windows-Winlogon
    Time Written: 20151026222119.000000-000
    Event Type: Informace
    User:

    Computer Name: Lenovo-PC
    Event Code: 9009
    Message: Správce oken plochy byl ukončen s kódem (0x40010004).
    Record Number: 44541
    Source Name: Desktop Window Manager
    Time Written: 20151026222119.000000-000
    Event Type: Informace
    User:

    Computer Name: Lenovo-PC
    Event Code: 903
    Message: Služba Ochrana softwaru byla ukončena.

    Record Number: 44540
    Source Name: Microsoft-Windows-Security-SPP
    Time Written: 20151026221549.000000-000
    Event Type: Informace
    User:

    Computer Name: Lenovo-PC
    Event Code: 902
    Message: Služba Ochrana softwaru byla spuštěna.
    6.1.7601.17514
    Record Number: 44539
    Source Name: Microsoft-Windows-Security-SPP
    Time Written: 20151026221036.000000-000
    Event Type: Informace
    User:

    Computer Name: Lenovo-PC
    Event Code: 1003
    Message: Služba Ochrana softwaru dokončila kontrolu stavu licencování.
    ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
    Stav licencování=
    1: 01f5fc37-a99e-45c5-b65e-d762f3518ead, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    2: 2e7d060d-4714-40f2-9896-1e4f15b612ad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    3: 3b965dfc-31d9-4903-886f-873a0382776c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    4: 586bc076-c93d-429a-afe5-a69fbc644e88, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    5: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    6: 5e35dc43-389b-47c5-b889-2088b06738cb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    7: 6a7d5d8a-92af-4e6a-af4b-8fddaec800e5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    8: 9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    9: 9f83d90f-a151-4665-ae69-30b3f63ec659, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    10: a63275f4-530c-48a7-b0d3-4f00d688d151, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    11: b8a4bb91-69b1-460d-93f8-40e0670af04a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    12: d2c04e90-c3dd-4260-b0f3-f845f5d27d64, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
    13: e68b141f-4dfa-4387-b3b7-e65c4889216e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    14: ee4e1629-bcdc-4b42-a68f-b92e135f78d7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
    16: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]


    Record Number: 44538
    Source Name: Microsoft-Windows-Security-SPP
    Time Written: 20151026221036.000000-000
    Event Type: Informace
    User:

    =====Security event log=====

    Computer Name: Lenovo-PC
    Event Code: 5061
    Message: Kryptografická operace.

    Předmět:
    ID zabezpečení: S-1-5-19
    Název účtu: LOCAL SERVICE
    Doména účtu: NT AUTHORITY
    ID přihlášení: 0x3e5

    Kryptografické parametry:
    Název poskytovatele: Microsoft Software Key Storage Provider
    Název algoritmu: RSA
    Název klíče: 3300ee0a-c15f-4c02-89f0-a623295c4cf3
    Typ klíče: Klíč počítače

    Kryptografická operace:
    Operace: Otevřít klíč
    Návratový kód: 0x0
    Record Number: 112296
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20180218142147.877993-000
    Event Type: Úspěšný audit
    User:

    Computer Name: Lenovo-PC
    Event Code: 5058
    Message: Operace se souborem klíče.

    Předmět:
    ID zabezpečení: S-1-5-19
    Název účtu: LOCAL SERVICE
    Doména účtu: NT AUTHORITY
    ID přihlášení: 0x3e5

    Kryptografické parametry:
    Název poskytovatele: Microsoft Software Key Storage Provider
    Název algoritmu: Není k dispozici.
    Název klíče: 3300ee0a-c15f-4c02-89f0-a623295c4cf3
    Typ klíče: Klíč počítače

    Informace o operaci se souborem klíče:
    Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\17 50d0a699c93cb80af230de3c081a73_724a0d88-8acf-44fc-b5e9-697ef4a39c9b
    Operace: Čtení trvalého klíče ze souboru
    Návratový kód: 0x0
    Record Number: 112295
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20180218142147.876993-000
    Event Type: Úspěšný audit
    User:

    Computer Name: Lenovo-PC
    Event Code: 5061
    Message: Kryptografická operace.

    Předmět:
    ID zabezpečení: S-1-5-19
    Název účtu: LOCAL SERVICE
    Doména účtu: NT AUTHORITY
    ID přihlášení: 0x3e5

    Kryptografické parametry:
    Název poskytovatele: Microsoft Software Key Storage Provider
    Název algoritmu: RSA
    Název klíče: 3300ee0a-c15f-4c02-89f0-a623295c4cf3
    Typ klíče: Klíč počítače

    Kryptografická operace:
    Operace: Otevřít klíč
    Návratový kód: 0x0
    Record Number: 112294
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20180218105846.187188-000
    Event Type: Úspěšný audit
    User:

    Computer Name: Lenovo-PC
    Event Code: 5058
    Message: Operace se souborem klíče.

    Předmět:
    ID zabezpečení: S-1-5-19
    Název účtu: LOCAL SERVICE
    Doména účtu: NT AUTHORITY
    ID přihlášení: 0x3e5

    Kryptografické parametry:
    Název poskytovatele: Microsoft Software Key Storage Provider
    Název algoritmu: Není k dispozici.
    Název klíče: 3300ee0a-c15f-4c02-89f0-a623295c4cf3
    Typ klíče: Klíč počítače

    Informace o operaci se souborem klíče:
    Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\17 50d0a699c93cb80af230de3c081a73_724a0d88-8acf-44fc-b5e9-697ef4a39c9b
    Operace: Čtení trvalého klíče ze souboru
    Návratový kód: 0x0
    Record Number: 112293
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20180218105846.187188-000
    Event Type: Úspěšný audit
    User:

    Computer Name: Lenovo-PC
    Event Code: 5061
    Message: Kryptografická operace.

    Předmět:
    ID zabezpečení: S-1-5-18
    Název účtu: LENOVO-PC$
    Doména účtu: WORKGROUP
    ID přihlášení: 0x3e7

    Kryptografické parametry:
    Název poskytovatele: Microsoft Software Key Storage Provider
    Název algoritmu: RSA
    Název klíče: {CE3F5564-F125-42E1-B8DB-F87270F9561D}
    Typ klíče: Klíč počítače

    Kryptografická operace:
    Operace: Otevřít klíč
    Návratový kód: 0x0
    Record Number: 112292
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20180218105840.729976-000
    Event Type: Úspěšný audit
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemR oot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPo werShell\v1.0\;C:\Program Files\Intel\DMIX;C:\Program Files (x86)\Skype\Phone\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;. WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=AMD64
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PSModulePath"=%SystemRoot%\system32\WindowsPowerS hell\v1.0\Modules\
    "NUMBER_OF_PROCESSORS"=4
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 28 Stepping 10, GenuineIntel
    "PROCESSOR_REVISION"=1c0a
    "windows_tracing_logfile"=C:\BVTBin\Tests\installp ackage\csilogfile.log
    "windows_tracing_flags"=3

    -----------------EOF-----------------
    RSITlogLA:
    Logfile of random's system information tool 1.10 (written by random/random)
    Run by Lenovo at 2020-01-08 08:15:43
    Microsoft Windows 7 Home Premium Service Pack 1
    System drive C: has 79 GB (37%) free of 213 GB
    Total RAM: 3574 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:15:53, on 8.1.2020
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.19572)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\jmesoft\hotkey.exe
    C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
    C:\Program Files\trend micro\Lenovo.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/?PC=UF01
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
    O4 - HKLM\..\Run: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe " "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
    O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk = ?
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
    O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
    O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: *.allianz.cz
    O15 - Trusted Zone: http://*.mcafee.com
    O16 - DPF: {CEF002D2-5A9F-4656-AA41-85DA2534ACBD} (IBM Lotus iNotes 8.5 Control) - https://portal.allianz.cz/dwa85W.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
    O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
    O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 7628 bytes

    ======Listing Processes======



    \SystemRoot\System32\smss.exe
    %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
    wininit.exe
    %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
    C:\windows\system32\services.exe
    winlogon.exe
    C:\windows\system32\lsass.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k NetworkService
    "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
    "C:\windows\system32\Dwm.exe"
    C:\windows\Explorer.EXE
    C:\windows\System32\spoolsv.exe
    taskeng.exe {D7886A84-45EA-4AFD-A810-F2F45E31065C}
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    "taskhost.exe"
    C:\windows\System32\lpksetup.exe -v
    "C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
    C:\windows\System32\svchost.exe -k utcsvc
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\system32\igfxsrvc.exe -Embedding
    "C:\Windows\System32\hkcmd.exe"
    "C:\Windows\System32\igfxpers.exe"
    "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
    AvastUI.exe /nogui
    "C:\windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN55E2C0V505YR;CONNECTION=USB;MONITOR =1;
    C:\windows\system32\SearchIndexer.exe /Embedding
    "C:\Program Files (x86)\jmesoft\hotkey.exe"
    "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
    "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
    "C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
    C:\windows\system32\wbem\unsecapp.exe -Embedding
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    "C:\Program Files\Windows Media Player\wmpnetwk.exe"
    "C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=3264,9265552714679057250,931126904765145401 7,131072 --no-sandbox --log-file="C:\Users\Lenovo\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (19.8.2393)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAA MAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAA AAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAA AAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAG AAAA --use-gl=swiftshader-webgl --service-request-channel-token=4779970278650876446 --mojo-platform-channel-handle=3228 /prefetch:2
    C:\windows\system32\sppsvc.exe

    "C:\Users\Lenovo\Downloads\RSITx64.exe"
    C:\windows\system32\wbem\wmiprvse.exe

    ======Scheduled tasks folder======

    C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe

    =========Mozilla firefox=========

    ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Pr ofiles\5f1aa1vt.default-release

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlu gins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
    "Description"=
    "Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlu gins\@microsoft.com/GENUINE]
    "Description"=
    "Path"=disabled

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlu gins\@microsoft.com/WLPG,version=15.4.3502.0922]
    "Description"=WLPG Install MIME type
    "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlu gins\@software602.cz/602XML Filler]
    "Description"=602XML Filler Plugin
    "Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll


    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
    "Description"=
    "Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@micros oft.com/GENUINE]
    "Description"=
    "Path"=disabled


    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\ Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL [2006-10-26 2210608]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
    "IgfxTray"=C:\windows\system32\igfxtray.exe [2010-04-22 165912]
    "HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-04-22 385560]
    "Persistence"=C:\windows\system32\igfxpers.exe [2010-04-22 364056]
    "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-10-30 11543656]
    "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-01-02 268680]

    [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\ Windows\CurrentVersion\Run]
    "jmekey"=C:\Program Files (x86)\jmesoft\hotkey.exe [2009-07-16 114688]
    "CLMLServer"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [2009-12-05 103720]
    "UpdateP2GoShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
    "YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
    "YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
    "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

    C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup
    Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - C:\windows\system32\RunDll32.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\windows\system32\igfxdev.dll [2010-04-19 261120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\ Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office12\GR469 A~1.DLL [2006-10-26 2210608]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
    "SecurityProviders"=credssp.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MCODS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\AFD]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\MCODS]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "ConsentPromptBehaviorUser"=3
    "EnableUIADesktopToggle"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "SoftwareSASGeneration"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer]
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer]
    "NoActiveDesktop"=1
    "NoActiveDesktopChanges"=1
    "ForceActiveDesktopOn"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
    "vidc.mrle"=msrle32.dll
    "vidc.msvc"=msvidc32.dll
    "msacm.imaadpcm"=imaadp32.acm
    "msacm.msg711"=msg711.acm
    "msacm.msgsm610"=msgsm32.acm
    "msacm.msadpcm"=msadp32.acm
    "midimapper"=midimap.dll
    "wavemapper"=msacm32.drv
    "VIDC.UYVY"=msyuv.dll
    "VIDC.YUY2"=msyuv.dll
    "VIDC.YVYU"=msyuv.dll
    "VIDC.IYUV"=iyuv_32.dll
    "vidc.i420"=iyuv_32.dll
    "VIDC.YVU9"=tsbyuv.dll
    "msacm.l3acm"=C:\Windows\System32\l3codeca.acm
    "wave1"=wdmaud.drv
    "midi1"=wdmaud.drv
    "mixer1"=wdmaud.drv
    "aux1"=wdmaud.drv
    "MSVideo8"=VfWWDM32.dll
    "wave"=wdmaud.drv
    "midi"=wdmaud.drv
    "mixer"=wdmaud.drv
    "aux"=wdmaud.drv

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 3 months======

    2020-01-08 08:15:43 ----D---- C:\rsit
    2020-01-08 08:15:43 ----D---- C:\Program Files\trend micro
    2020-01-02 19:42:54 ----D---- C:\Users\Lenovo\AppData\Roaming\AVAST Software
    2020-01-02 19:40:41 ----A---- C:\windows\system32\aswBoot.exe
    2020-01-02 19:40:37 ----A---- C:\windows\system32\drivers\aswVmm.sys
    2020-01-02 19:40:37 ----A---- C:\windows\system32\drivers\aswStm.sys
    2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswSP.sys
    2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswSnx.sys
    2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswRvrt.sys
    2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswRdr2.sys
    2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
    2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswKbd.sys
    2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswbuniv.sys
    2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswArPot.sys
    2020-01-02 19:40:36 ----A---- C:\windows\system32\drivers\aswArDisk.sys
    2020-01-02 19:40:35 ----D---- C:\Program Files\Common Files\AVAST Software
    2020-01-02 19:40:35 ----A---- C:\windows\system32\drivers\aswbidsh.sys
    2020-01-02 19:40:35 ----A---- C:\windows\system32\drivers\aswbidsdriver.sys
    2020-01-02 19:38:10 ----D---- C:\Program Files\AVAST Software
    2020-01-02 19:05:48 ----D---- C:\Program Files\CCleaner
    2020-01-02 19:03:04 ----D---- C:\Program Files\Tracker Software
    2020-01-02 18:59:38 ----D---- C:\Program Files\7-Zip
    2020-01-02 18:57:03 ----D---- C:\Users\Lenovo\AppData\Roaming\MPC-HC
    2020-01-02 18:55:59 ----D---- C:\Program Files\MPC-HC
    2020-01-02 18:51:31 ----D---- C:\Users\Lenovo\AppData\Roaming\Mozilla
    2020-01-02 18:51:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
    2020-01-02 18:51:14 ----D---- C:\ProgramData\Mozilla
    2020-01-02 18:51:10 ----D---- C:\Program Files\Mozilla Firefox
    2020-01-02 15:46:27 ----SHD---- C:\Config.Msi
    2019-12-11 21:35:14 ----A---- C:\windows\SYSWOW64\mshtml.dll
    2019-12-11 21:35:11 ----A---- C:\windows\system32\win32k.sys
    2019-12-11 21:35:11 ----A---- C:\windows\system32\printfilterpipelinesvc.exe
    2019-12-11 21:35:11 ----A---- C:\windows\system32\printfilterpipelineprxy.dll
    2019-12-11 21:35:11 ----A---- C:\windows\system32\appraiser.dll
    2019-12-11 21:35:10 ----A---- C:\windows\SYSWOW64\vbscript.dll
    2019-12-11 21:35:10 ----A---- C:\windows\SYSWOW64\quartz.dll
    2019-12-11 21:35:10 ----A---- C:\windows\system32\quartz.dll
    2019-12-11 21:35:10 ----A---- C:\windows\system32\EOSNotify.exe
    2019-12-11 21:35:09 ----A---- C:\windows\SYSWOW64\oleaut32.dll
    2019-12-11 21:35:09 ----A---- C:\windows\SYSWOW64\mscms.dll
    2019-12-11 21:35:09 ----A---- C:\windows\system32\winload.exe
    2019-12-11 21:35:09 ----A---- C:\windows\system32\vbscript.dll
    2019-12-11 21:35:09 ----A---- C:\windows\system32\t2embed.dll
    2019-12-11 21:35:09 ----A---- C:\windows\system32\mshtml.dll
    2019-12-11 21:35:09 ----A---- C:\windows\system32\mscms.dll
    2019-12-11 21:35:09 ----A---- C:\windows\system32\fontsub.dll
    2019-12-11 21:35:06 ----A---- C:\windows\SYSWOW64\icm32.dll
    2019-12-11 21:35:06 ----A---- C:\windows\system32\oleaut32.dll
    2019-12-11 21:35:05 ----A---- C:\windows\SYSWOW64\t2embed.dll
    2019-12-11 21:35:05 ----A---- C:\windows\SYSWOW64\gdi32.dll
    2019-12-11 21:35:05 ----A---- C:\windows\system32\wow64win.dll
    2019-12-11 21:35:05 ----A---- C:\windows\system32\WcsPlugInService.dll
    2019-12-11 21:35:05 ----A---- C:\windows\system32\services.exe
    2019-12-11 21:35:05 ----A---- C:\windows\system32\jscript.dll
    2019-12-11 21:35:05 ----A---- C:\windows\system32\icm32.dll
    2019-12-11 21:35:05 ----A---- C:\windows\system32\gdi32.dll
    2019-12-11 21:35:04 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
    2019-12-11 21:35:04 ----A---- C:\windows\system32\ntoskrnl.exe
    2019-12-11 21:35:04 ----A---- C:\windows\system32\ntdll.dll
    2019-12-11 21:35:03 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
    2019-12-11 21:35:03 ----A---- C:\windows\SYSWOW64\fontsub.dll
    2019-12-11 21:35:03 ----A---- C:\windows\system32\hal.dll
    2019-12-11 21:35:03 ----A---- C:\windows\system32\drivers\ksecpkg.sys
    2019-12-11 21:35:03 ----A---- C:\windows\system32\drivers\ksecdd.sys
    2019-12-11 21:35:02 ----A---- C:\windows\SYSWOW64\WcsPlugInService.dll
    2019-12-11 21:35:02 ----A---- C:\windows\SYSWOW64\ntdll.dll
    2019-12-11 21:35:02 ----A---- C:\windows\SYSWOW64\jscript9.dll
    2019-12-11 21:35:02 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
    2019-12-11 21:35:02 ----A---- C:\windows\SYSWOW64\atmfd.dll
    2019-12-11 21:35:02 ----A---- C:\windows\system32\iedkcs32.dll
    2019-12-11 21:35:02 ----A---- C:\windows\system32\CompatTelRunner.exe
    2019-12-11 21:35:02 ----A---- C:\windows\system32\atmfd.dll
    2019-12-11 21:35:00 ----A---- C:\windows\SYSWOW64\jscript.dll
    2019-12-11 21:35:00 ----A---- C:\windows\SYSWOW64\certcli.dll
    2019-12-11 21:35:00 ----A---- C:\windows\system32\jscript9.dll
    2019-12-11 21:35:00 ----A---- C:\windows\system32\certcli.dll
    2019-12-11 21:34:59 ----A---- C:\windows\system32\wininet.dll
    2019-12-11 21:34:59 ----A---- C:\windows\system32\mshtmlmedia.dll
    2019-12-11 21:34:59 ----A---- C:\windows\system32\ieframe.dll
    2019-12-11 21:34:57 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
    2019-12-11 21:34:57 ----A---- C:\windows\SYSWOW64\ieframe.dll
    2019-12-11 21:34:57 ----A---- C:\windows\system32\urlmon.dll
    2019-12-11 21:34:56 ----A---- C:\windows\SYSWOW64\wininet.dll
    2019-12-11 21:34:55 ----A---- C:\windows\SYSWOW64\urlmon.dll
    2019-12-11 21:34:55 ----A---- C:\windows\system32\msfeeds.dll
    2019-12-11 21:34:55 ----A---- C:\windows\system32\iertutil.dll
    2019-12-11 21:34:54 ----A---- C:\windows\SYSWOW64\msfeeds.dll
    2019-12-11 21:34:54 ----A---- C:\windows\SYSWOW64\iertutil.dll
    2019-12-11 21:34:54 ----A---- C:\windows\system32\rpcrt4.dll
    2019-12-11 21:34:54 ----A---- C:\windows\system32\ole32.dll
    2019-12-11 21:34:53 ----A---- C:\windows\system32\ieui.dll
    2019-12-11 21:34:53 ----A---- C:\windows\system32\ieapfltr.dll
    2019-12-11 21:34:53 ----A---- C:\windows\system32\drivers\srvnet.sys
    2019-12-11 21:34:53 ----A---- C:\windows\system32\drivers\srv.sys
    2019-12-11 21:34:52 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
    2019-12-11 21:34:52 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
    2019-12-11 21:34:52 ----A---- C:\windows\system32\webcheck.dll
    2019-12-11 21:34:52 ----A---- C:\windows\system32\msrating.dll
    2019-12-11 21:34:52 ----A---- C:\windows\system32\mshtmled.dll
    2019-12-11 21:34:52 ----A---- C:\windows\system32\lsasrv.dll
    2019-12-11 21:34:52 ----A---- C:\windows\system32\dxtrans.dll
    2019-12-11 21:34:52 ----A---- C:\windows\system32\dxtmsft.dll
    2019-12-11 21:34:52 ----A---- C:\windows\system32\drivers\videoprt.sys
    2019-12-11 21:34:51 ----A---- C:\windows\system32\occache.dll
    2019-12-11 21:34:51 ----A---- C:\windows\system32\kerberos.dll
    2019-12-11 21:34:51 ----A---- C:\windows\system32\jscript9diag.dll
    2019-12-11 21:34:51 ----A---- C:\windows\system32\drivers\mrxsmb.sys
    2019-12-11 21:34:50 ----A---- C:\windows\SYSWOW64\webcheck.dll
    2019-12-11 21:34:50 ----A---- C:\windows\SYSWOW64\ieui.dll
    2019-12-11 21:34:50 ----A---- C:\windows\system32\user32.dll
    2019-12-11 21:34:50 ----A---- C:\windows\system32\advapi32.dll
    2019-12-11 21:34:49 ----A---- C:\windows\SYSWOW64\ole32.dll
    2019-12-11 21:34:49 ----A---- C:\windows\system32\smss.exe
    2019-12-11 21:34:48 ----A---- C:\windows\SYSWOW64\user32.dll
    2019-12-11 21:34:48 ----A---- C:\windows\SYSWOW64\dxtrans.dll
    2019-12-11 21:34:48 ----A---- C:\windows\system32\rpcss.dll
    2019-12-11 21:34:48 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
    2019-12-11 21:34:48 ----A---- C:\windows\system32\kernel32.dll
    2019-12-11 21:34:48 ----A---- C:\windows\system32\jsproxy.dll
    2019-12-11 21:34:47 ----A---- C:\windows\SYSWOW64\mshtmled.dll
    2019-12-11 21:34:47 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
    2019-12-11 21:34:47 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
    2019-12-11 21:34:47 ----A---- C:\windows\system32\drivers\srv2.sys
    2019-12-11 21:34:46 ----A---- C:\windows\SYSWOW64\occache.dll
    2019-12-11 21:34:46 ----A---- C:\windows\SYSWOW64\msrating.dll
    2019-12-11 21:34:46 ----A---- C:\windows\SYSWOW64\jsproxy.dll
    2019-12-11 21:34:46 ----A---- C:\windows\system32\srvsvc.dll
    2019-12-11 21:34:46 ----A---- C:\windows\system32\schannel.dll
    2019-12-11 21:34:46 ----A---- C:\windows\system32\msv1_0.dll
    2019-12-11 21:34:46 ----A---- C:\windows\system32\MshtmlDac.dll
    2019-12-11 21:34:46 ----A---- C:\windows\system32\inseng.dll
    2019-12-11 21:34:46 ----A---- C:\windows\system32\ieUnatt.exe
    2019-12-11 21:34:46 ----A---- C:\windows\system32\ieetwproxystub.dll
    2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\sspicli.dll
    2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\kerberos.dll
    2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\inseng.dll
    2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
    2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
    2019-12-11 21:34:45 ----A---- C:\windows\SYSWOW64\advapi32.dll
    2019-12-11 21:34:45 ----A---- C:\windows\system32\winsrv.dll
    2019-12-11 21:34:45 ----A---- C:\windows\system32\ncrypt.dll
    2019-12-11 21:34:45 ----A---- C:\windows\system32\KernelBase.dll
    2019-12-11 21:34:45 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
    2019-12-11 21:34:45 ----A---- C:\windows\system32\iesetup.dll
    2019-12-11 21:34:45 ----A---- C:\windows\system32\ie4uinit.exe
    2019-12-11 21:34:45 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
    2019-12-11 21:34:44 ----A---- C:\windows\SYSWOW64\msv1_0.dll
    2019-12-11 21:34:44 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
    2019-12-11 21:34:44 ----A---- C:\windows\SYSWOW64\KernelBase.dll
    2019-12-11 21:34:44 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
    2019-12-11 21:34:44 ----A---- C:\windows\SYSWOW64\iesetup.dll
    2019-12-11 21:34:44 ----A---- C:\windows\system32\wow64.dll
    2019-12-11 21:34:44 ----A---- C:\windows\system32\wdigest.dll
    2019-12-11 21:34:44 ----A---- C:\windows\system32\TSpkg.dll
    2019-12-11 21:34:44 ----A---- C:\windows\system32\sspicli.dll
    2019-12-11 21:34:44 ----A---- C:\windows\system32\srcore.dll
    2019-12-11 21:34:44 ----A---- C:\windows\system32\rpchttp.dll
    2019-12-11 21:34:44 ----A---- C:\windows\system32\iernonce.dll
    2019-12-11 21:34:44 ----A---- C:\windows\system32\ieetwcollector.exe
    2019-12-11 21:34:44 ----A---- C:\windows\system32\conhost.exe
    2019-12-11 21:34:44 ----A---- C:\windows\system32\bcrypt.dll
    2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\wdigest.dll
    2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\TSpkg.dll
    2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\schannel.dll
    2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\rpchttp.dll
    2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\ncrypt.dll
    2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\iernonce.dll
    2019-12-11 21:34:43 ----A---- C:\windows\SYSWOW64\bcrypt.dll
    2019-12-11 21:34:43 ----A---- C:\windows\system32\wow64cpu.dll
    2019-12-11 21:34:43 ----A---- C:\windows\system32\sspisrv.dll
    2019-12-11 21:34:43 ----A---- C:\windows\system32\sscore.dll
    2019-12-11 21:34:43 ----A---- C:\windows\system32\srclient.dll
    2019-12-11 21:34:43 ----A---- C:\windows\system32\secur32.dll
    2019-12-11 21:34:43 ----A---- C:\windows\system32\lsass.exe
    2019-12-11 21:34:43 ----A---- C:\windows\system32\lpk.dll
    2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\processr.sys
    2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
    2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\intelppm.sys
    2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\appid.sys
    2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\amdppm.sys
    2019-12-11 21:34:43 ----A---- C:\windows\system32\drivers\amdk8.sys
    2019-12-11 21:34:43 ----A---- C:\windows\system32\csrsrv.dll
    2019-12-11 21:34:43 ----A---- C:\windows\system32\cryptbase.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2019-12-11 21:34:42 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\wow32.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\sscore.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\srclient.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\secur32.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\lpk.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\kernel32.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\dciman32.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\cryptbase.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\credssp.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\comcat.dll
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\auditpol.exe
    2019-12-11 21:34:42 ----A---- C:\windows\SYSWOW64\appidapi.dll
    2019-12-11 21:34:42 ----A---- C:\windows\system32\setbcdlocale.dll
    2019-12-11 21:34:42 ----A---- C:\windows\system32\rstrui.exe
    2019-12-11 21:34:42 ----A---- C:\windows\system32\ntvdm64.dll
    2019-12-11 21:34:42 ----A---- C:\windows\system32\drivers\npfs.sys
    2019-12-11 21:34:42 ----A---- C:\windows\system32\dciman32.dll
    2019-12-11 21:34:42 ----A---- C:\windows\system32\credssp.dll
    2019-12-11 21:34:42 ----A---- C:\windows\system32\comcat.dll
    2019-12-11 21:34:42 ----A---- C:\windows\system32\auditpol.exe
    2019-12-11 21:34:42 ----A---- C:\windows\system32\appidsvc.dll
    2019-12-11 21:34:42 ----A---- C:\windows\system32\appidpolicyconverter.exe
    2019-12-11 21:34:42 ----A---- C:\windows\system32\appidcertstorecheck.exe
    2019-12-11 21:34:42 ----A---- C:\windows\system32\appidapi.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2019-12-11 21:34:41 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
    2019-12-11 21:34:41 ----A---- C:\windows\SYSWOW64\user.exe
    2019-12-11 21:34:41 ----A---- C:\windows\SYSWOW64\setup16.exe
    2019-12-11 21:34:41 ----A---- C:\windows\SYSWOW64\instnm.exe
    2019-12-11 21:34:41 ----A---- C:\windows\SYSWOW64\atmlib.dll
    2019-12-11 21:34:41 ----A---- C:\windows\SYSWOW64\apisetschema.dll
    2019-12-11 21:34:41 ----A---- C:\windows\system32\atmlib.dll
    2019-12-11 21:34:41 ----A---- C:\windows\system32\apisetschema.dll
    2019-12-11 21:34:40 ----A---- C:\windows\SYSWOW64\adtschema.dll
    2019-12-11 21:34:40 ----A---- C:\windows\system32\adtschema.dll
    2019-12-11 21:34:39 ----A---- C:\windows\SYSWOW64\oleres.dll
    2019-12-11 21:34:39 ----A---- C:\windows\SYSWOW64\msobjs.dll
    2019-12-11 21:34:39 ----A---- C:\windows\SYSWOW64\msaudite.dll
    2019-12-11 21:34:39 ----A---- C:\windows\system32\oleres.dll
    2019-12-11 21:34:39 ----A---- C:\windows\system32\msobjs.dll
    2019-12-11 21:34:39 ----A---- C:\windows\system32\msaudite.dll
    2019-12-11 21:34:39 ----A---- C:\windows\system32\ieetwcollectorres.dll
    2019-12-11 21:32:29 ----A---- C:\windows\SYSWOW64\poqexec.exe
    2019-12-11 21:32:29 ----A---- C:\windows\system32\poqexec.exe
    2019-11-24 08:37:00 ----A---- C:\windows\SYSWOW64\netlogon.dll
    2019-11-24 08:37:00 ----A---- C:\windows\system32\netlogon.dll
    2019-11-24 08:36:59 ----A---- C:\windows\system32\iphlpsvc.dll
    2019-11-24 08:36:57 ----A---- C:\windows\SYSWOW64\upnphost.dll
    2019-11-24 08:36:57 ----A---- C:\windows\SYSWOW64\udhisapi.dll
    2019-11-24 08:36:57 ----A---- C:\windows\system32\upnphost.dll
    2019-11-24 08:36:57 ----A---- C:\windows\system32\udhisapi.dll
    2019-11-24 08:36:56 ----A---- C:\windows\SYSWOW64\netcorehc.dll
    2019-11-24 08:36:56 ----A---- C:\windows\system32\netcorehc.dll
    2019-11-24 08:36:56 ----A---- C:\windows\system32\AxInstSv.dll
    2019-11-24 08:36:55 ----A---- C:\windows\system32\aeinv.dll
    2019-11-24 08:36:54 ----A---- C:\windows\SYSWOW64\DWrite.dll
    2019-11-24 08:36:54 ----A---- C:\windows\system32\FntCache.dll
    2019-11-24 08:36:54 ----A---- C:\windows\system32\DWrite.dll
    2019-11-24 08:36:52 ----A---- C:\windows\system32\devinv.dll
    2019-11-24 08:36:52 ----A---- C:\windows\system32\centel.dll
    2019-11-24 08:36:50 ----A---- C:\windows\SYSWOW64\msjet40.dll
    2019-11-24 08:36:50 ----A---- C:\windows\system32\invagent.dll
    2019-11-24 08:36:50 ----A---- C:\windows\system32\generaltel.dll
    2019-11-24 08:36:49 ----A---- C:\windows\SYSWOW64\usp10.dll
    2019-11-24 08:36:49 ----A---- C:\windows\SYSWOW64\upnpcont.exe
    2019-11-24 08:36:49 ----A---- C:\windows\system32\upnpcont.exe
    2019-11-24 08:36:49 ----A---- C:\windows\system32\drivers\msrpc.sys
    2019-11-24 08:36:49 ----A---- C:\windows\system32\cryptui.dll
    2019-11-24 08:36:48 ----A---- C:\windows\SYSWOW64\userenv.dll
    2019-11-24 08:36:48 ----A---- C:\windows\SYSWOW64\cryptui.dll
    2019-11-24 08:36:48 ----A---- C:\windows\system32\usp10.dll
    2019-11-24 08:36:48 ----A---- C:\windows\system32\userenv.dll
    2019-11-24 08:36:48 ----A---- C:\windows\system32\consent.exe
    2019-11-24 08:36:48 ----A---- C:\windows\system32\AxInstUI.exe
    2019-11-24 08:36:48 ----A---- C:\windows\system32\aepic.dll
    2019-11-24 08:36:48 ----A---- C:\windows\system32\acmigration.dll
    2019-11-24 08:36:47 ----A---- C:\windows\SYSWOW64\mf3216.dll
    2019-11-24 08:36:47 ----A---- C:\windows\system32\mf3216.dll
    2019-11-24 08:36:46 ----A---- C:\windows\SYSWOW64\tzres.dll
    2019-11-24 08:36:46 ----A---- C:\windows\system32\tzres.dll
    2019-11-24 08:36:45 ----A---- C:\windows\SYSWOW64\msihnd.dll
    2019-11-24 08:36:45 ----A---- C:\windows\system32\msihnd.dll
    2019-11-24 08:36:44 ----A---- C:\windows\SYSWOW64\msiexec.exe
    2019-11-24 08:36:44 ----A---- C:\windows\SYSWOW64\authui.dll
    2019-11-24 08:36:44 ----A---- C:\windows\system32\msiexec.exe
    2019-11-24 08:36:44 ----A---- C:\windows\system32\authui.dll
    2019-11-24 08:36:44 ----A---- C:\windows\system32\appinfo.dll
    2019-11-24 08:36:42 ----A---- C:\windows\system32\msi.dll
    2019-11-24 08:36:41 ----A---- C:\windows\SYSWOW64\msi.dll
    2019-11-24 08:36:36 ----A---- C:\windows\SYSWOW64\msimsg.dll
    2019-11-24 08:36:36 ----A---- C:\windows\system32\msimsg.dll
    2019-11-24 08:36:34 ----A---- C:\windows\system32\msimg32.dll
    2019-11-24 08:36:33 ----A---- C:\windows\SYSWOW64\msimg32.dll
    2019-11-24 08:36:32 ----A---- C:\windows\system32\aitstatic.exe
    2019-10-20 19:39:16 ----A---- C:\windows\SYSWOW64\AudioSes.dll
    2019-10-20 19:39:16 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
    2019-10-20 19:39:16 ----A---- C:\windows\SYSWOW64\AudioEng.dll
    2019-10-20 19:39:16 ----A---- C:\windows\system32\audiosrv.dll
    2019-10-20 19:39:16 ----A---- C:\windows\system32\AudioSes.dll
    2019-10-20 19:39:16 ----A---- C:\windows\system32\AUDIOKSE.dll
    2019-10-20 19:39:16 ----A---- C:\windows\system32\AudioEng.dll
    2019-10-20 19:39:14 ----A---- C:\windows\SYSWOW64\wer.dll
    2019-10-20 19:39:14 ----A---- C:\windows\system32\werconcpl.dll
    2019-10-20 19:39:14 ----A---- C:\windows\system32\wer.dll
    2019-10-20 19:39:14 ----A---- C:\windows\system32\umpo.dll
    2019-10-20 19:39:14 ----A---- C:\windows\system32\EncDump.dll
    2019-10-20 19:39:14 ----A---- C:\windows\system32\audiodg.exe
    2019-10-20 19:39:13 ----A---- C:\windows\SYSWOW64\WerFault.exe
    2019-10-20 19:39:13 ----A---- C:\windows\SYSWOW64\DWWIN.EXE
    2019-10-20 19:39:13 ----A---- C:\windows\system32\WerFault.exe
    2019-10-20 19:39:13 ----A---- C:\windows\system32\DWWIN.EXE
    2019-10-20 19:39:13 ----A---- C:\windows\system32\drivers\monitor.sys
    2019-10-20 19:39:13 ----A---- C:\windows\system32\ci.dll
    2019-10-20 19:39:12 ----A---- C:\windows\SYSWOW64\msrd3x40.dll
    2019-10-20 19:39:12 ----A---- C:\windows\SYSWOW64\msltus40.dll
    2019-10-20 19:39:12 ----A---- C:\windows\SYSWOW64\Faultrep.dll
    2019-10-20 19:39:12 ----A---- C:\windows\system32\wercplsupport.dll
    2019-10-20 19:39:12 ----A---- C:\windows\system32\Faultrep.dll
    2019-10-20 19:39:12 ----A---- C:\windows\system32\drivers\rdbss.sys
    2019-10-20 19:39:09 ----A---- C:\windows\SYSWOW64\werui.dll
    2019-10-20 19:39:09 ----A---- C:\windows\SYSWOW64\wermgr.exe
    2019-10-20 19:39:09 ----A---- C:\windows\SYSWOW64\WerFaultSecure.exe
    2019-10-20 19:39:09 ----A---- C:\windows\SYSWOW64\werdiagcontroller.dll
    2019-10-20 19:39:09 ----A---- C:\windows\system32\werui.dll
    2019-10-20 19:39:09 ----A---- C:\windows\system32\wermgr.exe
    2019-10-20 19:39:09 ----A---- C:\windows\system32\WerFaultSecure.exe
    2019-10-20 19:39:09 ----A---- C:\windows\system32\werdiagcontroller.dll

    ======List of files/folders modified in the last 3 months======

    2020-01-08 08:15:53 ----D---- C:\windows\Prefetch
    2020-01-08 08:15:43 ----D---- C:\Program Files
    2020-01-08 08:13:26 ----D---- C:\windows\Temp
    2020-01-08 07:57:52 ----D---- C:\windows\tracing
    2020-01-08 07:20:30 ----D---- C:\windows\system32\config
    2020-01-05 20:43:36 ----AD---- C:\windows\System32
    2020-01-05 20:43:36 ----A---- C:\windows\system32\PerfStringBackup.INI
    2020-01-05 20:43:35 ----D---- C:\windows\inf
    2020-01-04 11:50:21 ----SHD---- C:\System Volume Information
    2020-01-02 22:44:59 ----D---- C:\Windows
    2020-01-02 19:41:41 ----D---- C:\windows\system32\Tasks
    2020-01-02 19:41:23 ----D---- C:\windows\system32\drivers
    2020-01-02 19:41:06 ----D---- C:\windows\winsxs
    2020-01-02 19:40:35 ----D---- C:\ProgramData\AVAST Software
    2020-01-02 19:40:35 ----D---- C:\Program Files\Common Files
    2020-01-02 19:18:24 ----D---- C:\windows\Panther
    2020-01-02 19:18:08 ----D---- C:\windows\Logs
    2020-01-02 19:18:08 ----D---- C:\windows\debug
    2020-01-02 18:51:16 ----RD---- C:\Program Files (x86)
    2020-01-02 18:51:14 ----HD---- C:\ProgramData
    2020-01-02 18:11:17 ----AD---- C:\ProgramData\Temp
    2020-01-02 17:49:42 ----D---- C:\Program Files (x86)\Google
    2020-01-02 17:49:39 ----SHD---- C:\windows\Installer
    2020-01-02 16:57:23 ----D---- C:\Program Files (x86)\Windows Live
    2020-01-02 16:52:12 ----SD---- C:\ProgramData\Microsoft
    2020-01-02 16:52:06 ----D---- C:\Program Files (x86)\Microsoft Office
    2020-01-02 16:48:23 ----RSD---- C:\windows\assembly
    2020-01-02 16:39:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
    2020-01-02 16:39:08 ----D---- C:\Program Files (x86)\Lenovo
    2020-01-02 16:33:25 ----D---- C:\Program Files\Lenovo
    2020-01-02 16:31:56 ----D---- C:\Program Files (x86)\HP
    2020-01-02 16:31:08 ----D---- C:\Users\Lenovo\AppData\Roaming\HpUpdate
    2020-01-02 16:14:33 ----D---- C:\windows\Microsoft.NET
    2020-01-02 15:51:10 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2020-01-02 15:48:17 ----D---- C:\windows\SysWOW64
    2020-01-02 15:37:59 ----D---- C:\Program Files (x86)\Common Files
    2020-01-02 15:24:37 ----D---- C:\Users\Lenovo\AppData\Roaming\BSplayer
    2020-01-02 15:24:37 ----D---- C:\Program Files (x86)\Webteh
    2019-12-31 12:22:56 ----D---- C:\Program Files\Google
    2019-12-30 13:19:35 ----SD---- C:\Users\Lenovo\AppData\Roaming\Microsoft
    2019-12-29 23:39:12 ----D---- C:\windows\system32\catroot2
    2019-12-29 18:06:18 ----D---- C:\windows\Minidump
    2019-12-12 19:18:21 ----D---- C:\windows\rescache
    2019-12-12 10:24:31 ----D---- C:\Program Files\Internet Explorer
    2019-12-12 10:24:26 ----D---- C:\windows\SYSWOW64\cs-CZ
    2019-12-12 10:24:26 ----D---- C:\Program Files (x86)\Internet Explorer
    2019-12-12 10:24:25 ----D---- C:\windows\SYSWOW64\en-US
    2019-12-12 10:24:21 ----D---- C:\windows\system32\drivers\en-US
    2019-12-12 10:24:21 ----D---- C:\windows\system32\cs-CZ
    2019-12-12 10:24:19 ----D---- C:\windows\system32\en-US
    2019-12-12 10:24:11 ----D---- C:\windows\AppPatch
    2019-12-12 10:24:08 ----D---- C:\windows\system32\Boot
    2019-12-12 10:24:04 ----D---- C:\windows\system32\DriverStore
    2019-12-11 23:35:18 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
    2019-12-11 07:43:41 ----D---- C:\windows\system32\MRT
    2019-12-11 07:43:23 ----AC---- C:\windows\system32\MRT.exe
    2019-12-06 19:34:52 ----SD---- C:\windows\system32\CompatTel
    2019-12-06 19:34:52 ----D---- C:\windows\system32\appraiser
    2019-12-06 19:34:52 ----D---- C:\windows\PolicyDefinitions
    2019-12-06 19:34:36 ----D---- C:\windows\SYSWOW64\migration
    2019-12-06 19:34:34 ----D---- C:\windows\system32\migration
    2019-11-12 22:03:31 ----N---- C:\windows\system32\MpSigStub.exe
    2019-10-30 09:18:37 ----D---- C:\windows\ehome

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 aswArDisk;aswArDisk; C:\windows\system32\drivers\aswArDisk.sys [2020-01-02 37616]
    R0 aswbidsh;aswbidsh; C:\windows\system32\drivers\aswbidsh.sys [2020-01-02 209552]
    R0 aswbuniv;aswbuniv; C:\windows\system32\drivers\aswbuniv.sys [2020-01-02 65120]
    R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2020-01-02 83792]
    R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2020-01-02 316528]
    R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
    R1 aswArPot;aswArPot; C:\windows\system32\drivers\aswArPot.sys [2020-01-02 204824]
    R1 aswbidsdriver;aswbidsdriver; C:\windows\system32\drivers\aswbidsdriver.sys [2020-01-02 274456]
    R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2020-01-02 42736]
    R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2020-01-02 110320]
    R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2020-01-02 848432]
    R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2020-01-02 460448]
    R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2020-01-02 171520]
    R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2020-01-02 236024]
    R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-03-03 1594368]
    R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
    R3 FEIExpress;Intel(R) 10/100 Network Connection Driver; C:\windows\system32\DRIVERS\fei62x64.sys [2009-10-02 187392]
    R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-04-19 6179616]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-10-30 2530152]
    R3 VMC412;Vimicro Camera Service VMC412; C:\windows\System32\Drivers\VMC412.sys [2010-07-17 237568]
    S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
    S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-03-12 242720]
    S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
    S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
    S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 151656]
    S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
    S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
    R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-01-02 996880]
    R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-01-02 6259592]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe [2018-03-26 107592]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe [2018-03-26 128584]
    S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2015-07-11 268976]
    S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetw collectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2019-11-19 116224]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
    S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-12-02 244936]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-01-02 1255736]
    S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\as pnet_state.exe [2018-03-26 52832]
    S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framewo rk64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe [2019-10-01 139264]
    S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framewo rk64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe [2019-10-01 139264]
    S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framewor k64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe [2019-10-01 139264]

    -----------------EOF-----------------
    Odpovídat lze po přihlášení

  11. #11
    Starousedlík SHW Avatar uživatele kevin00
    Registrace
    Feb 2008
    Příspěvků
    10,170

    V notepadu vytvoř nový soubor a vlož do něj:

    Kód:
    Start
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
    
    EmptyTemp:
    Reboot:
    End
    Soubor ulož jako fixlist.txt a ulož jej vedle FRST. Spusť FRST a klikni na fix. Vlož nově vytvořený log fixlog.txt.
    Odpovídat lze po přihlášení

  12. #12
    Starousedlík SHW Avatar uživatele Ventero
    Registrace
    Oct 2012
    Příspěvků
    1,155

    Kód:
    Fix result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
    Ran by Lenovo (22-01-2020 09:31:31) Run:1
    Running from C:\Users\Lenovo\Downloads
    Loaded Profiles: Lenovo (Available Profiles: Lenovo)
    Boot Mode: Normal
    ==============================================
    
    fixlist content:
    *****************
    Start
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKU\S-1-5-21-3293028386-2514289208-1168274650-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
    
    EmptyTemp:
    Reboot:
    End
    *****************
    
    "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" => not found
    "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
    HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => removed successfully
    "HKU\S-1-5-21-3293028386-2514289208-1168274650-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
    "HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd." => not found
    C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll => moved successfully
    HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
    "HKLM\Software\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd." => not found
    C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll => moved successfully
    HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
    HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => removed successfully
    
    =========== EmptyTemp: ==========
    
    BITS transfer queue => 8388608 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9074446 B
    Java, Flash, Steam htmlcache => 506 B
    Windows/system/drivers => 15176864 B
    Edge => 0 B
    Chrome => 0 B
    Firefox => 572067613 B
    Opera => 0 B
    
    Temp, IE cache, history, cookies, recent:
    Users => 0 B
    Default => 0 B
    Public => 0 B
    ProgramData => 0 B
    systemprofile => 42371403 B
    systemprofile32 => 47475723 B
    LocalService => 47475723 B
    NetworkService => 47475723 B
    Lenovo => 50985288 B
    
    RecycleBin => 4455 B
    EmptyTemp: => 801.6 MB temporary data Removed.
    
    ================================
    
    
    The system needed a reboot.
    
    ==== End of Fixlog 09:32:00 ====
    Odpovídat lze po přihlášení



  13. #13
    Starousedlík SHW Avatar uživatele john
    Registrace
    Feb 2007
    Příspěvků
    868

    muzes pripadne zkusit https://privazer.com/
    Odpovídat lze po přihlášení

  14. #14
    Starousedlík SHW Avatar uživatele kevin00
    Registrace
    Feb 2008
    Příspěvků
    10,170

    Udělej scan z Malwarebytes
    Odpovídat lze po přihlášení

  15. #15
    Starousedlík SHW Avatar uživatele Ventero
    Registrace
    Oct 2012
    Příspěvků
    1,155

    Nastaven na plny vykon a tentokrat uz nic nenasel.
    Odpovídat lze po přihlášení

Strana 1 z 2 12 PosledníPoslední

Podobná témata

  1. S cim a jak zacit?
    Od MartyDzeksons v sekci Programování
    Reakcí: 14
    Poslední příspěvek: 28-06-2014, 20:44
  2. Zdroje: CIM TO JE
    Od Neregistrovaný v sekci Poradna
    Reakcí: 7
    Poslední příspěvek: 19-12-2011, 02:15
  3. Reakcí: 40
    Poslední příspěvek: 07-06-2008, 23:05
  4. Jak jeste ztisit PC
    Od Loli v sekci Chlazení
    Reakcí: 21
    Poslední příspěvek: 30-05-2008, 19:38