Zdravím,
při spouštění různých věcí (Epic games launcher, některé hry na steamu, malování) se mi zobrazí chyba (viz obrázek).
Logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Filip (administrator) on DOMAPC (18-03-2019 20:12:27)
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip & Dominik)
Platform: Windows 7 Professional N Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH -> TeamViewer GmbH) F:\Program Files\TeamViewer\TeamViewer_Service.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-191281724-4012592549-602147791-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{66C64F22-FC60-4E6C-A6B5-F0D580E680CE}] -> C:\Windows\System32\ie4uinit.exe [2018-11-13]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7D715857-A67C-4C2F-A929-038448584D63}] -> C:\Windows\System32\ie4uinit.exe [2018-11-13]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\Windows\System32\ie4uinit.exe [2018-11-13]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.111.252
Tcpip\..\Interfaces\{6D14DE31-450E-4EBC-8473-650A28981C2E}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8F84177B-E740-4FE3-9C49-8F3F6FC1EFC0}: [DhcpNameServer] 192.168.111.252
Tcpip\..\Interfaces\{BCBCA3A2-478B-4D50-B319-3468BDAF3A5C}: [DhcpNameServer] 192.168.42.129
HKLM\System\...\Parameters\PersistentRoutes: [255.255.255.255,255.255.255.255,0.0.0.0,1]
HKLM\System\...\Parameters\PersistentRoutes: [224.0.0.0,240.0.0.0,0.0.0.0,1]
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-191281724-4012592549-602147791-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-191281724-4012592549-602147791-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-17] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> F:\Program Files\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> F:\Program Files\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> F:\Program Files\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-191281724-4012592549-602147791-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Filip\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS -> Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668","hxxp://home ... 0&ua=Torch"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default [2019-03-18]
CHR Extension: (Prezentace) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-01]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-01]
CHR Extension: (OneTab) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2017-02-21]
CHR Extension: (Adblock na Youtube™) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-03-17]
CHR Extension: (Lamborghini Sesto Elemento Theme) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dappigdjllcnkkoacaoolciaolaaiemb [2017-02-01]
CHR Extension: (Vysoký kontrast) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2017-02-01]
CHR Extension: (Tabulky) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2019-01-06]
CHR Extension: (Heroes & Generals) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2017-02-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (AdBlock) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-01]
CHR Extension: (Docs Online Viewer) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmpljdlgcdkljlppaekciacdmdlhfeon [2018-11-20]
CHR Extension: (Avast Online Security) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-20]
CHR Extension: (Helium Backup) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2017-10-24]
CHR Extension: (The Great Suspender) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-06-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-01]
CHR Extension: (Chrome Media Router) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-31]
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-01-03]
CHR Extension: (Prezentace) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-03]
CHR Extension: (Dokumenty) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-03]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-03]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-03]
CHR Extension: (Vysor) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djijfbpaknhcpkmmdpjehlohnfjignne [2018-01-03]
CHR Extension: (Avast SafePrice) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-01-03]
CHR Extension: (Tabulky) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-03]
CHR Extension: (Avast Online Security) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-03]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-03]
CHR Extension: (Chrome Media Router) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-03]
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\System Profile [2018-01-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [496008 2018-09-26] (Advanced Micro Devices, Inc. -> AMD)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [189952 2018-09-25] () [File not signed]
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-07-08] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
S3 EvoSvc; F:\Program Files\Evolve\EvoSvc.exe [1583488 2018-06-30] (Echobit, LLC -> Echobit LLC)
S3 GalaxyClientService; F:\Program Files\GOG Galaxy\GalaxyClientService.exe [532552 2017-12-07] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8345672 2017-12-07] (GOG Sp. z o.o. -> GOG.com)
S3 HnGService; C:\Program Files (x86)\Heroes & Generals\live\hngservice.exe [756520 2019-02-14] (Reto-Moto ApS -> Reto-Moto ApS)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [483808 2018-10-30] (ICEpower a/s -> ICEpower a/s)
S3 MBAMService; F:\Program Files\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; F:\Program Files\Origin\OriginClientService.exe [2298688 2019-01-23] () [File not signed]
S2 Origin Web Helper Service; F:\Program Files\Origin\OriginWebHelperService.exe [3171144 2019-01-23] () [File not signed]
R3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [5132888 2016-12-27] (Microsoft Corporation) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2018-06-14] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2018-06-14] (Even Balance, Inc. -> )
R2 TeamViewer; F:\Program Files\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH -> TeamViewer GmbH)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [223624 2018-09-26] (Advanced Micro Devices, Inc. -> )
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-02-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [47102856 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [578440 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation -> MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [151808 2013-03-28] (MCCI Corporation -> MCCI Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205608 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254408 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196304 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320904 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58168 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249152 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42496 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169104 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88152 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034640 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476256 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220632 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380160 2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104840 2018-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2018-10-30] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [22200 2018-06-22] (eSupport.com, Inc. -> Phoenix Technologies)
R3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2018-06-30] (Echobit, LLC -> Echobit, LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-01] (Martin Malik - REALiX -> REALiX(tm))
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2018-06-27] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R3 L1C; C:\Windows\System32\DRIVERS\L1C63x64.sys [125048 2018-10-30] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-19] (ASUSTeK Computer Inc. -> )
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12464 2017-09-19] (Macrovision Europe Ltd) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [393880 2019-03-18] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
U1 aswbdisk; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-18 20:12 - 2019-03-18 20:20 - 000026421 _____ C:\Users\Filip\Desktop\FRST.txt
2019-03-18 20:12 - 2019-03-18 20:12 - 000000000 ____D C:\FRST
2019-03-18 20:11 - 2019-03-18 20:11 - 002434048 _____ (Farbar) C:\Users\Filip\Downloads\FRST64.exe
2019-03-18 20:11 - 2019-03-18 20:11 - 002434048 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2019-03-18 20:02 - 2019-03-18 20:02 - 000393880 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2019-03-18 20:01 - 2019-03-18 20:01 - 000597632 _____ (Duplex Secure Ltd) C:\Users\Filip\Downloads\SPTDinst-v190-x64.exe
2019-03-18 20:00 - 2019-03-18 20:00 - 000292184 _____ (Microsoft Corporation) C:\Users\Filip\Downloads\dxwebsetup.exe
2019-03-18 20:00 - 2019-03-18 20:00 - 000000000 ___HD C:\Windows\msdownld.tmp
2019-03-18 19:53 - 2019-03-18 19:53 - 000029392 _____ C:\ComboFix.txt
2019-03-18 18:46 - 2019-03-18 19:54 - 000000000 ____D C:\Qoobox
2019-03-18 18:46 - 2019-03-18 19:13 - 000000000 ____D C:\Windows\erdnt
2019-03-18 18:46 - 2011-06-26 07:45 - 000256000 _____ C:\Windows\PEV.exe
2019-03-18 18:46 - 2010-11-07 18:20 - 000208896 _____ C:\Windows\MBR.exe
2019-03-18 18:46 - 2009-04-20 05:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2019-03-18 18:46 - 2000-08-31 01:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2019-03-18 18:46 - 2000-08-31 01:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2019-03-18 18:46 - 2000-08-31 01:00 - 000098816 _____ C:\Windows\sed.exe
2019-03-18 18:46 - 2000-08-31 01:00 - 000080412 _____ C:\Windows\grep.exe
2019-03-18 18:46 - 2000-08-31 01:00 - 000068096 _____ C:\Windows\zip.exe
2019-03-18 18:44 - 2019-03-18 18:45 - 005660510 ____R (Swearware) C:\Users\Filip\Downloads\ComboFix.exe
2019-03-18 18:40 - 2019-03-18 18:39 - 000068888 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-03-17 08:27 - 2019-03-17 08:26 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-03-16 21:02 - 2019-03-16 21:02 - 000000000 ____D C:\Users\Public\Documents\uPlay
2019-03-16 08:19 - 2019-03-16 08:19 - 000001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2019-03-16 08:19 - 2019-03-16 08:19 - 000001230 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2019-03-16 08:19 - 2019-03-16 08:19 - 000000000 ____D C:\Program Files (x86)\Epic Games
2019-03-16 08:15 - 2019-03-16 08:15 - 000000000 ____D C:\Users\Filip\AppData\Roaming\HD Tune Pro
2019-03-16 08:15 - 2019-03-16 08:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2019-03-16 07:37 - 2019-03-16 07:37 - 000000000 ____D C:\Program Files\UnrealTournament
2019-03-15 22:42 - 2019-03-15 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2019-03-15 22:26 - 2019-03-15 22:26 - 000178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2019-03-15 22:26 - 2019-03-15 22:26 - 000000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telltale Games
2019-03-15 22:03 - 2019-03-15 22:03 - 000275960 _____ C:\Windows\Minidump\031519-32042-01.dmp
2019-03-15 20:50 - 2019-03-15 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telltale Games
2019-03-13 13:51 - 2019-03-13 13:51 - 000275960 _____ C:\Windows\Minidump\031319-30716-01.dmp
2019-03-13 09:00 - 2019-02-21 05:12 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-13 09:00 - 2019-02-21 05:10 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-13 09:00 - 2019-02-21 05:10 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-13 09:00 - 2019-02-21 05:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-03-13 09:00 - 2019-02-21 05:09 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-03-13 09:00 - 2019-02-21 05:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-03-13 09:00 - 2019-02-21 05:08 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-03-13 09:00 - 2019-02-21 05:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:59 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-13 09:00 - 2019-02-21 04:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-03-13 09:00 - 2019-02-21 04:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-03-13 09:00 - 2019-02-21 04:56 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-03-13 09:00 - 2019-02-21 04:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-03-13 09:00 - 2019-02-21 04:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-03-13 09:00 - 2019-02-21 04:41 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-03-13 09:00 - 2019-02-21 04:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-03-13 09:00 - 2019-02-21 04:39 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-03-13 09:00 - 2019-02-21 04:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-03-13 09:00 - 2019-02-21 04:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-03-13 09:00 - 2019-02-21 04:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-03-13 09:00 - 2019-02-21 04:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-13 09:00 - 2019-02-21 04:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-13 09:00 - 2019-02-21 04:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-13 09:00 - 2019-02-21 04:36 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-13 09:00 - 2019-02-21 04:36 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-03-13 09:00 - 2019-02-21 04:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-13 09:00 - 2019-02-21 04:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-13 09:00 - 2019-02-21 04:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-03-13 09:00 - 2019-02-21 04:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-03-13 09:00 - 2019-02-21 04:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-03-13 09:00 - 2019-02-21 04:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-03-13 09:00 - 2019-02-21 04:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-13 09:00 - 2019-02-21 04:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-03-13 09:00 - 2019-02-21 04:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-03-13 09:00 - 2019-02-21 04:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-03-13 09:00 - 2019-02-21 04:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-03-13 09:00 - 2019-02-21 04:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-03-13 09:00 - 2019-02-21 04:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-13 09:00 - 2019-02-21 04:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-03-13 09:00 - 2019-02-16 06:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-03-13 09:00 - 2019-02-16 06:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-03-13 09:00 - 2019-02-10 17:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-03-13 09:00 - 2019-02-10 17:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-03-13 09:00 - 2019-02-10 17:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-03-13 09:00 - 2019-02-10 17:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-03-13 09:00 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-03-13 09:00 - 2019-02-10 17:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-03-13 09:00 - 2019-02-10 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-03-13 09:00 - 2019-02-10 17:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-03-13 09:00 - 2019-02-10 17:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-03-13 09:00 - 2019-02-10 17:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-13 09:00 - 2019-02-10 17:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-03-13 09:00 - 2019-02-10 17:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-03-13 09:00 - 2019-02-10 17:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-03-13 09:00 - 2019-02-10 17:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-13 09:00 - 2019-02-10 17:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-03-13 09:00 - 2019-02-10 17:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-13 09:00 - 2019-02-10 17:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-13 09:00 - 2019-02-10 17:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-13 09:00 - 2019-02-10 17:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-03-13 09:00 - 2019-02-10 17:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-13 09:00 - 2019-02-10 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-03-13 09:00 - 2019-02-10 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-03-13 09:00 - 2019-02-10 17:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-03-13 09:00 - 2019-02-10 17:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-03-13 09:00 - 2019-02-10 17:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-13 09:00 - 2019-02-10 17:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-13 09:00 - 2019-02-10 17:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-13 09:00 - 2019-02-10 17:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-03-13 09:00 - 2019-02-10 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-03-13 09:00 - 2019-02-10 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-13 09:00 - 2019-02-10 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-03-13 09:00 - 2019-02-10 16:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-03-13 09:00 - 2019-02-10 16:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-03-10 13:02 - 2019-03-10 13:03 - 000262970 _____ C:\Users\Filip\Downloads\rad_technicke_sluzby.pdf
2019-03-10 11:56 - 2019-03-10 11:56 - 000319096 _____ C:\Windows\Minidump\031019-30170-01.dmp
2019-03-07 10:20 - 2019-03-07 10:20 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-07 10:20 - 2019-03-07 10:20 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-07 10:20 - 2019-03-07 10:20 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-07 10:20 - 2019-03-07 10:20 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-07 10:20 - 2019-03-07 10:20 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-03-07 10:20 - 2019-03-07 10:20 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-07 10:20 - 2019-03-07 10:20 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-07 10:20 - 2019-03-07 10:20 - 000002330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-07 10:20 - 2019-03-07 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-18 20:18 - 2009-07-14 05:50 - 000020144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-18 20:18 - 2009-07-14 05:50 - 000020144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-18 20:05 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-18 20:04 - 2017-02-01 16:10 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-03-18 20:01 - 2017-02-27 15:48 - 000000000 ____D C:\Windows\SysWOW64\directx
2019-03-18 19:37 - 2009-07-14 03:34 - 000000215 _____ C:\Windows\system.ini
2019-03-18 19:23 - 2017-02-01 15:27 - 000000000 ____D C:\Users\Filip
2019-03-18 19:19 - 2017-02-06 10:08 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2019-03-17 17:51 - 2018-12-12 16:37 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-17 17:51 - 2018-11-14 09:25 - 000003146 _____ C:\Windows\System32\Tasks\StartCN
2019-03-17 17:51 - 2018-11-14 09:25 - 000003060 _____ C:\Windows\System32\Tasks\StartDVR
2019-03-17 17:51 - 2018-09-06 14:14 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-03-17 17:51 - 2018-07-04 19:40 - 000004536 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-17 17:51 - 2018-06-30 21:05 - 000003134 _____ C:\Windows\System32\Tasks\{888CE5A6-CCBB-4112-9D2F-7C37E3BD550A}
2019-03-17 17:51 - 2018-06-06 19:34 - 000003482 _____ C:\Windows\System32\Tasks\BlueStacksHelper
2019-03-17 17:51 - 2017-04-09 22:02 - 000002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-03-17 17:51 - 2017-02-01 15:48 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-17 17:51 - 2017-02-01 15:48 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-17 17:51 - 2017-02-01 15:44 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-03-17 08:28 - 2017-11-01 17:34 - 000000000 ____D C:\Users\Filip\AppData\Local\Adobe
2019-03-17 08:28 - 2017-03-09 07:31 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-03-17 08:26 - 2019-02-14 14:02 - 000249152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-03-17 08:26 - 2018-12-13 14:03 - 000476256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-03-17 08:26 - 2018-12-13 14:03 - 000380160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-03-17 08:26 - 2018-12-13 14:03 - 000220632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-03-17 08:26 - 2018-12-13 14:03 - 000169104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-03-17 08:26 - 2018-12-13 14:03 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-03-17 08:26 - 2018-12-13 14:03 - 000088152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-03-17 08:26 - 2018-12-13 14:03 - 000042496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-03-17 08:25 - 2019-01-14 21:46 - 000254408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-03-17 08:25 - 2019-01-06 09:18 - 000320904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-03-17 08:25 - 2019-01-06 09:18 - 000196304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-03-17 08:25 - 2019-01-06 09:18 - 000058168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-03-17 08:25 - 2019-01-06 09:18 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-03-17 08:25 - 2018-12-13 14:03 - 001034640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-03-17 08:25 - 2018-12-13 14:03 - 000205608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-03-17 08:22 - 2017-02-02 21:03 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-17 08:22 - 2017-02-02 21:03 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-17 08:22 - 2017-02-02 21:03 - 000004398 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-17 08:22 - 2017-02-02 21:03 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-17 08:22 - 2017-02-01 19:31 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-16 14:33 - 2011-04-12 10:03 - 000668768 _____ C:\Windows\system32\perfh005.dat
2019-03-16 14:33 - 2011-04-12 10:03 - 000141428 _____ C:\Windows\system32\perfc005.dat
2019-03-16 14:33 - 2009-07-14 06:12 - 001584138 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-16 14:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-03-16 09:08 - 2018-07-14 10:17 - 000000000 ____D C:\Users\Filip\AppData\Local\UnrealEngine
2019-03-16 07:37 - 2018-09-22 18:43 - 000000000 ____D C:\ProgramData\Epic
2019-03-15 23:09 - 2017-02-01 18:07 - 000000000 ____D C:\Users\Filip\Documents\My Games
2019-03-15 22:03 - 2018-12-29 21:02 - 955582073 _____ C:\Windows\MEMORY.DMP
2019-03-15 22:03 - 2017-02-21 21:57 - 000000000 ____D C:\Windows\Minidump
2019-03-13 16:17 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-13 16:17 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2019-03-13 14:26 - 2017-02-04 12:15 - 000000000 ____D C:\Windows\system32\MRT
2019-03-13 14:21 - 2017-02-04 12:15 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-13 13:57 - 2018-12-12 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-03-13 13:57 - 2017-02-05 12:25 - 000001266 _____ C:\Users\Public\Desktop\Skype.lnk
2019-03-07 16:42 - 2017-02-09 07:24 - 000000000 ____D C:\Users\Filip\AppData\Roaming\uTorrent
2019-03-07 13:53 - 2017-06-14 15:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-03-07 13:53 - 2017-06-14 15:41 - 000000000 ____D C:\ProgramData\GOG.com
2019-03-07 11:31 - 2019-02-07 17:08 - 000000000 ____D C:\Users\Filip\AppData\LocalLow\uTorrent
2019-03-07 10:23 - 2017-02-06 18:27 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-07 10:19 - 2017-02-06 18:10 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-05 21:35 - 2017-02-01 15:56 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-26 08:34 - 2017-02-25 19:01 - 000000000 ____D C:\Users\Dominik\AppData\LocalLow\Unity
2019-02-24 13:38 - 2018-05-19 14:13 - 000000000 ____D C:\Users\Filip\AppData\LocalLow\Unity
2019-02-19 10:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2018-02-21 18:25 - 2019-01-02 22:41 - 000007605 _____ () C:\Users\Filip\AppData\Local\Resmon.ResmonCfg
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\atiadlxx.dll
C:\Windows\System32\ie4uinit.exe
C:\Windows\System32\jscript9.dll
C:\Windows\System32\SRRPTR64.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-03-14 14:47
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Filip (18-03-2019 20:20:33)
Running from C:\Users\Filip\Desktop
Windows 7 Professional N Service Pack 1 (X64) (2017-02-01 14:27:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-191281724-4012592549-602147791-500 - Administrator - Disabled)
Dominik (S-1-5-21-191281724-4012592549-602147791-1003 - Administrator - Enabled) => C:\Users\Dominik
Filip (S-1-5-21-191281724-4012592549-602147791-1000 - Administrator - Enabled) => C:\Users\Filip
Guest (S-1-5-21-191281724-4012592549-602147791-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-191281724-4012592549-602147791-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-191281724-4012592549-602147791-1000\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
ACP Application (HKLM\...\{57DEBB5B-0FDC-F1A9-7F8E-705FBD3C0A47}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.00.13 - ASUSTeK Computer Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Castle Story v1 1 (HKLM-x32\...\Castle Story v1 1_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
Copy (HKLM-x32\...\{FAF26102-09D7-4C58-AB01-0D59A2E517CA}) (Version: 130.0.366.000 - Hewlett-Packard) Hidden
DawnOfMan (HKLM-x32\...\1899257943_is1) (Version: 1.0.0 - GOG.com)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}) (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (HKLM-x32\...\{42E2EEB2-D48E-4A47-B181-32ECA031D93B}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
F2400 (HKLM-x32\...\{6BAA71B6-8F43-4C72-931A-3354ABB0258A}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
GameRanger (HKU\S-1-5-21-191281724-4012592549-602147791-1000\...\GameRanger) (Version: - GameRanger Technologies)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.1.0.0 - Reto-Moto)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (HKLM-x32\...\{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}) (Version: 130.0.303.000 - Hewlett-Packard) Hidden
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11328.20146 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-191281724-4012592549-602147791-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.13 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20146 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.7 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8447 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype verze 8.41 (HKLM-x32\...\Skype_is1) (Version: 8.41 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.20915 - Electronic Arts)
Starpoint Gemini Warlords Endpoint (HKLM-x32\...\Starpoint Gemini Warlords Endpoint_is1) (Version: - )
Status (HKLM-x32\...\{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
T3A Patch for BFME 1 version 1.06 (HKLM-x32\...\T3APATCH106_is1) (Version: 1.06 - )
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}) (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Twitch (HKU\S-1-5-21-191281724-4012592549-602147791-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-191281724-4012592549-602147791-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-191281724-4012592549-602147791-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-191281724-4012592549-602147791-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-191281724-4012592549-602147791-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-191281724-4012592549-602147791-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-191281724-4012592549-602147791-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => F:\Program Files\PowerISO\PWRISOSH.DLL [2016-10-02] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => F:\Program Files\PowerISO\PWRISOSH.DLL [2016-10-02] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => F:\Program Files\PowerISO\PWRISOSH.DLL [2016-10-02] (Power Software Limited -> Power Software Ltd)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1F00B629-825F-4A42-A6D4-44B4FB635F5F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {381CA01D-1F18-4EA8-92CD-AC36FE718558} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {3C801617-F606-4ADF-A93A-9BA0094FE146} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {46E8B66F-7A6B-4C21-9763-373990ABE72D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {4851A418-4D13-44FA-A12A-73152E8D566E} - System32\Tasks\{0ECDE36D-5AE3-4C76-8A45-0AD428FBCBEB} => C:\Windows\system32\pcalua.exe -a D:\PhysX\PhysX_7.03.21_SystemSoftware.exe -d D:\PhysX
Task: {4A8ECAED-9356-49DA-9E4E-15943F401025} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {512B9735-1311-4208-8B2F-E716287E7D5A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {59EF1FA7-4614-434F-AF9C-27A52E01C407} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5E7BEC57-D0B3-4BFA-84AF-FF6F6862C848} - System32\Tasks\BlueStacksHelper => F:\Hry\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {6FBDCA20-B5C5-4904-8849-36F0C821CB37} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {754DE26A-1E96-481A-8788-CCDFA4D111A3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {776FE164-F07F-4262-AEC5-29F7A2837AB3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7D3840C5-394D-4E9D-8F2F-A0862400D36C} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7F8F8A62-F70D-471E-85EA-1EAD959F191F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration
Task: {85B552A0-6444-424E-8C6F-122A7D325A73} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8C153207-6784-4A30-A140-7D4A8D432777} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {9A2774C8-D50E-4A2F-A2A0-9A5A64DA3B1C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A301E39B-F49C-4C79-9920-4DA4279B175C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A79EE642-0944-4E7F-9C35-214D51B96F06} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B1C62890-88B6-4CA6-8547-D5373D74CF20} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B6D133F0-D1AE-4AD3-BABC-712A1B65452C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {BA011516-D0A9-4379-95B2-11D827879A7C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-191281724-4012592549-602147791-1003
Task: {BD33EC4E-EC6C-439A-AB8C-4962A7EF7AE9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {E1B02E56-8A7C-4BF9-BF19-E46B6FA123D3} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\ProgramData\ASUS\AASP\1.02.00\AsLoader.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E4903B82-262F-4536-8965-9625BA3BA97C} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
Task: {E654B1BE-A374-4F70-A3A2-78D86938FA4A} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Task: {F2D7E9BD-3033-4495-9B18-8C70155684B8} - System32\Tasks\{888CE5A6-CCBB-4112-9D2F-7C37E3BD550A} => C:\Windows\system32\pcalua.exe -a C:\Users\Filip\Downloads\GameRangerSetup.exe -d C:\Users\Filip\Downloads
Task: {FA86D466-A155-4F2F-AD78-9E4C2469D58B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Helium Backup.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gpglbgbpeobllokpmeagpoagjbfknanl
==================== Loaded Modules (Whitelisted) ==============
2017-02-02 10:05 - 2015-04-24 19:12 - 002030592 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\COMCTL32.dll
2017-02-01 19:29 - 2009-04-16 14:08 - 000136704 _____ (Hewlett-Packard Company) [File not signed] C:\Windows\System32\hpf3l70v.dll
2017-02-01 19:35 - 2009-04-16 14:08 - 000248320 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpfpp70v.dll
2018-09-25 23:06 - 2018-09-25 23:06 - 000189952 _____ () [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
2017-02-02 10:01 - 2012-12-07 14:20 - 000441856 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Wpc.dll
2018-04-30 17:00 - 2018-04-30 17:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 069968896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-09-25 23:17 - 2018-09-25 23:17 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000109568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 22:07 - 2018-04-24 22:07 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2017-02-02 10:05 - 2015-04-24 19:17 - 000633856 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2018-06-27 15:36 - 2009-03-05 20:28 - 000102400 _____ (ASUS) [File not signed] C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsAcpi.dll
2009-05-21 22:03 - 2009-05-21 22:03 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-05-21 22:03 - 2009-05-21 22:03 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-05-21 22:13 - 2009-05-21 22:13 - 000248832 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2017-02-06 18:15 - 2017-02-06 18:15 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2017-02-06 18:15 - 2017-02-06 18:15 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2017-02-06 18:32 - 2017-02-06 18:32 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\AppVIsvSubsystems32.dll
2017-02-06 18:32 - 2017-02-06 18:32 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\c2r32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Dominik:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Filip:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Filip\Desktop\Obrázek (36).jpg:3or4kl4x13tuuug3Byamue2s4b [81]
AlternateDataStreams: C:\Users\Filip\Desktop\Obrázek (36).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-191281724-4012592549-602147791-1000\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2019-03-18 19:03 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-191281724-4012592549-602147791-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.111.252
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1A5DBEB9-645A-464F-9D9B-2730F4262EFD}] => (Allow) F:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C589D700-75BB-4F59-AE55-CFF0582716A8}] => (Allow) F:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5F3C2F46-9D45-4EAD-966A-1A002AA64534}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CFF8DE62-C6C4-4C5C-9A04-507E3FBB7A5D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{F8D66B84-F985-4E95-BEEF-D57B9339C495}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D519723A-CF92-43A6-9AFF-5B3A0190854B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{DC01D2AC-3F33-47F4-BA14-7C55D73FB743}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D4D44B7F-2B6E-46CE-B97C-20521831BAB6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed]
FirewallRules: [{D5D1272F-E025-4F1B-A0BF-578ACA72504A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5A940320-6B0B-4DC8-87A5-374E59418C64}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{2E8DF116-EB67-4F1D-B059-3053CC2FF215}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{B52DA1AD-5139-42CB-B04D-A7E198143856}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{6D4E8029-5857-4A27-B1AD-39ED086B35E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [TCP Query User{1781AC0B-6282-4767-9577-9CCBC881306B}C:\users\filip\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\filip\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{E89828C4-2D9D-48BE-B34F-34877750809D}C:\users\filip\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\filip\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [{D6B59065-DF58-4536-994E-0A20DC719F5F}] => (Allow) F:\Program Files\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{4E0E10ED-3610-4C0A-B32C-97A6290366AA}] => (Allow) F:\Program Files\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed]
FirewallRules: [{D7319B5F-0AB1-4F40-9BDE-ED4991390A39}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{240EDE03-947B-4C56-9C21-783A74E9F9F5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C8CD3FB-F94D-4E3C-AEE1-ECF0758B18C8}] => (Allow) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9ABCA9F5-5B55-48AA-A6A5-78601B91A0D7}] => (Allow) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F597F874-59CD-459E-8AC9-B4F6971B75AD}] => (Allow) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D25EEED8-9C70-4AFC-9127-515A296C7749}] => (Allow) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3FDFB8FB-43DF-48FE-8227-EDF3FC095B48}] => (Allow) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2FD24C14-929E-4090-AE42-4ECB8D5B42BD}] => (Allow) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7023A128-F21F-4FD1-977A-D917DE1F24D7}] => (Allow) F:\Hry\Heroes & Generals\live\hng.exe (Reto-Moto ApS -> ) [File not signed]
FirewallRules: [{1D238FE3-DF99-48B4-AC5E-B166614C5D15}] => (Allow) F:\Hry\Heroes & Generals\live\hng.exe (Reto-Moto ApS -> ) [File not signed]
FirewallRules: [{B9023F53-0053-4367-9C33-6505720E1B76}] => (Allow) F:\Program Files\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe () [File not signed]
FirewallRules: [{2A469BA6-58D8-4FFD-A47C-5A5F47C7291F}] => (Allow) F:\Program Files\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe () [File not signed]
FirewallRules: [TCP Query User{6F2E196D-3776-4088-A008-970625843A12}C:\users\dominik\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dominik\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{29C50949-7025-40B3-B331-A6599CD19B8D}C:\users\dominik\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dominik\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{40EA3B76-441B-488E-A9F0-38E86738C5F1}] => (Allow) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7BA43B41-A4C4-40F6-B381-75A18B893811}] => (Allow) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C6DE6D23-A4CD-436B-BE88-5CEB146EEF78}] => (Allow) F:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3266D99D-273A-420C-AC0E-F53E50B8C530}] => (Allow) F:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{271759A1-5C00-4EF5-8CCB-4AFFBC80610D}] => (Allow) F:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{77A6D948-340C-4809-9441-D7CFBFCC08F5}] => (Allow) F:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DB1D74FA-85FE-4EE1-B1F5-92BAF70D15D5}] => (Allow) F:\Program Files\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe () [File not signed]
FirewallRules: [{3714F230-915E-4B80-828A-F2E6BE20650E}] => (Allow) F:\Program Files\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe () [File not signed]
FirewallRules: [{CB55675E-5F49-4F8D-AC8A-402B81A9B883}] => (Allow) F:\Program Files\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe () [File not signed]
FirewallRules: [{3525782E-1B9D-45E8-AC9F-2BA45F28FF58}] => (Allow) F:\Program Files\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe () [File not signed]
FirewallRules: [{403DFE78-697F-400E-9495-FF27EFF91B5D}] => (Allow) F:\Program Files\Steam\steamapps\common\Hitman Absolution\HMA.exe (Valve Corp. -> )
FirewallRules: [{AB4F3BA2-260B-4B6F-AA67-4600CED1717B}] => (Allow) F:\Program Files\Steam\steamapps\common\Hitman Absolution\HMA.exe (Valve Corp. -> )
FirewallRules: [{F14A693F-93F9-4CA2-BF7D-C19430C8EFD5}] => (Allow) F:\Program Files\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [File not signed]
FirewallRules: [{B69C9605-50B2-4647-A3D6-31D58D4C1332}] => (Allow) F:\Program Files\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [File not signed]
FirewallRules: [TCP Query User{D85B3664-41CB-427D-BB67-22991145E2FC}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{066D39A9-7A84-4249-9D3D-6B4FEA5469D9}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B83E8363-6F6D-4324-8B30-D444B4BAEE3E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3CC31796-871B-4350-B9C6-38A131C36DE3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{F7195AB6-7765-4884-AE23-D58804FDF0D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4776D9C5-E653-483E-B1F4-0180455B3522}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{8E681FA6-6780-46CF-B17F-B9DEA365F190}F:\program files\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) F:\program files\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [UDP Query User{F384DA48-875A-42DA-9E1A-C180F96D683F}F:\program files\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) F:\program files\steam\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe () [File not signed]
FirewallRules: [{B1ACBF2E-5D4F-4933-B3B5-B63F97F2B9BE}] => (Allow) F:\Program Files\Evolve\EvoSvc.exe (Echobit, LLC -> Echobit LLC)
FirewallRules: [{B043F7EA-558A-4B95-9690-9382005A926D}] => (Allow) F:\Program Files\Evolve\EvolveClient.exe (Echobit, LLC -> Echobit LLC)
FirewallRules: [{D3C551DD-7430-4ADC-8551-2EF65EDC2E16}] => (Allow) F:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1F834AE2-BDDD-472E-8EBF-6C615CA8CB4A}] => (Allow) F:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FD85BCAA-DFBD-4393-B685-2DDBD898E54C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40171F9F-F0EA-4BC5-A885-ECF998E26BD1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{89C2D7A2-0408-4439-8061-DA5B015687B2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5099F674-1B09-4342-9363-4453BCC29665}] => (Allow) F:\Hry\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{159C689E-4A72-4156-A864-AB98F737486C}] => (Allow) F:\Hry\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{9D341C9F-A4A0-4EBB-8647-34392949F315}] => (Allow) F:\Hry\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{C5C4D8C4-9392-47FB-BC95-BAC222F1DD07}] => (Allow) F:\Hry\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D87B6AF2-E9D6-46B6-A3D5-071B016F2A76}] => (Allow) F:\Program Files\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{74BBDD0E-5BE3-44B3-ADA5-A2773249F501}] => (Allow) F:\Program Files\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{38A727AB-5381-4875-87D5-069F7146C747}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CB029ABD-A4DB-4DFD-904A-50DB3986C884}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{868AD925-A72B-492E-B37D-22407C2F0281}] => (Allow) F:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3F1301E7-034E-416D-8524-AC4B5C501159}] => (Allow) F:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{46F0E1C8-1474-4725-A617-63D13BFA1B80}] => (Allow) F:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{381B9467-5C56-4F95-B55A-C2936C207926}] => (Allow) F:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{C1816AA5-F8DC-4BBE-B2E1-AF9FF44E7A9F}C:\users\filip\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\filip\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{4FFA0CA4-F10B-451D-BA83-CACE6F4AD7F9}C:\users\filip\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\filip\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [{38884986-EFDC-43ED-A62B-006BDA851409}] => (Allow) F:\Hry\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{9DD8DB62-F597-422F-91C3-273585371557}] => (Allow) F:\Hry\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{C335FAD1-3271-4965-B4E0-51D005D83950}] => (Allow) F:\Hry\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{AC7FEA44-8DFD-4363-BBC4-7AE61616F547}] => (Allow) F:\Hry\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{B27EEC4C-7C8F-4C8B-9874-CA6576B724B6}] => (Allow) F:\Program Files\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{8DCE4C1C-8B97-44E9-9BD9-86438C30B271}] => (Allow) F:\Program Files\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{2FF6FE81-BFB5-431E-A11C-E58EF4A1300B}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{6A639258-7BCB-49AE-AC81-DFE32EF12C9A}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{E87FEE3C-0712-461F-AFD8-576C9492B3B5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{FFC1E6BB-5621-4038-9772-0ACFE28ECB1B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C344AC95-1E08-42AA-9B15-0EDA6BBEB8D4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
15-03-2019 23:45:20 Windows Update
16-03-2019 07:48:18 Nainstalováno rozhraní DirectX
16-03-2019 08:09:40 Nainstalováno rozhraní DirectX
16-03-2019 08:19:47 Nainstalováno rozhraní DirectX
16-03-2019 09:22:33 Windows Update
16-03-2019 18:03:53 Windows Update
17-03-2019 10:44:58 Windows Update
17-03-2019 20:00:18 Windows Update
17-03-2019 20:20:41 Windows Update
18-03-2019 15:49:12 Windows Update
18-03-2019 20:00:18 Windows Update
18-03-2019 20:02:01 SPTD setup V1.90
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/18/2019 08:06:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/18/2019 08:01:59 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {2119b06a-eaa9-4139-8377-41bc3ff89296}
Error: (03/18/2019 07:57:11 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: SteamService: Invalid file signature F:\Program Files\Steam\bin\SteamService.dll
Error: (03/18/2019 07:57:11 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Unable to acquire sharing lock on new service file
Error: (03/18/2019 07:57:08 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: SteamService: Invalid file signature F:\Program Files\Steam\bin\SteamService.dll
Error: (03/18/2019 07:57:08 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Unable to acquire sharing lock on new service file
Error: (03/18/2019 07:57:07 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: SteamService: Invalid file signature F:\Program Files\Steam\bin\SteamService.dll
Error: (03/18/2019 07:57:06 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Unable to acquire sharing lock on new service file
System errors:
=============
Error: (03/18/2019 08:11:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.
Error: (03/18/2019 08:09:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
Error: (03/18/2019 08:09:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535
Error: (03/18/2019 08:09:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
Error: (03/18/2019 08:09:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535
Error: (03/18/2019 08:09:22 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630801.
Error: (03/18/2019 08:09:22 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630801.
Error: (03/18/2019 08:09:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535
CodeIntegrity:
===================================
Date: 2019-03-18 18:57:58.080
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-03-18 18:57:57.659
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 37%
Total physical RAM: 16366.12 MB
Available physical RAM: 10163.44 MB
Total Virtual: 33730.38 MB
Available Virtual: 26279.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:467.88 GB) (Free:160.82 GB) NTFS
Drive f: (Data) (Fixed) (Total:463.53 GB) (Free:114.98 GB) NTFS
\\?\Volume{4ab94d06-e889-11e6-9b46-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Chybná bitová kopie
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Chybná bitová kopie
- Přílohy
-
- chyba.JPG (29.72 KiB) Zobrazeno 1420 x
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Chybná bitová kopie
Zdravím!
Fórum viry.cz není herním fórem, ale bezpečnostím. V hrách se moc nevyznáme. V Google jsem našel toto: https://stahnu.cz/poradna/pocitacove-hr ... put1-3-dll . Jinak se obraťte na nějaké herní fórum, tam vám dají fundovanější odpověď.
Fórum viry.cz není herním fórem, ale bezpečnostím. V hrách se moc nevyznáme. V Google jsem našel toto: https://stahnu.cz/poradna/pocitacove-hr ... put1-3-dll . Jinak se obraťte na nějaké herní fórum, tam vám dají fundovanější odpověď.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Chybná bitová kopie
Díky! Odkaz pomohl a je vyřešeno.
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Chybná bitová kopie
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?