Avast hlásí powershell.exe

[Bender]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Bender (administrator) on MACHINAMANIFIKA (11-04-2018 11:19:51)
Running from C:\Users\Bender\Desktop
Loaded Profiles: Bender (Available Profiles: Bender)
Platform: Windows 10 Pro Version 1709 16299.309 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-09-30] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-12] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9d91fb0c-9262-43e2-8167-6f58aa59ef10}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131447556187635604&GUID=6546327C-DA7C-4125-A3AF-28646B82BC7B
SearchScopes: HKU\S-1-5-21-1516928578-2532743376-384880014-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10405__170717__yaie&p={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-20] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-20] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: 0dwf6kv4.default
FF ProfilePath: C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default [2018-04-11]
FF user.js: detected! => C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\user.js [2017-06-29]
FF Homepage: Mozilla\Firefox\Profiles\0dwf6kv4.default -> seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\0dwf6kv4.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10405__170717__yaff
FF Session Restore: Mozilla\Firefox\Profiles\0dwf6kv4.default -> is enabled.
FF Extension: (IBM Security Rapport) - C:\Users\Bender\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2018-03-22]
FF Extension: (Avast Passwords) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2018-04-11]
FF Extension: (Avast SafePrice) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\sp@avast.com.xpi [2018-03-08]
FF Extension: (Avast Online Security) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\wrc@avast.com.xpi [2017-10-06]
FF Extension: (Adblock Plus) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_140.dll [2018-04-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-11] ()
FF Plugin-x32: @haitao.com/npHaitaoPlugin -> C:\Users\Bender\AppData\Local\htyh\application\htwebHelper.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-20] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-12] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-12] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-03-18] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2158912 2018-03-19] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3028808 2018-03-19] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2017-05-14] ()
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5243208 2018-03-11] (IBM Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2018-01-23] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2016-05-29] (Advanced Micro Devices Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196648 2018-03-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-12] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-12] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [215320 2018-03-12] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-03-12] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146656 2018-03-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-03-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-03-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-03-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-03-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-03-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-03-12] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-06-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-06-01] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-05-29] (REALiX(tm))
R1 ntknsv; C:\WINDOWS\System32\drivers\ntknsv.sys [126880 2018-04-08] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [482600 2018-03-11] (IBM Corp.)
R1 RapportCerberus_1908115; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1908115.sys [1628776 2018-03-21] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [695592 2018-03-11] (IBM Corp.)
S3 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [331240 2018-03-11] (IBM Corp.)
S3 RapportIaso; no ImagePath
S3 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [590824 2018-03-11] (IBM Corp.)
S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [736488 2018-03-11] (IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-26] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-11 11:19 - 2018-04-11 11:20 - 000014623 _____ C:\Users\Bender\Desktop\FRST.txt
2018-04-11 11:19 - 2018-04-11 11:19 - 000000000 ____D C:\FRST
2018-04-11 11:18 - 2018-04-11 11:18 - 002403328 _____ (Farbar) C:\Users\Bender\Desktop\FRST64.exe
2018-04-08 08:49 - 2018-04-08 08:49 - 000126880 _____ C:\WINDOWS\system32\Drivers\ntknsv.sys
2018-04-01 22:20 - 2018-04-01 23:20 - 000000000 ____D C:\Users\Bender\AppData\Local\Warframe
2018-03-27 23:01 - 2017-10-11 03:05 - 000186304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-03-27 23:01 - 2017-10-11 03:05 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-03-27 12:14 - 2018-03-31 16:05 - 000000000 ____D C:\Users\Bender\Documents\ProfileCache
2018-03-27 12:14 - 2018-03-31 15:58 - 000000000 ____D C:\Users\Bender\Documents\The Crew
2018-03-25 16:28 - 2018-03-25 16:29 - 000000000 ____D C:\Users\Bender\Documents\NFS Most Wanted
2018-03-14 10:57 - 2018-03-01 09:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 10:57 - 2018-03-01 09:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-14 10:57 - 2018-03-01 08:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-03-14 10:57 - 2018-03-01 08:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-14 10:57 - 2018-03-01 08:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-14 10:57 - 2018-03-01 08:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-14 10:56 - 2018-03-02 05:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-14 10:56 - 2018-03-02 05:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-14 10:56 - 2018-03-02 05:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-14 10:56 - 2018-03-02 05:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 10:56 - 2018-03-02 05:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-14 10:56 - 2018-03-02 05:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-14 10:56 - 2018-03-02 04:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-03-14 10:56 - 2018-03-01 22:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-14 10:56 - 2018-03-01 09:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-14 10:56 - 2018-03-01 09:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-14 10:56 - 2018-03-01 09:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-14 10:56 - 2018-03-01 09:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-14 10:56 - 2018-03-01 09:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-14 10:56 - 2018-03-01 09:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-14 10:56 - 2018-03-01 09:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-14 10:56 - 2018-03-01 09:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-14 10:56 - 2018-03-01 09:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-14 10:56 - 2018-03-01 09:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-14 10:56 - 2018-03-01 09:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-03-14 10:56 - 2018-03-01 09:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-14 10:56 - 2018-03-01 09:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-14 10:56 - 2018-03-01 09:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-14 10:56 - 2018-03-01 09:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-14 10:56 - 2018-03-01 09:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-14 10:56 - 2018-03-01 09:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-14 10:56 - 2018-03-01 09:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-14 10:56 - 2018-03-01 09:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-03-14 10:56 - 2018-03-01 09:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-03-14 10:56 - 2018-03-01 09:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-03-14 10:56 - 2018-03-01 09:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-03-14 10:56 - 2018-03-01 09:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-14 10:56 - 2018-03-01 09:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-03-14 10:56 - 2018-03-01 09:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-14 10:56 - 2018-03-01 09:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-03-14 10:56 - 2018-03-01 09:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-03-14 10:56 - 2018-03-01 09:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-03-14 10:56 - 2018-03-01 09:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-14 10:56 - 2018-03-01 09:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-14 10:56 - 2018-03-01 09:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-14 10:56 - 2018-03-01 09:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-03-14 10:56 - 2018-03-01 09:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-03-14 10:56 - 2018-03-01 09:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-03-14 10:56 - 2018-03-01 09:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-14 10:56 - 2018-03-01 09:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-14 10:56 - 2018-03-01 09:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-14 10:56 - 2018-03-01 09:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-14 10:56 - 2018-03-01 09:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-14 10:56 - 2018-03-01 09:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-03-14 10:56 - 2018-03-01 08:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-03-14 10:56 - 2018-03-01 08:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-03-14 10:56 - 2018-03-01 08:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-14 10:56 - 2018-03-01 08:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-14 10:56 - 2018-03-01 08:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-03-14 10:56 - 2018-03-01 08:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-14 10:56 - 2018-03-01 08:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 10:56 - 2018-03-01 08:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-03-14 10:56 - 2018-03-01 08:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-03-14 10:56 - 2018-03-01 08:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-14 10:56 - 2018-03-01 08:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-14 10:56 - 2018-03-01 08:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-14 10:56 - 2018-03-01 08:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-03-14 10:56 - 2018-03-01 08:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-14 10:56 - 2018-03-01 08:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-14 10:56 - 2018-03-01 08:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-14 10:56 - 2018-03-01 08:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-03-14 10:56 - 2018-03-01 08:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-14 10:56 - 2018-03-01 08:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-14 10:56 - 2018-03-01 08:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-03-14 10:56 - 2018-03-01 08:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-14 10:56 - 2018-03-01 08:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-14 10:56 - 2018-03-01 07:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 10:56 - 2018-03-01 07:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-14 10:56 - 2018-03-01 07:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-14 10:56 - 2018-03-01 07:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-14 10:56 - 2018-03-01 07:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-14 10:56 - 2018-03-01 07:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-03-14 10:56 - 2018-03-01 07:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-14 10:56 - 2018-03-01 07:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-03-14 10:56 - 2018-03-01 07:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-14 10:56 - 2018-03-01 07:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-03-14 10:56 - 2018-03-01 07:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-03-14 10:56 - 2018-03-01 07:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-14 10:56 - 2018-03-01 07:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-03-14 10:56 - 2018-03-01 07:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-14 10:56 - 2018-03-01 07:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-14 10:56 - 2018-03-01 07:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-14 10:56 - 2018-03-01 07:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-14 10:56 - 2018-03-01 07:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-03-14 10:56 - 2018-03-01 07:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-14 10:56 - 2018-03-01 07:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-14 10:56 - 2018-03-01 07:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-14 10:56 - 2018-03-01 07:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-14 10:56 - 2018-03-01 07:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-14 10:56 - 2018-03-01 07:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-03-14 10:56 - 2018-03-01 07:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-03-14 10:56 - 2018-03-01 07:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-14 10:56 - 2018-03-01 07:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-14 10:56 - 2018-03-01 07:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-03-14 10:56 - 2018-03-01 07:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-14 10:56 - 2018-03-01 07:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-14 10:56 - 2018-03-01 07:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 10:56 - 2018-03-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-14 10:56 - 2018-03-01 07:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-14 10:56 - 2018-03-01 07:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-03-14 10:56 - 2018-03-01 07:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-14 10:56 - 2018-03-01 07:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-14 10:56 - 2018-03-01 07:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-14 10:56 - 2018-03-01 07:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-14 10:56 - 2018-03-01 07:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-14 10:56 - 2018-03-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-14 10:56 - 2018-03-01 07:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-03-14 10:56 - 2018-03-01 07:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-03-14 10:56 - 2018-03-01 07:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-14 10:56 - 2018-03-01 07:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-14 10:56 - 2018-03-01 07:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-03-14 10:56 - 2018-03-01 07:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-03-14 10:56 - 2018-03-01 07:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-14 10:56 - 2018-03-01 07:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-03-14 10:56 - 2018-03-01 07:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-14 10:56 - 2018-03-01 07:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-03-14 10:56 - 2018-03-01 07:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-03-14 10:56 - 2018-03-01 07:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-03-14 10:56 - 2018-03-01 07:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-03-14 10:56 - 2018-03-01 07:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-14 10:56 - 2018-03-01 07:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-14 10:56 - 2018-03-01 07:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-14 10:56 - 2018-03-01 07:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-14 10:56 - 2018-03-01 07:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-14 10:56 - 2018-03-01 07:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-03-14 10:56 - 2018-03-01 07:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-03-14 10:56 - 2018-03-01 07:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-14 10:56 - 2018-03-01 07:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-14 10:56 - 2018-03-01 07:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-14 10:56 - 2018-03-01 07:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-14 10:56 - 2018-03-01 07:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-14 10:56 - 2018-02-22 04:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-14 10:56 - 2018-02-22 04:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-14 10:56 - 2018-02-22 04:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-14 10:56 - 2018-02-22 04:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-14 10:56 - 2018-02-22 04:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-14 10:56 - 2018-02-22 04:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-14 10:56 - 2018-02-22 04:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-14 10:56 - 2018-02-22 04:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-14 10:56 - 2018-02-22 04:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-14 10:56 - 2018-02-22 04:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-14 10:56 - 2018-02-22 04:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-14 10:56 - 2018-02-22 04:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-14 10:56 - 2018-02-22 04:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-14 10:56 - 2018-02-22 04:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-14 10:56 - 2018-02-22 04:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-14 10:56 - 2018-02-22 04:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-14 10:56 - 2018-02-22 03:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-14 10:56 - 2018-02-22 03:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-14 10:56 - 2018-02-22 03:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-14 10:56 - 2018-02-22 03:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-14 10:56 - 2018-02-22 03:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-14 10:56 - 2018-02-22 03:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-14 10:56 - 2018-02-22 03:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-14 10:56 - 2018-02-22 03:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-14 10:56 - 2018-02-22 02:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-14 10:56 - 2018-02-22 02:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-14 10:56 - 2018-02-22 02:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-14 10:56 - 2018-02-22 02:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-14 10:56 - 2018-02-22 02:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-14 10:56 - 2018-02-22 02:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-14 10:56 - 2018-02-22 02:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-14 10:56 - 2018-02-22 02:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-14 10:56 - 2018-02-22 02:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-14 10:43 - 2018-04-11 10:09 - 000004656 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-13 09:59 - 2018-03-13 09:59 - 000002144 _____ C:\Users\Bender\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2018-03-13 09:59 - 2018-03-13 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
2018-03-12 09:59 - 2018-03-12 09:59 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-11 10:59 - 2018-01-24 10:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-04-11 10:09 - 2018-01-24 10:30 - 000004506 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-04-11 10:09 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-04-11 10:09 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-04-11 09:34 - 2016-05-29 11:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-11 09:31 - 2017-10-11 19:01 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-11 09:31 - 2016-05-29 11:41 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-11 09:26 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-11 09:19 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-04-11 09:12 - 2018-01-24 10:33 - 002367286 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-11 09:12 - 2017-09-30 16:30 - 001051694 _____ C:\WINDOWS\system32\perfh005.dat
2018-04-11 09:12 - 2017-09-30 16:30 - 000243006 _____ C:\WINDOWS\system32\perfc005.dat
2018-04-11 09:09 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-11 09:06 - 2018-01-24 10:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-11 09:06 - 2017-04-24 22:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-10 08:50 - 2018-01-24 10:30 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-04-08 23:51 - 2018-01-24 10:23 - 000000000 ____D C:\Users\Bender
2018-04-08 08:52 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-08 08:50 - 2016-05-29 10:44 - 000000000 ____D C:\ProgramData\ProductData
2018-04-06 15:25 - 2018-01-24 10:30 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-04-01 22:20 - 2016-06-03 15:29 - 000000000 ____D C:\Users\Bender\AppData\Local\CrashDumps
2018-04-01 22:04 - 2016-05-31 09:05 - 000000000 ____D C:\ProgramData\Origin
2018-04-01 21:59 - 2016-05-31 09:06 - 000000000 ____D C:\Users\Bender\AppData\Roaming\Origin
2018-04-01 21:55 - 2016-05-31 09:23 - 000000000 ___RD C:\Users\Bender\Desktop\Hry
2018-04-01 21:38 - 2016-05-31 08:59 - 000000000 ____D C:\Users\Bender\AppData\Local\Ubisoft Game Launcher
2018-03-30 23:41 - 2016-11-04 15:43 - 000002357 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2018-03-30 23:40 - 2018-01-24 10:30 - 000003042 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Bender)
2018-03-30 23:13 - 2016-05-29 18:51 - 000000000 ____D C:\Users\Bender\Documents\The Witcher 3
2018-03-30 21:08 - 2017-04-24 22:55 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-27 23:04 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-27 23:03 - 2017-04-24 22:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-27 23:03 - 2017-01-29 15:43 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-03-27 23:02 - 2018-01-24 10:30 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:02 - 2018-01-24 10:30 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:02 - 2018-01-24 10:30 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:02 - 2017-04-24 22:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-27 23:01 - 2018-01-24 10:30 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:01 - 2018-01-24 10:30 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:01 - 2018-01-24 10:30 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:01 - 2018-01-24 10:30 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:01 - 2018-01-24 10:30 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 12:19 - 2016-11-06 11:00 - 000000000 ____D C:\Fraps
2018-03-27 12:15 - 2018-01-24 10:30 - 000002502 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Bender
2018-03-27 12:15 - 2017-07-18 09:44 - 000000312 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Bender.job
2018-03-27 12:13 - 2016-09-03 09:45 - 000000000 ____D C:\Users\Bender\AppData\Local\Ubisoft
2018-03-21 17:58 - 2017-07-25 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2018-03-19 18:50 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-15 10:50 - 2016-10-03 20:17 - 000000000 ___RD C:\Users\Bender\3D Objects
2018-03-15 10:50 - 2016-02-13 15:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-15 10:49 - 2018-01-24 10:21 - 000230888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-14 12:38 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-03-14 12:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-14 12:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-14 12:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-14 12:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-03-14 11:01 - 2017-09-29 15:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-03-14 11:01 - 2017-09-29 15:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-03-13 09:54 - 2016-05-29 11:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-13 09:52 - 2016-10-02 18:59 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-03-12 10:00 - 2017-07-28 19:48 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000196648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000146656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-03-12 09:59 - 2018-01-23 19:07 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-03-12 09:59 - 2017-10-05 12:42 - 000215320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys

==================== Files in the root of some directories =======

2017-05-14 22:57 - 2017-05-14 22:57 - 000011568 _____ () C:\Users\Bender\AppData\Local\InstallationConfiguration.xml
2017-05-14 22:57 - 2017-05-14 22:57 - 000140800 _____ () C:\Users\Bender\AppData\Local\installer.dat
2017-09-30 19:42 - 2017-09-30 21:07 - 000007598 _____ () C:\Users\Bender\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-10 12:06

==================== End of FRST.txt ============================

[Bender]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Bender (11-04-2018 11:20:54)
Running from C:\Users\Bender\Desktop
Windows 10 Pro Version 1709 16299.309 (X64) (2018-01-24 08:32:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1516928578-2532743376-384880014-500 - Administrator - Disabled)
Bender (S-1-5-21-1516928578-2532743376-384880014-1001 - Administrator - Enabled) => C:\Users\Bender
DefaultAccount (S-1-5-21-1516928578-2532743376-384880014-503 - Limited - Disabled)
Guest (S-1-5-21-1516928578-2532743376-384880014-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1516928578-2532743376-384880014-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation)
Fallout 4 - Čeština (HKLM-x32\...\{980A3524-F865-4EA3-8486-FBF16D9FFCE4}) (Version: 0.9.2 - Fallout 4 - Čeština)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.27.5284 - GOM & Company)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.119 - IObit)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Light Image Resizer 4.7.7.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 57.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 57.0.2 (x86 cs)) (Version: 57.0.2 - Mozilla)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1908.152 - Trusteer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.15.44004 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1908.152 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2015 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Witcher 3 Wild Hunt Blood and Wine (HKLM-x32\...\The Witcher 3 Wild Hunt Blood and Wine_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-12-23] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-12-23] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-12-23] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1CCB0EC2-24CF-49C1-A092-9A5195BCDA4C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {24673CCF-54DD-4E28-9A6E-AFAE2626A652} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {26EFDE3D-2E4C-4174-B268-BA32CC1E5DDB} - System32\Tasks\S-1-5-21-1516928578-2532743376-384880014-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {49381CCD-425E-4303-B73B-E4C6CC0C583F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {4B758AD2-8DAE-4BC8-ADB7-75FCB9244CA7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {58B57074-C14C-4249-910C-25C6E66A2B40} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {66220572-36D6-4FC1-8817-D456D87C22F6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-10] (AVAST Software)
Task: {7310D5BB-8688-4063-B926-65ED0EDC0026} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Windows\Manager.exe
Task: {75FDC296-0A78-4072-909A-2BE90702F299} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {7629318C-D588-43B4-A550-44F700CA9CF7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {7641C45F-52B7-4D38-86F7-1E4C18629B35} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe <==== ATTENTION
Task: {7D044BEF-F9CF-4F4E-BDDD-50F0CACAB9BC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {8A678F1D-B054-45B3-8D11-3BD0676BCD61} - System32\Tasks\Driver Booster SkipUAC (Bender) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit)
Task: {93331CB7-DB10-4622-A5DE-7A3078AE32D6} - System32\Tasks\Uninstaller_SkipUac_Bender => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-06-01] (IObit)
Task: {9B6D07CB-69EB-47DE-852F-881C76128094} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {A2B791A8-907F-4963-A4F9-E4D59600A048} - \{7A047D47-0579-0579-0E11-7F040F7A110A} -> No File <==== ATTENTION
Task: {B452EF84-A319-4596-AB84-76AE0CB52782} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-12] (AVAST Software)
Task: {B9106A5D-9A4C-4527-9379-5E04C97CF821} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {C3120FBC-96B0-4166-91C4-1C3C13735C4E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {D8B0E1A9-EEC2-4F96-A1AA-21A5AE33DA30} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E4A31CAB-5608-4DEB-AD8C-1697CC903872} - System32\Tasks\Microsoft\Windows\Multimedia\Driver => C:\WINDOWS\SysWOW64\Easeware.Driver.exe
Task: {F0528A06-4965-413E-A40F-DE68A4577012} - System32\Tasks\Microsoft\Windows\WS\WSLicenses => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe
Task: {F40D40F7-F238-4BBF-8B9F-1B7BBD72F4CB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {FFAD04E0-5D4D-4513-9C87-D14793606A5F} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\Scheduler.exe [2017-03-28] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Bender.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-01-29 15:43 - 2017-10-11 03:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-30 11:11 - 2017-05-14 21:48 - 000075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-03-14 10:56 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 10:56 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-06 15:29 - 2018-04-06 15:30 - 000178688 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.6.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-03-09 15:57 - 2018-03-09 15:57 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2016-06-03 16:39 - 2015-12-23 16:27 - 000629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2017-01-29 15:43 - 2017-10-11 03:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2018-03-12 09:59 - 2018-03-12 09:59 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-12 09:59 - 2018-03-12 09:59 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-12 09:59 - 2018-03-12 09:59 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-01-29 15:43 - 2017-10-11 03:05 - 070805952 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-06-03 16:39 - 2015-12-23 16:27 - 000355616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-06-03 16:39 - 2015-12-23 16:27 - 000190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-06-03 16:39 - 2015-12-23 16:27 - 000057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-10-14 17:25 - 2017-07-17 10:51 - 000001148 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 dscdn.pw
127.0.0.1 beautifllink.xyz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Control Panel\Desktop\\Wallpaper -> d:\foto\3d\stretched-249788.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DAEMON Tools Lite Automount =>
MSCONFIG\startupreg: OneDrive =>
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "Uninstall 17.3.6917.0607"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "Uninstall 17.3.6917.0607\amd64"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{44999D66-721E-4081-9CA7-21291EC27DDD}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{8EC91400-657A-4C16-87E1-14D4501AED64}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{6D39F91E-0BC4-4ED1-8B3D-BE09ADDBEC78}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{354FFC30-99E2-43D7-BE3E-FA093FF1D065}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [UDP Query User{6200E2FD-84B9-4A87-B51C-7483B06E0703}D:\staženo\mashinky.v24.10.2017\mashinky.exe] => (Block) D:\staženo\mashinky.v24.10.2017\mashinky.exe
FirewallRules: [TCP Query User{46B09289-2C67-423D-A9F6-5ED2A3A1BB90}D:\staženo\mashinky.v24.10.2017\mashinky.exe] => (Block) D:\staženo\mashinky.v24.10.2017\mashinky.exe
FirewallRules: [{AA5B2D93-8686-4476-BD27-6B1798393DF2}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{33EF6988-E674-4F32-83DC-88A079F14093}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{13106448-6E98-43FB-8A55-03ED88019B65}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{8D2F6EA2-D2E2-4C0F-B021-A123E86B47A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{06292264-098E-4D7B-B2C4-8BA118AAC9B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4BC6F340-4ADF-4617-BEBF-040E4A68E8E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7A409E0A-1E91-4874-9A75-B0AE29CA8C59}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7B94DA6A-5989-468F-8303-B551103B11CB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{2D8E153E-359E-407E-AB6F-2C36E698577F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{42A9C047-C727-4316-9526-77079D5364E8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{DFDF6E49-4B00-4FF0-85A8-987535101D0C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{BD8E31EC-4867-4073-A888-24B0202A60D6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{3515770B-663F-4361-AC10-F9AADF93FA1C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [UDP Query User{D45068D7-08B6-47CE-9A6D-BE2777514288}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E1CD92E5-E80D-4609-BE33-F3E862BE762C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B862F498-81DA-4497-B467-B52A89842105}] => (Allow) D:\Steam\steamapps\common\Company of Heroes\RelicCOH.exe
FirewallRules: [{4BE43BA2-DCE1-44C2-8A94-D454FEE0DC8F}] => (Allow) D:\Steam\steamapps\common\Company of Heroes\RelicCOH.exe
FirewallRules: [{2315F305-C9F4-47CB-81CA-BF973762BA31}] => (Allow) D:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{7A118793-C22D-425F-93F0-EF09CA0E7D73}] => (Allow) D:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [UDP Query User{F29F9D5A-26A0-40D9-8152-24E1A63F7601}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{BFFEFC84-5CC0-468A-A2CF-DC22F0716B49}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{61994760-8C79-4179-8901-E7347AB3F6D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A2B4AEB4-6F50-4378-8B7C-B5BE876DF14A}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [UDP Query User{F8C1939D-A53F-4B3F-9089-1C38C8854FFA}D:\steam\steamapps\common\war thunder\win32\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win32\aces.exe
FirewallRules: [TCP Query User{51F4D50E-647B-4028-8542-72193E80707B}D:\steam\steamapps\common\war thunder\win32\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win32\aces.exe
FirewallRules: [{D069EBB0-5A48-4863-86C4-51C614BFD188}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{5EE2D73D-5756-4C8C-9515-F21C52A9F9DB}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{AAE38085-57E0-4690-BE96-CB17424567E6}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{42B8DA41-6101-4916-9AD9-16A9F32F27BC}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B19990AA-9635-42A7-9182-58B9FEB650E8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{56E69D23-3CBF-4F9C-B1F5-1CAD7B64ACF3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{5E6E7149-D0A8-49CC-8DB2-0CF88C738404}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0319C74A-688F-4A0F-AF66-9E52846CA8E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C60EF214-1CAB-4A00-84F0-97ECFFAB7458}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D8C21FC0-C921-4274-94F5-CBC4CDFFCB0A}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E7663570-99B8-4A08-91BD-80C3B3246115}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{409F8A3F-BB6F-4732-A658-4EED1A3CFF6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EEBE9890-6731-4970-AEFB-585769C82F01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DDBEBDF1-6455-47E6-9DBC-72325631FA47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C0B98CDF-9188-47EF-A8F1-A7ADAFA2AF80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F03E7C5-F111-4622-ACC6-58494C6AB32D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0C884D40-0EAD-4C7D-9AA1-7A0F2DBF7029}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{15474BFB-EF16-4AA8-B595-5EE6E46E328D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{49263828-1CFC-41ED-8F9B-7D378522A321}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{63C83012-2760-472B-9484-9C5044B22ECE}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{343B2D30-775D-4542-9EA4-0F2148A710FD}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{C2A6DE3A-C55F-4085-958A-3EA91D9D1EA3}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{04C9F88F-1DC9-4AB7-AD3B-A8B69B217D99}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{24AAB8C5-C809-4E79-92BA-EC9F8E40F5FA}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{76A0E705-1A24-419B-A471-B8044BD20CB7}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D5CF4331-B06C-4798-9507-C8C31230E9F2}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8D8C67E7-4F87-4117-820E-901FE996DB91}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6D368595-4057-483C-81DC-B87A03BEE544}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4C82C9CC-505F-46DC-B35A-659851346C56}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{10192150-DB05-4365-AB1F-47BBD7EC93FE}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AEB4F2B8-C823-4F0D-B6CD-FC8122AA5FF8}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{099D62FB-9D0E-4FA0-9E08-277441D7079C}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8D26D8D8-6001-40FB-9881-32D8CC385EB6}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/11/2018 09:33:59 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (04/01/2018 10:20:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Launcher.exe_unknown, verze: 2018.3.19.16, časové razítko: 0x5ab01ece
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.248, časové razítko: 0x3a21d961
Kód výjimky: 0xc0000374
Posun chyby: 0x000da879
ID chybujícího procesu: 0x18ac
Čas spuštění chybující aplikace: 0x01d3c9f6d99b6218
Cesta k chybující aplikaci: D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: a912ee82-e215-4c6b-8815-5c0fad6ab0ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/01/2018 09:44:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.

Error: (03/31/2018 03:52:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TheCrew.exe, verze: 1.2.0.0, časové razítko: 0x58bef6d2
Název chybujícího modulu: TheCrew.exe, verze: 1.2.0.0, časové razítko: 0x58bef6d2
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000071971
ID chybujícího procesu: 0x10e8
Čas spuštění chybující aplikace: 0x01d3c8f3eb93c155
Cesta k chybující aplikaci: D:\Games\The Crew (Worldwide)\TheCrew.exe
Cesta k chybujícímu modulu: D:\Games\The Crew (Worldwide)\TheCrew.exe
ID zprávy: 759955e8-9682-4aa2-9d15-1c790ff1f2a7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2018 11:00:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.

Error: (03/20/2018 06:20:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.

Error: (03/14/2018 11:14:18 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/08/2018 08:04:27 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program COM Surrogate.

Program: COM Surrogate
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 11111111
Typ disku: 0


System errors:
=============
Error: (04/11/2018 09:06:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:09:01, ‎10.‎04.‎2018) bylo neočekávané.

Error: (04/10/2018 12:08:28 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/08/2018 09:07:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:40:14, ‎08.‎04.‎2018) bylo neočekávané.

Error: (04/08/2018 02:31:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/08/2018 02:31:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (04/08/2018 12:40:14 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:02:52, ‎08.‎04.‎2018) bylo neočekávané.

Error: (04/08/2018 10:16:38 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/08/2018 09:56:01 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 35%
Total physical RAM: 8189.24 MB
Available physical RAM: 5296.61 MB
Total Virtual: 11261.24 MB
Available Virtual: 7548.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.46 GB) (Free:79.37 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:182.61 GB) NTFS

\\?\Volume{99474600-2572-11e6-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS
\\?\Volume{d08e5fa2-0000-0000-0000-50b31d000000}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: D08E5FA2)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 350A3509)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Bender]

# AdwCleaner 7.0.8.0 - Logfile created on Wed Apr 11 11:28:59 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 2018-04-10.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\All Users\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\Bender\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\All Users\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\Bender\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy, C:\ProgramData\Application Data\lavasoft\web companion
PUP.Optional.Legacy, C:\Program Files (x86)\lavasoft\web companion
PUP.Optional.Legacy, C:\Users\Bender\AppData\Local\Tencent
PUP.Optional.Legacy, C:\Users\Bender\AppData\Local\AdvinstAnalytics
PUP.Optional.UCBrowser, C:\Users\Bender\AppData\Roaming\UCChannel
PUP.Optional.UCBrowser, C:\Program Files (x86)\UCBrowser
PUP.Optional.UCBrowser, C:\Users\Bender\AppData\Local\UCBrowser
PUP.Optional.OneSystemCare, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
PUP.Optional.WebCompanion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WindowsErrorReporting, C:\ProgramData\WindowsErrorReporting
PUP.Optional.WindowsErrorReporting, C:\ProgramData\WindowsErrorReporting
PUP.Optional.WindowsErrorReporting, C:\Users\All Users\WindowsErrorReporting
Adware.OxyPumper, C:\Users\Bender\AppData\Local\SrvInetInfo
PUP.Optional.MirageISO, C:\Users\Public\Documents\XMUpdate


***** [ Files ] *****

PUP.Optional.Legacy, C:\Users\Bender\appdata\local\installationconfiguration.xml


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy, Driver Booster Scheduler
PUP.Optional.Legacy, Microsoft\Windows\Multimedia\Manager
PUP.Optional.BitCoinMiner, Microsoft\Windows\Multimedia\Driver


***** [ Registry ] *****

Adware.Elex, [Key] - HKLM\SOFTWARE\initialsite123Software
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\VideoBox
PUP.Optional.Legacy, [Key] - HKCU\Software\VideoBox
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchy
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD0688A5-FC8B-4E93-A485-CBF606A56D49}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
PUP.Optional.Legacy, [Key] - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe
PUP.Optional.Legacy, [Value] - HKCU\SOFTWARE\Classes\.crx\OpenWithProgids | UCHTML.AssocFile.CRX
PUP.Optional.Legacy, [Value] - HKCU\SOFTWARE\Classes\.htm\OpenWithProgids | UCHTML.AssocFile.HTM
PUP.Optional.Legacy, [Value] - HKCU\SOFTWARE\Classes\.html\OpenWithProgids | UCHTML.AssocFile.HTML
PUP.Optional.Legacy, [Value] - HKCU\SOFTWARE\Classes\.mht\OpenWithProgids | UCHTML.AssocFile.MHT
PUP.Optional.Legacy, [Value] - HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids | UCHTML.AssocFile.SHTM
PUP.Optional.Legacy, [Value] - HKCU\SOFTWARE\Classes\.shtml\OpenWithProgids | UCHTML.AssocFile.SHTML
PUP.Optional.Legacy, [Value] - HKCU\SOFTWARE\Classes\.webp\OpenWithProgids | UCHTML.AssocFile.WEBP
PUP.Optional.Legacy, [Value] - HKCU\SOFTWARE\Classes\.xht\OpenWithProgids | UCHTML.AssocFile.XHT
PUP.Optional.Legacy, [Value] - HKCU\SOFTWARE\Classes\.xhtml\OpenWithProgids | UCHTML.AssocFile.XHTML
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Classes\.crx\OpenWithProgids | UCHTML.AssocFile.CRX
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Classes\.htm\OpenWithProgids | UCHTML.AssocFile.HTM
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Classes\.html\OpenWithProgids | UCHTML.AssocFile.HTML
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Classes\.mht\OpenWithProgids | UCHTML.AssocFile.MHT
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Classes\.shtm\OpenWithProgids | UCHTML.AssocFile.SHTM
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Classes\.shtml\OpenWithProgids | UCHTML.AssocFile.SHTML
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Classes\.webp\OpenWithProgids | UCHTML.AssocFile.WEBP
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Classes\.xht\OpenWithProgids | UCHTML.AssocFile.XHT
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Classes\.xhtml\OpenWithProgids | UCHTML.AssocFile.XHTML
PUP.Optional.DiskPower, [Key] - HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
PUP.Optional.DiskPower, [Key] - HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
PUP.Optional.DiskPower, [Key] - HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Adware.FileTour, [Key] - HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\Installer
Adware.FileTour, [Key] - HKCU\Software\Installer
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\APreSam
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\NSaveA
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
PUP.Optional.WeatherAlerts, [Key] - HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
PUP.Optional.WeatherAlerts, [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Adware.Elex.SHHKRST, [Key] - HKLM\SOFTWARE\initialsite123Software
PUP.Optional.Microleaves, [Key] - HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.Microleaves, [Key] - HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\UCHTML
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
PUP.Adware.Heuristic, [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

[Rudy]

V ADW ještě klikněte na mazání, restartujte a dejte nový log FRST.

[Bender]

# AdwCleaner 7.0.8.0 - Logfile created on Thu Apr 12 09:11:54 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\Bender\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\Bender\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\Program Files (x86)\lavasoft\web companion
Deleted: C:\Users\Bender\AppData\Local\Tencent
Deleted: C:\Users\Bender\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\Bender\AppData\Roaming\UCChannel
Deleted: C:\Program Files (x86)\UCBrowser
Deleted: C:\Users\Bender\AppData\Local\UCBrowser
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted: C:\ProgramData\\WindowsErrorReporting
Deleted: C:\ProgramData\WindowsErrorReporting
Deleted: C:\Users\All Users\WindowsErrorReporting
Deleted: C:\Users\Bender\AppData\Local\SrvInetInfo
Deleted: C:\\Users\Public\Documents\XMUpdate


***** [ Files ] *****

Deleted: C:\Users\Bender\appdata\local\installationconfiguration.xml


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Driver Booster Scheduler
Deleted: Microsoft\Windows\Multimedia\Manager
Deleted: Microsoft\Windows\Multimedia\Driver


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\initialsite123Software
Deleted: [Key] - HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\VideoBox
Deleted: [Key] - HKCU\Software\VideoBox
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchy
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD0688A5-FC8B-4E93-A485-CBF606A56D49}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
Deleted: [Key] - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe
Deleted: [Value] - HKCU\SOFTWARE\Classes\.crx\OpenWithProgids|UCHTML.AssocFile.CRX
Deleted: [Value] - HKCU\SOFTWARE\Classes\.htm\OpenWithProgids|UCHTML.AssocFile.HTM
Deleted: [Value] - HKCU\SOFTWARE\Classes\.html\OpenWithProgids|UCHTML.AssocFile.HTML
Deleted: [Value] - HKCU\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
Deleted: [Value] - HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
Deleted: [Value] - HKCU\SOFTWARE\Classes\.shtml\OpenWithProgids|UCHTML.AssocFile.SHTML
Deleted: [Value] - HKCU\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
Deleted: [Value] - HKCU\SOFTWARE\Classes\.xht\OpenWithProgids|UCHTML.AssocFile.XHT
Deleted: [Value] - HKCU\SOFTWARE\Classes\.xhtml\OpenWithProgids|UCHTML.AssocFile.XHTML
Deleted: [Value] - HKLM\SOFTWARE\Classes\.crx\OpenWithProgids|UCHTML.AssocFile.CRX
Deleted: [Value] - HKLM\SOFTWARE\Classes\.htm\OpenWithProgids|UCHTML.AssocFile.HTM
Deleted: [Value] - HKLM\SOFTWARE\Classes\.html\OpenWithProgids|UCHTML.AssocFile.HTML
Deleted: [Value] - HKLM\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
Deleted: [Value] - HKLM\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
Deleted: [Value] - HKLM\SOFTWARE\Classes\.shtml\OpenWithProgids|UCHTML.AssocFile.SHTML
Deleted: [Value] - HKLM\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
Deleted: [Value] - HKLM\SOFTWARE\Classes\.xht\OpenWithProgids|UCHTML.AssocFile.XHT
Deleted: [Value] - HKLM\SOFTWARE\Classes\.xhtml\OpenWithProgids|UCHTML.AssocFile.XHTML
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\Installer
Deleted: [Key] - HKCU\Software\Installer
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\APreSam
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\NSaveA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKLM\SOFTWARE\initialsite123Software
Deleted: [Key] - HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted: [Key] - HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML
Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
Deleted: [Key] - HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [7415 B] - [2018/4/11 11:28:59]
C:/AdwCleaner/AdwCleaner[S1].txt - [7483 B] - [2018/4/12 9:11:34]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

[Rudy]

...a dejte nový log FRST.

[Bender]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Bender (12-04-2018 12:49:33)
Running from C:\Users\Bender\Desktop
Windows 10 Pro Version 1709 16299.371 (X64) (2018-01-24 08:32:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1516928578-2532743376-384880014-500 - Administrator - Disabled)
Bender (S-1-5-21-1516928578-2532743376-384880014-1001 - Administrator - Enabled) => C:\Users\Bender
DefaultAccount (S-1-5-21-1516928578-2532743376-384880014-503 - Limited - Disabled)
Guest (S-1-5-21-1516928578-2532743376-384880014-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1516928578-2532743376-384880014-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation)
Fallout 4 - Čeština (HKLM-x32\...\{980A3524-F865-4EA3-8486-FBF16D9FFCE4}) (Version: 0.9.2 - Fallout 4 - Čeština)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.27.5284 - GOM & Company)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.119 - IObit)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Light Image Resizer 4.7.7.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 57.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 57.0.2 (x86 cs)) (Version: 57.0.2 - Mozilla)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1908.152 - Trusteer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.15.44004 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1908.152 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2015 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Witcher 3 Wild Hunt Blood and Wine (HKLM-x32\...\The Witcher 3 Wild Hunt Blood and Wine_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-12-23] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-12-23] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-12-23] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1CCB0EC2-24CF-49C1-A092-9A5195BCDA4C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {24673CCF-54DD-4E28-9A6E-AFAE2626A652} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {26EFDE3D-2E4C-4174-B268-BA32CC1E5DDB} - System32\Tasks\S-1-5-21-1516928578-2532743376-384880014-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {49381CCD-425E-4303-B73B-E4C6CC0C583F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {4B758AD2-8DAE-4BC8-ADB7-75FCB9244CA7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {58B57074-C14C-4249-910C-25C6E66A2B40} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {66220572-36D6-4FC1-8817-D456D87C22F6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-10] (AVAST Software)
Task: {75FDC296-0A78-4072-909A-2BE90702F299} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {7629318C-D588-43B4-A550-44F700CA9CF7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {7641C45F-52B7-4D38-86F7-1E4C18629B35} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe <==== ATTENTION
Task: {7D044BEF-F9CF-4F4E-BDDD-50F0CACAB9BC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {8A678F1D-B054-45B3-8D11-3BD0676BCD61} - System32\Tasks\Driver Booster SkipUAC (Bender) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit)
Task: {93331CB7-DB10-4622-A5DE-7A3078AE32D6} - System32\Tasks\Uninstaller_SkipUac_Bender => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-06-01] (IObit)
Task: {9B6D07CB-69EB-47DE-852F-881C76128094} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {A2B791A8-907F-4963-A4F9-E4D59600A048} - \{7A047D47-0579-0579-0E11-7F040F7A110A} -> No File <==== ATTENTION
Task: {B452EF84-A319-4596-AB84-76AE0CB52782} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-12] (AVAST Software)
Task: {B9106A5D-9A4C-4527-9379-5E04C97CF821} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {C3120FBC-96B0-4166-91C4-1C3C13735C4E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {D8B0E1A9-EEC2-4F96-A1AA-21A5AE33DA30} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F0528A06-4965-413E-A40F-DE68A4577012} - System32\Tasks\Microsoft\Windows\WS\WSLicenses => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe
Task: {F40D40F7-F238-4BBF-8B9F-1B7BBD72F4CB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Bender.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-01-29 15:43 - 2017-10-11 03:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-30 11:11 - 2017-05-14 21:48 - 000075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-03-14 10:56 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 10:56 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-06 15:29 - 2018-04-06 15:30 - 000178688 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.6.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-03-09 15:57 - 2018-03-09 15:57 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2016-06-03 16:39 - 2015-12-23 16:27 - 000629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2017-01-29 15:43 - 2017-10-11 03:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2018-03-12 09:59 - 2018-03-12 09:59 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-12 09:59 - 2018-03-12 09:59 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-12 09:59 - 2018-03-12 09:59 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-01-29 15:43 - 2017-10-11 03:05 - 070805952 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-06-03 16:39 - 2015-12-23 16:27 - 000355616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-06-03 16:39 - 2015-12-23 16:27 - 000190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-06-03 16:39 - 2015-12-23 16:27 - 000057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\localhost -> localhost

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-10-14 17:25 - 2017-07-17 10:51 - 000001148 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 dscdn.pw
127.0.0.1 beautifllink.xyz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Control Panel\Desktop\\Wallpaper -> d:\foto\3d\stretched-249788.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DAEMON Tools Lite Automount =>
MSCONFIG\startupreg: OneDrive =>
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "Uninstall 17.3.6917.0607"
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\StartupApproved\Run: => "Uninstall 17.3.6917.0607\amd64"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{44999D66-721E-4081-9CA7-21291EC27DDD}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{8EC91400-657A-4C16-87E1-14D4501AED64}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{6D39F91E-0BC4-4ED1-8B3D-BE09ADDBEC78}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{354FFC30-99E2-43D7-BE3E-FA093FF1D065}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [UDP Query User{6200E2FD-84B9-4A87-B51C-7483B06E0703}D:\staženo\mashinky.v24.10.2017\mashinky.exe] => (Block) D:\staženo\mashinky.v24.10.2017\mashinky.exe
FirewallRules: [TCP Query User{46B09289-2C67-423D-A9F6-5ED2A3A1BB90}D:\staženo\mashinky.v24.10.2017\mashinky.exe] => (Block) D:\staženo\mashinky.v24.10.2017\mashinky.exe
FirewallRules: [{AA5B2D93-8686-4476-BD27-6B1798393DF2}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{33EF6988-E674-4F32-83DC-88A079F14093}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{13106448-6E98-43FB-8A55-03ED88019B65}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{8D2F6EA2-D2E2-4C0F-B021-A123E86B47A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{06292264-098E-4D7B-B2C4-8BA118AAC9B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4BC6F340-4ADF-4617-BEBF-040E4A68E8E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7A409E0A-1E91-4874-9A75-B0AE29CA8C59}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7B94DA6A-5989-468F-8303-B551103B11CB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{2D8E153E-359E-407E-AB6F-2C36E698577F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{42A9C047-C727-4316-9526-77079D5364E8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{DFDF6E49-4B00-4FF0-85A8-987535101D0C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{BD8E31EC-4867-4073-A888-24B0202A60D6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{3515770B-663F-4361-AC10-F9AADF93FA1C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [UDP Query User{D45068D7-08B6-47CE-9A6D-BE2777514288}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E1CD92E5-E80D-4609-BE33-F3E862BE762C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B862F498-81DA-4497-B467-B52A89842105}] => (Allow) D:\Steam\steamapps\common\Company of Heroes\RelicCOH.exe
FirewallRules: [{4BE43BA2-DCE1-44C2-8A94-D454FEE0DC8F}] => (Allow) D:\Steam\steamapps\common\Company of Heroes\RelicCOH.exe
FirewallRules: [{2315F305-C9F4-47CB-81CA-BF973762BA31}] => (Allow) D:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{7A118793-C22D-425F-93F0-EF09CA0E7D73}] => (Allow) D:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [UDP Query User{F29F9D5A-26A0-40D9-8152-24E1A63F7601}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{BFFEFC84-5CC0-468A-A2CF-DC22F0716B49}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{61994760-8C79-4179-8901-E7347AB3F6D3}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A2B4AEB4-6F50-4378-8B7C-B5BE876DF14A}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [UDP Query User{F8C1939D-A53F-4B3F-9089-1C38C8854FFA}D:\steam\steamapps\common\war thunder\win32\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win32\aces.exe
FirewallRules: [TCP Query User{51F4D50E-647B-4028-8542-72193E80707B}D:\steam\steamapps\common\war thunder\win32\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win32\aces.exe
FirewallRules: [{D069EBB0-5A48-4863-86C4-51C614BFD188}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{5EE2D73D-5756-4C8C-9515-F21C52A9F9DB}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{AAE38085-57E0-4690-BE96-CB17424567E6}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{42B8DA41-6101-4916-9AD9-16A9F32F27BC}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B19990AA-9635-42A7-9182-58B9FEB650E8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{56E69D23-3CBF-4F9C-B1F5-1CAD7B64ACF3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{5E6E7149-D0A8-49CC-8DB2-0CF88C738404}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0319C74A-688F-4A0F-AF66-9E52846CA8E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C60EF214-1CAB-4A00-84F0-97ECFFAB7458}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D8C21FC0-C921-4274-94F5-CBC4CDFFCB0A}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E7663570-99B8-4A08-91BD-80C3B3246115}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{409F8A3F-BB6F-4732-A658-4EED1A3CFF6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EEBE9890-6731-4970-AEFB-585769C82F01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DDBEBDF1-6455-47E6-9DBC-72325631FA47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C0B98CDF-9188-47EF-A8F1-A7ADAFA2AF80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F03E7C5-F111-4622-ACC6-58494C6AB32D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0C884D40-0EAD-4C7D-9AA1-7A0F2DBF7029}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{15474BFB-EF16-4AA8-B595-5EE6E46E328D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{49263828-1CFC-41ED-8F9B-7D378522A321}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{63C83012-2760-472B-9484-9C5044B22ECE}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{343B2D30-775D-4542-9EA4-0F2148A710FD}] => (Allow) D:\Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{C2A6DE3A-C55F-4085-958A-3EA91D9D1EA3}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{04C9F88F-1DC9-4AB7-AD3B-A8B69B217D99}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{24AAB8C5-C809-4E79-92BA-EC9F8E40F5FA}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{76A0E705-1A24-419B-A471-B8044BD20CB7}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D5CF4331-B06C-4798-9507-C8C31230E9F2}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8D8C67E7-4F87-4117-820E-901FE996DB91}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6D368595-4057-483C-81DC-B87A03BEE544}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4C82C9CC-505F-46DC-B35A-659851346C56}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{10192150-DB05-4365-AB1F-47BBD7EC93FE}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AEB4F2B8-C823-4F0D-B6CD-FC8122AA5FF8}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{099D62FB-9D0E-4FA0-9E08-277441D7079C}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8D26D8D8-6001-40FB-9881-32D8CC385EB6}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/12/2018 11:05:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program adwcleaner_7.0.8.0.exe verze 7.0.8.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2734

Čas spuštění: 01d3d23d0806ba45

Čas ukončení: 20

Cesta k aplikaci: C:\Users\Bender\Desktop\adwcleaner_7.0.8.0.exe

ID hlášení: 5ea1faf6-aba8-4763-83fb-08e5afab5d3f

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/11/2018 09:33:59 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (04/01/2018 10:20:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Launcher.exe_unknown, verze: 2018.3.19.16, časové razítko: 0x5ab01ece
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.248, časové razítko: 0x3a21d961
Kód výjimky: 0xc0000374
Posun chyby: 0x000da879
ID chybujícího procesu: 0x18ac
Čas spuštění chybující aplikace: 0x01d3c9f6d99b6218
Cesta k chybující aplikaci: D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: a912ee82-e215-4c6b-8815-5c0fad6ab0ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/01/2018 09:44:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.

Error: (03/31/2018 03:52:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TheCrew.exe, verze: 1.2.0.0, časové razítko: 0x58bef6d2
Název chybujícího modulu: TheCrew.exe, verze: 1.2.0.0, časové razítko: 0x58bef6d2
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000071971
ID chybujícího procesu: 0x10e8
Čas spuštění chybující aplikace: 0x01d3c8f3eb93c155
Cesta k chybující aplikaci: D:\Games\The Crew (Worldwide)\TheCrew.exe
Cesta k chybujícímu modulu: D:\Games\The Crew (Worldwide)\TheCrew.exe
ID zprávy: 759955e8-9682-4aa2-9d15-1c790ff1f2a7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2018 11:00:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.

Error: (03/20/2018 06:20:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_5d7d0b9ba7da9417.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.309_none_15cfd4c4935e6b11.manifest.

Error: (03/14/2018 11:14:18 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (04/12/2018 11:12:01 AM) (Source: DCOM) (EventID: 10010) (User: MACHINAMANIFIKA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2018 11:12:01 AM) (Source: DCOM) (EventID: 10010) (User: MACHINAMANIFIKA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2018 11:12:01 AM) (Source: DCOM) (EventID: 10010) (User: MACHINAMANIFIKA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2018 11:12:01 AM) (Source: DCOM) (EventID: 10010) (User: MACHINAMANIFIKA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2018 11:12:01 AM) (Source: DCOM) (EventID: 10010) (User: MACHINAMANIFIKA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2018 11:12:01 AM) (Source: DCOM) (EventID: 10010) (User: MACHINAMANIFIKA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2018 11:12:01 AM) (Source: DCOM) (EventID: 10010) (User: MACHINAMANIFIKA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2018 11:12:01 AM) (Source: DCOM) (EventID: 10010) (User: MACHINAMANIFIKA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 24%
Total physical RAM: 8189.24 MB
Available physical RAM: 6200.73 MB
Total Virtual: 11261.24 MB
Available Virtual: 9154.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.46 GB) (Free:79.86 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:182.61 GB) NTFS

\\?\Volume{99474600-2572-11e6-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS
\\?\Volume{d08e5fa2-0000-0000-0000-50b31d000000}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: D08E5FA2)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 350A3509)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Bender]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Bender (administrator) on MACHINAMANIFIKA (12-04-2018 12:48:34)
Running from C:\Users\Bender\Desktop
Loaded Profiles: Bender (Available Profiles: Bender)
Platform: Windows 10 Pro Version 1709 16299.371 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-09-30] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-12] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9d91fb0c-9262-43e2-8167-6f58aa59ef10}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1516928578-2532743376-384880014-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131447556187635604&GUID=6546327C-DA7C-4125-A3AF-28646B82BC7B
SearchScopes: HKU\S-1-5-21-1516928578-2532743376-384880014-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10405__170717__yaie&p={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-20] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-20] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: 0dwf6kv4.default
FF ProfilePath: C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default [2018-04-12]
FF user.js: detected! => C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\user.js [2017-06-29]
FF Homepage: Mozilla\Firefox\Profiles\0dwf6kv4.default -> seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\0dwf6kv4.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10405__170717__yaff
FF Session Restore: Mozilla\Firefox\Profiles\0dwf6kv4.default -> is enabled.
FF Extension: (IBM Security Rapport) - C:\Users\Bender\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2018-03-22]
FF Extension: (Avast Passwords) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2018-04-11]
FF Extension: (Avast SafePrice) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\sp@avast.com.xpi [2018-03-08]
FF Extension: (Avast Online Security) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\wrc@avast.com.xpi [2017-10-06]
FF Extension: (Adblock Plus) - C:\Users\Bender\AppData\Roaming\Mozilla\Firefox\Profiles\0dwf6kv4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_140.dll [2018-04-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-11] ()
FF Plugin-x32: @haitao.com/npHaitaoPlugin -> C:\Users\Bender\AppData\Local\htyh\application\htwebHelper.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-20] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-12] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-12] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-03-18] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2158912 2018-03-19] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3028808 2018-03-19] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2017-05-14] ()
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5243208 2018-03-11] (IBM Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2018-01-23] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2016-05-29] (Advanced Micro Devices Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196648 2018-03-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-12] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-12] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [215320 2018-03-12] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-03-12] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146656 2018-03-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-03-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-03-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-03-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-03-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-03-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-03-12] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-06-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-06-01] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-05-29] (REALiX(tm))
R1 ntknsv; C:\WINDOWS\System32\drivers\ntknsv.sys [126880 2018-04-08] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [482600 2018-03-11] (IBM Corp.)
R1 RapportCerberus_1908115; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1908115.sys [1628776 2018-03-21] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [695592 2018-03-11] (IBM Corp.)
S3 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [331240 2018-03-11] (IBM Corp.)
S3 RapportIaso; no ImagePath
S3 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [590824 2018-03-11] (IBM Corp.)
S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [736488 2018-03-11] (IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-26] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-11 13:23 - 2018-04-12 11:11 - 000000000 ____D C:\AdwCleaner
2018-04-11 13:23 - 2018-04-11 13:23 - 008222496 _____ (Malwarebytes) C:\Users\Bender\Desktop\adwcleaner_7.0.8.0.exe
2018-04-11 11:20 - 2018-04-11 11:21 - 000040510 _____ C:\Users\Bender\Desktop\Addition.txt
2018-04-11 11:19 - 2018-04-12 12:48 - 000014474 _____ C:\Users\Bender\Desktop\FRST.txt
2018-04-11 11:19 - 2018-04-12 12:48 - 000000000 ____D C:\FRST
2018-04-11 11:18 - 2018-04-11 11:18 - 002403328 _____ (Farbar) C:\Users\Bender\Desktop\FRST64.exe
2018-04-11 09:19 - 2018-03-30 14:34 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-04-11 09:19 - 2018-03-30 07:18 - 001092008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-04-11 09:19 - 2018-03-30 07:14 - 000423320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-11 09:19 - 2018-03-30 07:12 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-04-11 09:19 - 2018-03-30 07:12 - 000270208 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2018-04-11 09:19 - 2018-03-30 07:12 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-04-11 09:19 - 2018-03-30 07:10 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-04-11 09:19 - 2018-03-30 07:08 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-04-11 09:19 - 2018-03-30 07:08 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-11 09:19 - 2018-03-30 07:08 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-04-11 09:19 - 2018-03-30 07:08 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-11 09:19 - 2018-03-30 07:07 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-11 09:19 - 2018-03-30 07:07 - 000069528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-04-11 09:19 - 2018-03-30 07:06 - 000166304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-04-11 09:19 - 2018-03-30 07:06 - 000053152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys
2018-04-11 09:19 - 2018-03-30 07:05 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-04-11 09:19 - 2018-03-30 07:05 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-04-11 09:19 - 2018-03-30 07:05 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-11 09:19 - 2018-03-30 07:05 - 000191824 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-04-11 09:19 - 2018-03-30 07:05 - 000073120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-04-11 09:19 - 2018-03-30 07:05 - 000066720 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-04-11 09:19 - 2018-03-30 07:05 - 000059808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-04-11 09:19 - 2018-03-30 07:05 - 000035744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDFHost.dll
2018-04-11 09:19 - 2018-03-30 07:05 - 000022800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumbase.dll
2018-04-11 09:19 - 2018-03-30 07:05 - 000022208 _____ (Microsoft Corporation) C:\WINDOWS\system32\IumSdk.dll
2018-04-11 09:19 - 2018-03-30 07:05 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-04-11 09:19 - 2018-03-30 07:05 - 000015632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumdll.dll
2018-04-11 09:19 - 2018-03-30 07:04 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-11 09:19 - 2018-03-30 07:04 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-11 09:19 - 2018-03-30 07:04 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-04-11 09:19 - 2018-03-30 07:03 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-04-11 09:19 - 2018-03-30 07:03 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-11 09:19 - 2018-03-30 07:03 - 000508272 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-04-11 09:19 - 2018-03-30 07:03 - 000479920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-04-11 09:19 - 2018-03-30 07:03 - 000460704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-04-11 09:19 - 2018-03-30 07:03 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-04-11 09:19 - 2018-03-30 07:03 - 000292384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-04-11 09:19 - 2018-03-30 07:03 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-04-11 09:19 - 2018-03-30 07:03 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-04-11 09:19 - 2018-03-30 07:03 - 000139680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-04-11 09:19 - 2018-03-30 07:03 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-04-11 09:19 - 2018-03-30 07:03 - 000059808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-04-11 09:19 - 2018-03-30 07:03 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-04-11 09:19 - 2018-03-30 07:02 - 000128416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-04-11 09:19 - 2018-03-30 07:01 - 008600480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-04-11 09:19 - 2018-03-30 07:01 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-04-11 09:19 - 2018-03-30 07:01 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-04-11 09:19 - 2018-03-30 07:01 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-04-11 09:19 - 2018-03-30 07:01 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-04-11 09:19 - 2018-03-30 07:01 - 000034208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys
2018-04-11 09:19 - 2018-03-30 07:00 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-04-11 09:19 - 2018-03-30 07:00 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2018-04-11 09:19 - 2018-03-30 07:00 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2018-04-11 09:19 - 2018-03-30 06:59 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-04-11 09:19 - 2018-03-30 06:59 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-04-11 09:19 - 2018-03-30 06:58 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-04-11 09:19 - 2018-03-30 06:58 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-04-11 09:19 - 2018-03-30 06:58 - 000039328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2018-04-11 09:19 - 2018-03-30 06:57 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-04-11 09:19 - 2018-03-30 06:57 - 000711944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-04-11 09:19 - 2018-03-30 06:57 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-04-11 09:19 - 2018-03-30 06:57 - 000121248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2018-04-11 09:19 - 2018-03-30 06:57 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-04-11 09:19 - 2018-03-30 06:57 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-04-11 09:19 - 2018-03-30 06:57 - 000031640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-04-11 09:19 - 2018-03-30 06:56 - 000018680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshhyperv.dll
2018-04-11 09:19 - 2018-03-30 06:55 - 000367344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-04-11 09:19 - 2018-03-30 06:55 - 000062880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-04-11 09:19 - 2018-03-30 06:54 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-04-11 09:19 - 2018-03-30 06:54 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-04-11 09:19 - 2018-03-30 06:54 - 000670112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-04-11 09:19 - 2018-03-30 06:54 - 000645536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-04-11 09:19 - 2018-03-30 06:54 - 000461728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-04-11 09:19 - 2018-03-30 06:54 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-04-11 09:19 - 2018-03-30 06:53 - 007676304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-04-11 09:19 - 2018-03-30 06:53 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-04-11 09:19 - 2018-03-30 06:53 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-04-11 09:19 - 2018-03-30 06:53 - 000831392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-04-11 09:19 - 2018-03-30 06:53 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-04-11 09:19 - 2018-03-30 06:53 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-04-11 09:19 - 2018-03-30 06:53 - 000495008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-04-11 09:19 - 2018-03-30 06:53 - 000246176 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-04-11 09:19 - 2018-03-30 06:53 - 000163744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-04-11 09:19 - 2018-03-30 06:53 - 000094080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2018-04-11 09:19 - 2018-03-30 06:53 - 000040352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2018-04-11 09:19 - 2018-03-30 06:52 - 021351632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-04-11 09:19 - 2018-03-30 06:52 - 002457504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-04-11 09:19 - 2018-03-30 06:52 - 000727456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-04-11 09:19 - 2018-03-30 06:52 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-04-11 09:19 - 2018-03-30 06:52 - 000428960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-04-11 09:19 - 2018-03-30 06:52 - 000282528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2018-04-11 09:19 - 2018-03-30 06:52 - 000247480 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2018-04-11 09:19 - 2018-03-30 06:52 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-04-11 09:19 - 2018-03-30 06:52 - 000054688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys
2018-04-11 09:19 - 2018-03-30 06:52 - 000047512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2018-04-11 09:19 - 2018-03-30 06:52 - 000028520 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2018-04-11 09:19 - 2018-03-30 06:51 - 000902928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-04-11 09:19 - 2018-03-30 06:51 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-04-11 09:19 - 2018-03-30 06:51 - 000125568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-04-11 09:19 - 2018-03-30 06:51 - 000123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2018-04-11 09:19 - 2018-03-30 06:51 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-04-11 09:19 - 2018-03-30 06:50 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-04-11 09:19 - 2018-03-30 06:50 - 000057760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-04-11 09:19 - 2018-03-30 06:49 - 000204184 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-04-11 09:19 - 2018-03-30 06:48 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-04-11 09:19 - 2018-03-30 06:48 - 001628064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-04-11 09:19 - 2018-03-30 06:48 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-04-11 09:19 - 2018-03-30 06:48 - 001101728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-04-11 09:19 - 2018-03-30 06:48 - 000819104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-04-11 09:19 - 2018-03-30 06:48 - 000813984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-04-11 09:19 - 2018-03-30 06:48 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-04-11 09:19 - 2018-03-30 06:48 - 000614304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-04-11 09:19 - 2018-03-30 06:48 - 000586800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp110_win.dll
2018-04-11 09:19 - 2018-03-30 06:48 - 000397720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-04-11 09:19 - 2018-03-30 06:48 - 000231328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-04-11 09:19 - 2018-03-30 06:28 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-04-11 09:19 - 2018-03-30 06:28 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-04-11 09:19 - 2018-03-30 06:27 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-04-11 09:19 - 2018-03-30 06:24 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-04-11 09:19 - 2018-03-30 06:23 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-04-11 09:19 - 2018-03-30 06:19 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-04-11 09:19 - 2018-03-30 06:18 - 000016600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshhyperv.dll
2018-04-11 09:19 - 2018-03-30 06:16 - 000289824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-04-11 09:19 - 2018-03-30 06:13 - 002193176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-04-11 09:19 - 2018-03-30 06:13 - 000450936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-04-11 09:19 - 2018-03-30 06:13 - 000073896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2018-04-11 09:19 - 2018-03-30 06:12 - 000186520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2018-04-11 09:19 - 2018-03-30 06:10 - 000704080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-04-11 09:19 - 2018-03-30 06:10 - 000099240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-04-11 09:19 - 2018-03-30 06:09 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-04-11 09:19 - 2018-03-30 06:07 - 001003160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-04-11 09:19 - 2018-03-30 06:06 - 000180632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-04-11 09:19 - 2018-03-30 06:05 - 001491360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-04-11 09:19 - 2018-03-30 06:05 - 000027040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVClientPS.dll
2018-04-11 09:19 - 2018-03-30 06:04 - 000417368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp110_win.dll
2018-04-11 09:19 - 2018-03-30 05:55 - 025253888 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-04-11 09:19 - 2018-03-30 05:46 - 018925056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-04-11 09:19 - 2018-03-30 05:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-04-11 09:19 - 2018-03-30 05:46 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-04-11 09:19 - 2018-03-30 05:46 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-04-11 09:19 - 2018-03-30 05:45 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-04-11 09:19 - 2018-03-30 05:45 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-04-11 09:19 - 2018-03-30 05:43 - 019355136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-04-11 09:19 - 2018-03-30 05:43 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-04-11 09:19 - 2018-03-30 05:43 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-04-11 09:19 - 2018-03-30 05:43 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-04-11 09:19 - 2018-03-30 05:43 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2018-04-11 09:19 - 2018-03-30 05:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-04-11 09:19 - 2018-03-30 05:42 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-04-11 09:19 - 2018-03-30 05:42 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-04-11 09:19 - 2018-03-30 05:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-04-11 09:19 - 2018-03-30 05:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-04-11 09:19 - 2018-03-30 05:41 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-04-11 09:19 - 2018-03-30 05:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-04-11 09:19 - 2018-03-30 05:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-04-11 09:19 - 2018-03-30 05:41 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-04-11 09:19 - 2018-03-30 05:41 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-04-11 09:19 - 2018-03-30 05:40 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-04-11 09:19 - 2018-03-30 05:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-04-11 09:19 - 2018-03-30 05:40 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-04-11 09:19 - 2018-03-30 05:39 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-04-11 09:19 - 2018-03-30 05:39 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-04-11 09:19 - 2018-03-30 05:38 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-04-11 09:19 - 2018-03-30 05:38 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-04-11 09:19 - 2018-03-30 05:38 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-04-11 09:19 - 2018-03-30 05:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-04-11 09:19 - 2018-03-30 05:38 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-04-11 09:19 - 2018-03-30 05:38 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-04-11 09:19 - 2018-03-30 05:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-04-11 09:19 - 2018-03-30 05:37 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-04-11 09:19 - 2018-03-30 05:37 - 001298944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-04-11 09:19 - 2018-03-30 05:36 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-04-11 09:19 - 2018-03-30 05:36 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-04-11 09:19 - 2018-03-30 05:36 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-04-11 09:19 - 2018-03-30 05:36 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-04-11 09:19 - 2018-03-30 05:36 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-04-11 09:19 - 2018-03-30 05:36 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-04-11 09:19 - 2018-03-30 05:36 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-04-11 09:19 - 2018-03-30 05:36 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe
2018-04-11 09:19 - 2018-03-30 05:35 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-04-11 09:19 - 2018-03-30 05:35 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-04-11 09:19 - 2018-03-30 05:35 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-04-11 09:19 - 2018-03-30 05:35 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-04-11 09:19 - 2018-03-30 05:35 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-04-11 09:19 - 2018-03-30 05:35 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-04-11 09:19 - 2018-03-30 05:35 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-04-11 09:19 - 2018-03-30 05:35 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-04-11 09:19 - 2018-03-30 05:35 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-04-11 09:19 - 2018-03-30 05:35 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-04-11 09:19 - 2018-03-30 05:33 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-04-11 09:19 - 2018-03-30 05:33 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-04-11 09:19 - 2018-03-30 05:33 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-04-11 09:19 - 2018-03-30 05:33 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-04-11 09:19 - 2018-03-30 05:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-04-11 09:19 - 2018-03-30 05:33 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-04-11 09:19 - 2018-03-30 05:33 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-04-11 09:19 - 2018-03-30 05:32 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-04-11 09:19 - 2018-03-30 05:32 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-04-11 09:19 - 2018-03-30 05:32 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-04-11 09:19 - 2018-03-30 05:32 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-04-11 09:19 - 2018-03-30 05:32 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-04-11 09:19 - 2018-03-30 05:32 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-04-11 09:19 - 2018-03-30 05:32 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-04-11 09:19 - 2018-03-30 05:32 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-04-11 09:19 - 2018-03-30 05:32 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-04-11 09:19 - 2018-03-30 05:32 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-04-11 09:19 - 2018-03-30 05:31 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-04-11 09:19 - 2018-03-30 05:31 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-04-11 09:19 - 2018-03-30 05:31 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-04-11 09:19 - 2018-03-30 05:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-04-11 09:19 - 2018-03-30 05:31 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-04-11 09:19 - 2018-03-30 05:31 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-04-11 09:19 - 2018-03-30 05:31 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-04-11 09:19 - 2018-03-30 05:30 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-04-11 09:19 - 2018-03-30 05:29 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-04-11 09:19 - 2018-03-30 05:29 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-04-11 09:19 - 2018-03-30 05:29 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-04-11 09:19 - 2018-03-30 05:29 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-04-11 09:19 - 2018-03-30 05:29 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-04-11 09:19 - 2018-03-30 05:29 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-04-11 09:19 - 2018-03-30 05:29 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-04-11 09:19 - 2018-03-30 05:29 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-04-11 09:19 - 2018-03-30 05:29 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-04-11 09:19 - 2018-03-30 05:29 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-04-11 09:19 - 2018-03-30 05:28 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-04-11 09:19 - 2018-03-30 05:28 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-04-11 09:19 - 2018-03-30 05:28 - 000984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-04-11 09:19 - 2018-03-30 05:28 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-04-11 09:19 - 2018-03-30 05:28 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-04-11 09:19 - 2018-03-30 05:28 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-04-11 09:19 - 2018-03-30 05:28 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-04-11 09:19 - 2018-03-30 05:28 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-04-11 09:19 - 2018-03-30 05:28 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-04-11 09:19 - 2018-03-30 05:28 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-04-11 09:19 - 2018-03-30 05:28 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-04-11 09:19 - 2018-03-30 05:28 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-04-11 09:19 - 2018-03-30 05:27 - 008104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-04-11 09:19 - 2018-03-30 05:27 - 003170816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-04-11 09:19 - 2018-03-30 05:27 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-04-11 09:19 - 2018-03-30 05:27 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-04-11 09:19 - 2018-03-30 05:27 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-04-11 09:19 - 2018-03-30 05:27 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-04-11 09:19 - 2018-03-30 05:27 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-04-11 09:19 - 2018-03-30 05:27 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-04-11 09:19 - 2018-03-30 05:27 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-04-11 09:19 - 2018-03-30 05:26 - 004747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-04-11 09:19 - 2018-03-30 05:26 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-04-11 09:19 - 2018-03-30 05:26 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-04-11 09:19 - 2018-03-30 05:26 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-04-11 09:19 - 2018-03-30 05:26 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2018-04-11 09:19 - 2018-03-30 05:26 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-04-11 09:19 - 2018-03-30 05:26 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-04-11 09:19 - 2018-03-30 05:26 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-04-11 09:19 - 2018-03-30 05:26 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-04-11 09:19 - 2018-03-30 05:26 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-04-11 09:19 - 2018-03-30 05:25 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-04-11 09:19 - 2018-03-30 05:25 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-04-11 09:19 - 2018-03-30 05:25 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-04-11 09:19 - 2018-03-30 05:25 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-04-11 09:19 - 2018-03-30 05:25 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-04-11 09:19 - 2018-03-30 05:25 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-04-11 09:19 - 2018-03-30 05:25 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-04-11 09:19 - 2018-03-30 05:25 - 001055744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-04-11 09:19 - 2018-03-30 05:25 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-04-11 09:19 - 2018-03-30 05:25 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-04-11 09:19 - 2018-03-30 05:25 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-04-11 09:19 - 2018-03-30 05:24 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-04-11 09:19 - 2018-03-30 05:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-04-11 09:19 - 2018-03-30 05:23 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-04-11 09:19 - 2018-03-30 05:23 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-04-11 09:19 - 2018-03-30 05:23 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-04-11 09:19 - 2018-03-30 05:23 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-04-11 09:19 - 2018-03-30 05:21 - 002511360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-04-11 09:19 - 2018-03-30 05:21 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-04-11 09:19 - 2018-03-30 05:20 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2018-04-11 09:19 - 2018-03-30 05:20 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-04-11 09:19 - 2018-03-28 21:54 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-04-11 09:19 - 2018-03-13 09:03 - 005907288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-04-11 09:19 - 2018-03-13 09:03 - 000779960 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-04-11 09:19 - 2018-03-13 09:03 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-04-11 09:19 - 2018-03-13 09:03 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-04-11 09:19 - 2018-03-13 09:03 - 000279960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-04-11 09:19 - 2018-03-13 09:02 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-04-11 09:19 - 2018-03-13 08:59 - 000535968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-04-11 09:19 - 2018-03-13 08:58 - 000441248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2018-04-11 09:19 - 2018-03-13 08:58 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-04-11 09:19 - 2018-03-13 08:58 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-04-11 09:19 - 2018-03-13 08:55 - 001778360 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-04-11 09:19 - 2018-03-13 08:55 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-04-11 09:19 - 2018-03-13 08:55 - 000417440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2018-04-11 09:19 - 2018-03-13 08:55 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-04-11 09:19 - 2018-03-13 08:54 - 000555936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-04-11 09:19 - 2018-03-13 08:54 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-04-11 09:19 - 2018-03-13 08:53 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-04-11 09:19 - 2018-03-13 08:53 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2018-04-11 09:19 - 2018-03-13 08:53 - 000143264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2018-04-11 09:19 - 2018-03-13 08:53 - 000113568 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-04-11 09:19 - 2018-03-13 08:53 - 000091152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2018-04-11 09:19 - 2018-03-13 08:52 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-04-11 09:19 - 2018-03-13 08:52 - 000172112 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2018-04-11 09:19 - 2018-03-13 08:52 - 000127136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2018-04-11 09:19 - 2018-03-13 08:51 - 002773408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-04-11 09:19 - 2018-03-13 08:50 - 000617312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-04-11 09:19 - 2018-03-13 07:41 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-04-11 09:19 - 2018-03-13 07:40 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-04-11 09:19 - 2018-03-13 07:36 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2018-04-11 09:19 - 2018-03-13 07:36 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-04-11 09:19 - 2018-03-13 07:35 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-04-11 09:19 - 2018-03-13 07:35 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-04-11 09:19 - 2018-03-13 07:35 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2018-04-11 09:19 - 2018-03-13 07:34 - 008727552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-04-11 09:19 - 2018-03-13 07:34 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-04-11 09:19 - 2018-03-13 07:34 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-04-11 09:19 - 2018-03-13 07:33 - 007544832 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-04-11 09:19 - 2018-03-13 07:33 - 001574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-04-11 09:19 - 2018-03-13 07:33 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-04-11 09:19 - 2018-03-13 07:33 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2018-04-11 09:19 - 2018-03-13 07:33 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-04-11 09:19 - 2018-03-13 07:32 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-04-11 09:19 - 2018-03-13 07:32 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2018-04-11 09:19 - 2018-03-13 07:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-04-11 09:19 - 2018-03-13 07:32 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-04-11 09:19 - 2018-03-13 07:31 - 001263104 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-04-11 09:19 - 2018-03-13 07:31 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-04-11 09:19 - 2018-03-13 07:31 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2018-04-11 09:19 - 2018-03-13 07:30 - 007145472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-04-11 09:19 - 2018-03-13 07:30 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-04-11 09:19 - 2018-03-13 07:30 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-04-11 09:19 - 2018-03-13 07:30 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-11 09:19 - 2018-03-13 07:30 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2018-04-11 09:19 - 2018-03-13 07:30 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2018-04-11 09:19 - 2018-03-13 07:29 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-04-11 09:19 - 2018-03-13 07:28 - 003160576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-04-11 09:19 - 2018-03-13 07:28 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-04-11 09:19 - 2018-03-13 07:28 - 001967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-04-11 09:19 - 2018-03-13 07:28 - 001157632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-04-11 09:19 - 2018-03-13 07:28 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-04-11 09:19 - 2018-03-13 07:28 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-04-11 09:19 - 2018-03-13 07:28 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-04-11 09:19 - 2018-03-13 07:28 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-04-11 09:19 - 2018-03-13 07:27 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-04-11 09:19 - 2018-03-13 07:27 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-04-11 09:19 - 2018-03-13 07:27 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-04-11 09:19 - 2018-03-13 07:26 - 001737728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-04-11 09:19 - 2018-03-13 07:25 - 001346560 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2018-04-11 09:19 - 2018-03-13 07:24 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-04-11 09:19 - 2018-03-13 07:24 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-04-11 09:19 - 2018-03-13 07:23 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-04-11 09:19 - 2018-03-13 07:23 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-04-11 09:19 - 2018-03-13 07:23 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-04-11 09:19 - 2018-03-13 07:22 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-04-11 09:19 - 2018-03-13 07:22 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2018-04-11 09:19 - 2018-03-13 07:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-04-11 09:19 - 2018-03-13 07:22 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-04-11 09:19 - 2018-03-13 07:19 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-04-11 09:19 - 2018-03-13 07:19 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-04-11 09:19 - 2018-03-13 07:19 - 000311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-04-11 09:19 - 2018-03-13 07:15 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-04-11 09:19 - 2018-03-13 07:08 - 001555784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-04-11 09:19 - 2018-03-13 07:08 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-04-11 09:19 - 2018-03-13 07:07 - 000115104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-04-11 09:19 - 2018-03-13 07:06 - 000564640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2018-04-11 09:19 - 2018-03-13 07:04 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-04-11 09:19 - 2018-03-13 07:04 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-04-11 09:19 - 2018-03-13 07:04 - 000140592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2018-04-11 09:19 - 2018-03-13 06:44 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-04-11 09:19 - 2018-03-13 06:43 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-04-11 09:19 - 2018-03-13 06:40 - 006118400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-04-11 09:19 - 2018-03-13 06:40 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2018-04-11 09:19 - 2018-03-13 06:39 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2018-04-11 09:19 - 2018-03-13 06:39 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-04-11 09:19 - 2018-03-13 06:39 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-04-11 09:19 - 2018-03-13 06:38 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-04-11 09:19 - 2018-03-13 06:37 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-04-11 09:19 - 2018-03-13 06:37 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2018-04-11 09:19 - 2018-03-13 06:37 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2018-04-11 09:19 - 2018-03-13 06:37 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-04-11 09:19 - 2018-03-13 06:37 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-04-11 09:19 - 2018-03-13 06:36 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2018-04-11 09:19 - 2018-03-13 06:35 - 006204416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-04-11 09:19 - 2018-03-13 06:34 - 002409984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-04-11 09:19 - 2018-03-13 06:34 - 000706048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-04-11 09:19 - 2018-03-13 06:33 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-04-11 09:19 - 2018-03-13 06:33 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-04-11 09:19 - 2018-03-13 06:32 - 002577408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-04-11 09:19 - 2018-03-13 06:31 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-04-11 09:19 - 2018-03-13 06:31 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-04-11 09:19 - 2018-03-13 06:31 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-04-11 09:19 - 2018-03-13 06:30 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-04-11 09:19 - 2018-03-13 06:30 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-04-11 09:19 - 2018-03-13 06:28 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-04-11 09:19 - 2018-03-13 06:27 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-04-11 09:19 - 2018-03-13 06:27 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-04-11 09:19 - 2018-03-13 06:26 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2018-04-11 09:19 - 2017-11-26 15:32 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-04-11 09:19 - 2017-11-26 13:12 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-04-11 09:18 - 2018-03-30 05:45 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-04-11 09:18 - 2018-03-30 05:44 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2018-04-11 09:18 - 2018-03-30 05:44 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2018-04-11 09:18 - 2018-03-30 05:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2018-04-11 09:18 - 2018-03-30 05:43 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2018-04-11 09:18 - 2018-03-30 05:43 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2018-04-11 09:18 - 2018-03-30 05:43 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2018-04-11 09:18 - 2018-03-30 05:43 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2018-04-11 09:18 - 2018-03-30 05:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2018-04-11 09:18 - 2018-03-30 05:43 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2018-04-11 09:18 - 2018-03-30 05:42 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2018-04-11 09:18 - 2018-03-30 05:42 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2018-04-11 09:18 - 2018-03-30 05:42 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-04-11 09:18 - 2018-03-30 05:42 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2018-04-11 09:18 - 2018-03-30 05:42 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2018-04-11 09:18 - 2018-03-30 05:42 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2018-04-11 09:18 - 2018-03-30 05:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-04-11 09:18 - 2018-03-30 05:41 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2018-04-11 09:18 - 2018-03-30 05:40 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2018-04-11 09:18 - 2018-03-30 05:40 - 000314880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-04-11 09:18 - 2018-03-30 05:40 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2018-04-11 09:18 - 2018-03-30 05:40 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2018-04-11 09:18 - 2018-03-30 05:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2018-04-11 09:18 - 2018-03-30 05:39 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-04-11 09:18 - 2018-03-30 05:36 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-04-11 09:18 - 2018-03-30 05:35 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2018-04-11 09:18 - 2018-03-30 05:35 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-04-11 09:18 - 2018-03-30 05:35 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-04-11 09:18 - 2018-03-30 05:35 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-04-11 09:18 - 2018-03-30 05:34 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys
2018-04-11 09:18 - 2018-03-30 05:33 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2018-04-11 09:18 - 2018-03-30 05:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-04-11 09:18 - 2018-03-30 05:33 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2018-04-11 09:18 - 2018-03-30 05:33 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmictimeprovider.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2018-04-11 09:18 - 2018-03-30 05:33 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HyperVideo.sys
2018-04-11 09:18 - 2018-03-30 05:33 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys
2018-04-11 09:18 - 2018-03-30 05:33 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysntfy.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2018-04-11 09:18 - 2018-03-30 05:33 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nrpsrv.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys
2018-04-11 09:18 - 2018-03-30 05:33 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys
2018-04-11 09:18 - 2018-03-30 05:33 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys
2018-04-11 09:18 - 2018-03-30 05:33 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2018-04-11 09:18 - 2018-03-30 05:33 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-04-11 09:18 - 2018-03-30 05:33 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys
2018-04-11 09:18 - 2018-03-30 05:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2018-04-11 09:18 - 2018-03-30 05:32 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2018-04-11 09:18 - 2018-03-30 05:32 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2018-04-11 09:18 - 2018-03-30 05:32 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\efslsaext.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys
2018-04-11 09:18 - 2018-03-30 05:32 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys
2018-04-11 09:18 - 2018-03-30 05:32 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2018-04-11 09:18 - 2018-03-30 05:32 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdPnp.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2018-04-11 09:18 - 2018-03-30 05:32 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmiprop.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWNet.dll
2018-04-11 09:18 - 2018-03-30 05:32 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfhost.exe
2018-04-11 09:18 - 2018-03-30 05:32 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2018-04-11 09:18 - 2018-03-30 05:32 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2018-04-11 09:18 - 2018-03-30 05:32 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2018-04-11 09:18 - 2018-03-30 05:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2018-04-11 09:18 - 2018-03-30 05:31 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2018-04-11 09:18 - 2018-03-30 05:31 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-04-11 09:18 - 2018-03-30 05:31 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-04-11 09:18 - 2018-03-30 05:31 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2018-04-11 09:18 - 2018-03-30 05:30 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-04-11 09:18 - 2018-03-30 05:30 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-04-11 09:18 - 2018-03-30 05:30 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2018-04-11 09:18 - 2018-03-30 05:30 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-04-11 09:18 - 2018-03-30 05:29 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2018-04-11 09:18 - 2018-03-30 05:29 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-04-11 09:18 - 2018-03-30 05:29 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2018-04-11 09:18 - 2018-03-30 05:29 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2018-04-11 09:18 - 2018-03-30 05:28 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2018-04-11 09:18 - 2018-03-30 05:28 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2018-04-11 09:18 - 2018-03-30 05:27 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-04-11 09:18 - 2018-03-30 05:27 - 000889856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-04-11 09:18 - 2018-03-30 05:27 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-04-11 09:18 - 2018-03-30 05:27 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2018-04-11 09:18 - 2018-03-30 05:25 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-04-11 09:18 - 2018-03-30 05:25 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2018-04-11 09:18 - 2018-03-30 05:25 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-04-11 09:18 - 2018-03-30 05:25 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2018-04-11 09:18 - 2018-03-30 05:23 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2018-04-11 09:18 - 2018-03-30 05:23 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2018-04-11 09:18 - 2018-03-30 05:23 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-04-11 09:18 - 2018-03-30 05:22 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2018-04-11 09:18 - 2018-03-30 05:22 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys
2018-04-11 09:18 - 2018-03-30 05:22 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys
2018-04-11 09:18 - 2018-03-30 05:20 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2018-04-11 09:18 - 2018-03-30 05:20 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2018-04-11 09:18 - 2018-03-30 05:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2018-04-11 09:18 - 2018-03-30 05:20 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2018-04-11 09:18 - 2018-03-30 05:20 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-04-11 09:18 - 2018-03-30 05:20 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdPnp.dll
2018-04-11 09:18 - 2018-03-30 05:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2018-04-11 09:18 - 2018-03-30 05:20 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmiprop.dll
2018-04-11 09:18 - 2018-03-30 05:20 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWNet.dll
2018-04-11 09:18 - 2018-03-30 05:20 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys
2018-04-11 09:18 - 2018-03-13 07:40 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-04-11 09:18 - 2018-03-13 07:38 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2018-04-11 09:18 - 2018-03-13 07:38 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-04-11 09:18 - 2018-03-13 07:38 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2018-04-11 09:18 - 2018-03-13 07:37 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2018-04-11 09:18 - 2018-03-13 07:37 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2018-04-11 09:18 - 2018-03-13 07:37 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2018-04-11 09:18 - 2018-03-13 07:35 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2018-04-11 09:18 - 2018-03-13 07:35 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-04-11 09:18 - 2018-03-13 07:35 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-04-11 09:18 - 2018-03-13 07:35 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlgpclnt.dll
2018-04-11 09:18 - 2018-03-13 07:34 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-04-11 09:18 - 2018-03-13 07:34 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2018-04-11 09:18 - 2018-03-13 07:33 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2018-04-11 09:18 - 2018-03-13 07:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2018-04-11 09:18 - 2018-03-13 07:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2018-04-11 09:18 - 2018-03-13 07:32 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2018-04-11 09:18 - 2018-03-13 07:31 - 002849792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-04-11 09:18 - 2018-03-13 07:31 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2018-04-11 09:18 - 2018-03-13 07:26 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-04-11 09:18 - 2018-03-13 07:25 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2018-04-11 09:18 - 2018-03-13 07:24 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2018-04-11 09:18 - 2018-03-13 06:44 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-04-11 09:18 - 2018-03-13 06:40 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2018-04-11 09:18 - 2018-03-13 06:39 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-04-11 09:18 - 2018-03-13 06:38 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlgpclnt.dll
2018-04-11 09:18 - 2018-03-13 06:37 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2018-04-11 09:18 - 2018-03-13 06:37 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2018-04-11 09:18 - 2018-03-13 06:37 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2018-04-11 09:18 - 2018-03-13 06:36 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2018-04-11 09:18 - 2018-03-13 06:36 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-04-11 09:18 - 2018-03-13 06:32 - 001948672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-04-11 09:18 - 2018-03-13 06:31 - 001348608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-04-08 08:49 - 2018-04-08 08:49 - 000126880 _____ C:\WINDOWS\system32\Drivers\ntknsv.sys
2018-04-01 22:20 - 2018-04-01 23:20 - 000000000 ____D C:\Users\Bender\AppData\Local\Warframe
2018-03-27 23:01 - 2017-10-11 03:05 - 000186304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-03-27 23:01 - 2017-10-11 03:05 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-03-27 12:14 - 2018-03-31 16:05 - 000000000 ____D C:\Users\Bender\Documents\ProfileCache
2018-03-27 12:14 - 2018-03-31 15:58 - 000000000 ____D C:\Users\Bender\Documents\The Crew
2018-03-25 16:28 - 2018-03-25 16:29 - 000000000 ____D C:\Users\Bender\Documents\NFS Most Wanted
2018-03-14 10:57 - 2018-03-01 09:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-14 10:57 - 2018-03-01 08:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-14 10:56 - 2018-03-02 05:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-14 10:56 - 2018-03-02 05:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-14 10:56 - 2018-03-02 05:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-14 10:56 - 2018-03-02 05:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 10:56 - 2018-03-02 05:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-14 10:56 - 2018-03-02 05:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-14 10:56 - 2018-03-01 22:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-14 10:56 - 2018-03-01 09:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-14 10:56 - 2018-03-01 09:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-14 10:56 - 2018-03-01 09:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-14 10:56 - 2018-03-01 09:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-14 10:56 - 2018-03-01 09:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-14 10:56 - 2018-03-01 09:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-14 10:56 - 2018-03-01 09:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-14 10:56 - 2018-03-01 09:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-14 10:56 - 2018-03-01 09:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-14 10:56 - 2018-03-01 09:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-14 10:56 - 2018-03-01 09:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-14 10:56 - 2018-03-01 09:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-14 10:56 - 2018-03-01 09:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-14 10:56 - 2018-03-01 08:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-14 10:56 - 2018-03-01 08:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-14 10:56 - 2018-03-01 08:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-14 10:56 - 2018-03-01 08:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-14 10:56 - 2018-03-01 08:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-14 10:56 - 2018-03-01 08:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-14 10:56 - 2018-03-01 08:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-14 10:56 - 2018-03-01 08:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-14 10:56 - 2018-03-01 08:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-14 10:56 - 2018-03-01 08:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-14 10:56 - 2018-03-01 07:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 10:56 - 2018-03-01 07:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-14 10:56 - 2018-03-01 07:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-14 10:56 - 2018-03-01 07:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-14 10:56 - 2018-03-01 07:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-14 10:56 - 2018-03-01 07:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-14 10:56 - 2018-03-01 07:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-14 10:56 - 2018-03-01 07:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-14 10:56 - 2018-03-01 07:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-14 10:56 - 2018-03-01 07:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-14 10:56 - 2018-03-01 07:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-14 10:56 - 2018-03-01 07:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-14 10:56 - 2018-03-01 07:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 10:56 - 2018-03-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-14 10:56 - 2018-03-01 07:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-14 10:56 - 2018-03-01 07:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-14 10:56 - 2018-03-01 07:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-14 10:56 - 2018-03-01 07:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-14 10:56 - 2018-03-01 07:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-14 10:56 - 2018-03-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-14 10:56 - 2018-03-01 07:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-14 10:56 - 2018-03-01 07:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-14 10:56 - 2018-03-01 07:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-14 10:56 - 2018-03-01 07:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-14 10:56 - 2018-03-01 07:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-14 10:56 - 2018-03-01 07:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-14 10:56 - 2018-03-01 07:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-14 10:56 - 2018-03-01 07:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-14 10:56 - 2018-03-01 07:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-14 10:56 - 2018-02-22 04:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-14 10:56 - 2018-02-22 04:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-14 10:56 - 2018-02-22 04:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-14 10:56 - 2018-02-22 04:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-14 10:56 - 2018-02-22 03:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-14 10:56 - 2018-02-22 03:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-14 10:56 - 2018-02-22 03:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-14 10:56 - 2018-02-22 03:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-14 10:56 - 2018-02-22 03:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-14 10:56 - 2018-02-22 03:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-14 10:56 - 2018-02-22 02:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-14 10:56 - 2018-02-22 02:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-14 10:56 - 2018-02-22 02:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-14 10:56 - 2018-02-22 02:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-14 10:56 - 2018-02-22 02:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-14 10:56 - 2018-02-22 02:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-14 10:43 - 2018-04-11 10:09 - 000004656 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-13 09:59 - 2018-03-13 09:59 - 000002144 _____ C:\Users\Bender\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2018-03-13 09:59 - 2018-03-13 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-12 12:47 - 2018-01-24 10:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-04-12 12:25 - 2017-04-24 22:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-12 11:38 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-04-12 11:19 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-04-12 11:18 - 2018-01-24 10:33 - 002420706 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-12 11:18 - 2017-09-30 16:30 - 001078782 _____ C:\WINDOWS\system32\perfh005.dat
2018-04-12 11:18 - 2017-09-30 16:30 - 000251370 _____ C:\WINDOWS\system32\perfc005.dat
2018-04-12 11:18 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-12 11:12 - 2018-01-24 10:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-12 11:12 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-04-12 11:11 - 2017-07-17 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-04-12 11:11 - 2017-07-17 10:39 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2018-04-12 11:11 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-04-12 11:11 - 2016-05-29 10:43 - 000000000 ____D C:\Users\Bender\AppData\Roaming\IObit
2018-04-12 11:11 - 2016-05-29 10:43 - 000000000 ____D C:\ProgramData\IObit
2018-04-12 08:24 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-04-11 13:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-11 13:35 - 2016-10-03 20:17 - 000000000 ___RD C:\Users\Bender\3D Objects
2018-04-11 13:35 - 2016-02-13 15:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-04-11 13:34 - 2018-01-24 10:21 - 000230888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-04-11 13:30 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-04-11 13:30 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-04-11 13:30 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-11 13:30 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-04-11 11:36 - 2016-05-29 18:51 - 000000000 ____D C:\Users\Bender\Documents\The Witcher 3
2018-04-11 10:09 - 2018-01-24 10:30 - 000004506 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-04-11 10:09 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-04-11 10:09 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-04-11 09:34 - 2016-05-29 11:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-11 09:31 - 2017-10-11 19:01 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-11 09:31 - 2016-05-29 11:41 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-11 09:22 - 2018-01-23 18:50 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-04-10 08:50 - 2018-01-24 10:30 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-04-08 23:51 - 2018-01-24 10:23 - 000000000 ____D C:\Users\Bender
2018-04-08 08:52 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-08 08:50 - 2016-05-29 10:44 - 000000000 ____D C:\ProgramData\ProductData
2018-04-06 15:25 - 2018-01-24 10:30 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-04-03 21:37 - 2017-09-29 15:49 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-04-03 21:37 - 2017-09-29 15:49 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-01 22:20 - 2016-06-03 15:29 - 000000000 ____D C:\Users\Bender\AppData\Local\CrashDumps
2018-04-01 22:04 - 2016-05-31 09:05 - 000000000 ____D C:\ProgramData\Origin
2018-04-01 21:59 - 2016-05-31 09:06 - 000000000 ____D C:\Users\Bender\AppData\Roaming\Origin
2018-04-01 21:55 - 2016-05-31 09:23 - 000000000 ___RD C:\Users\Bender\Desktop\Hry
2018-04-01 21:38 - 2016-05-31 08:59 - 000000000 ____D C:\Users\Bender\AppData\Local\Ubisoft Game Launcher
2018-03-30 23:41 - 2016-11-04 15:43 - 000002357 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2018-03-30 23:40 - 2018-01-24 10:30 - 000003042 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Bender)
2018-03-30 21:08 - 2017-04-24 22:55 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-27 23:03 - 2017-04-24 22:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-27 23:03 - 2017-01-29 15:43 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-03-27 23:02 - 2018-01-24 10:30 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:02 - 2018-01-24 10:30 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:02 - 2018-01-24 10:30 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:02 - 2017-04-24 22:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-27 23:01 - 2018-01-24 10:30 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:01 - 2018-01-24 10:30 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:01 - 2018-01-24 10:30 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:01 - 2018-01-24 10:30 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 23:01 - 2018-01-24 10:30 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-27 12:19 - 2016-11-06 11:00 - 000000000 ____D C:\Fraps
2018-03-27 12:15 - 2018-01-24 10:30 - 000002502 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Bender
2018-03-27 12:15 - 2017-07-18 09:44 - 000000312 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Bender.job
2018-03-27 12:13 - 2016-09-03 09:45 - 000000000 ____D C:\Users\Bender\AppData\Local\Ubisoft
2018-03-21 17:58 - 2017-07-25 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2018-03-14 12:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-14 12:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-03-13 09:54 - 2016-05-29 11:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-13 09:52 - 2016-10-02 18:59 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-03-13 07:02 - 2018-01-24 10:23 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Files in the root of some directories =======

2017-05-14 22:57 - 2017-05-14 22:57 - 000140800 _____ () C:\Users\Bender\AppData\Local\installer.dat
2017-09-30 19:42 - 2017-09-30 21:07 - 000007598 _____ () C:\Users\Bender\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-10 12:06

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
S3 RapportIaso; no ImagePath
C:\WINDOWS\system32\Drivers\ntknsv.sys
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
Task: {A2B791A8-907F-4963-A4F9-E4D59600A048} - \{7A047D47-0579-0579-0E11-7F040F7A110A} -> No File <==== ATTENTION
Task: {D8B0E1A9-EEC2-4F96-A1AA-21A5AE33DA30} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Bender]

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Bender (13-04-2018 09:02:18) Run:1
Running from C:\Users\Bender\Desktop
Loaded Profiles: Bender (Available Profiles: Bender)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
S3 RapportIaso; no ImagePath
C:\WINDOWS\system32\Drivers\ntknsv.sys
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
Task: {A2B791A8-907F-4963-A4F9-E4D59600A048} - \{7A047D47-0579-0579-0E11-7F040F7A110A} -> No File <==== ATTENTION
Task: {D8B0E1A9-EEC2-4F96-A1AA-21A5AE33DA30} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\System\CurrentControlSet\Services\RapportIaso" => removed successfully
RapportIaso => service removed successfully
C:\WINDOWS\system32\Drivers\ntknsv.sys => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2B791A8-907F-4963-A4F9-E4D59600A048}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2B791A8-907F-4963-A4F9-E4D59600A048}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7A047D47-0579-0579-0E11-7F040F7A110A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8B0E1A9-EEC2-4F96-A1AA-21A5AE33DA30}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8B0E1A9-EEC2-4F96-A1AA-21A5AE33DA30}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\SunJavaUpdateSched" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21226846 B
Java, Flash, Steam htmlcache => 368107965 B
Windows/system/drivers => 368640 B
Edge => 994644 B
Chrome => 0 B
Firefox => 389475970 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 22932 B
NetworkService => 1392 B
Bender => 143623989 B

RecycleBin => 0 B
EmptyTemp: => 886.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-04-2018 09:04:18)


Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.

==== End of Fixlog 09:04:18 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Bender]

Omlouavám se za zdržení. Mělo by být vše v pořádku děkuji mockrát ste nej.

[Rudy]

Nemáte zač!