Samovolne otvaranie firefoxu s reklamou

[Gr4s5]

zdravim, stahoval som firmware z http://samsung-updates.ru/
stiahlo torrent z torrentu som stiahol nejaky exe subor, ktory ked som spustil otvoril firefox (predvoleny prehliadac) a dalej sa uz stahoval firmware, no len odvtedy sa mi po nejakom case sam otvara firefox (pouzivam chrome) z roznymi reklamami, skusal som
avast - nic
adwcleaner - najde nejake rozsirenie v chrome ked dam vymazata restartovat spustim adwcleaner znova a najde to iste
hitmanpro - najde nejake tracking cookies a tie vymaze
prikaldam vypisy z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by xXx (administrator) on XXX-PC (04-08-2018 14:23:22)
Running from C:\Users\xXx\Desktop
Loaded Profiles: xXx (Available Profiles: xXx)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(f.lux Software LLC) C:\Users\xXx\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(DEVGURU Co., LTD.) D:\Programy\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-30] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9231328 2017-07-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-03-23] (Intel Corporation)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\Run: [f.lux] => C:\Users\xXx\AppData\Local\FluxSoftware\Flux\flux.exe [1806344 2018-07-03] (f.lux Software LLC)
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: J - J:\setup.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {1772c776-730c-11e8-a11b-448a5b9d9e0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {1772c79a-730c-11e8-a11b-448a5b9d9e0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {1772c7ed-730c-11e8-a11b-448a5b9d9e0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {1772c7f2-730c-11e8-a11b-448a5b9d9e0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {1a0f7394-9090-11e7-9b49-448a5b9d9e0b} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {1a0f73a2-9090-11e7-9b49-448a5b9d9e0b} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {216d7a36-9c57-11e7-91ac-448a5b9d9e0b} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {257e8f11-7121-11e7-8389-448a5b9d9e0b} - H:\autorun.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {26a86110-7443-11e8-b3be-448a5b9d9e0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {29e287bb-4a8b-11e6-86a6-448a5b9d9e0b} - G:\autorun.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {2bd3af47-3aba-11e6-90a7-448a5b9d9e0b} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {33d6ccdc-bc75-11e7-89e0-448a5b9d9e0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {34cbc42c-a380-11e7-9676-448a5b9d9e0b} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {4507df1a-5d50-11e7-810d-448a5b9d9e0b} - H:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {4b89ee8b-8638-11e6-a72a-448a5b9d9e0b} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {52770cb7-509d-11e6-875e-448a5b9d9e0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {52770cd1-509d-11e6-875e-448a5b9d9e0b} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {5f1ba8bc-777f-11e8-b1f8-448a5b9d9e0b} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {5f1ba8c3-777f-11e8-b1f8-448a5b9d9e0b} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {96450158-5286-11e8-8db3-448a5b9d9e0b} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {a2a58e94-500b-11e6-be0a-448a5b9d9e0b} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {a34a1d16-dc47-11e5-ad20-448a5b9d9e0b} - K:\setup.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {c61f3736-3cf4-11e6-8b01-448a5b9d9e0b} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {d144199a-7456-11e7-b19f-448a5b9d9e0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {dc37aac1-3a0d-11e6-941d-448a5b9d9e0b} - G:\autorun.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {dfa5e0fc-51da-11e7-9344-448a5b9d9e0b} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\MountPoints2: {ffc3a617-bad2-11e7-b1d6-448a5b9d9e0b} - H:\HiSuiteDownLoader.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-06-21]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AB33AC8B-C264-40EE-9597-3129537EF7B4}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{AB33AC8B-C264-40EE-9597-3129537EF7B4}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-29] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-29] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: fr9bnwey.default
FF ProfilePath: C:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\fr9bnwey.default [2018-08-04]
FF Homepage: Mozilla\Firefox\Profiles\fr9bnwey.default -> google.sk
FF Extension: (uBlock Origin) - C:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\fr9bnwey.default\Extensions\uBlock0@raymondhill.net.xpi [2018-07-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-11] ()
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-29] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR Profile: C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default [2018-08-04]
CHR Extension: (Prekladač Google) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Prezentácie) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-12]
CHR Extension: (YouTube) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-12]
CHR Extension: (Forecastfox (fix version)) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\boljdehmejbffnfiiicckjhafabdepnd [2018-07-26]
CHR Extension: (uBlock Origin) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-07-20]
CHR Extension: (Google Search) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-12]
CHR Extension: (Flag for Chrome) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn [2016-03-12]
CHR Extension: (Tampermonkey) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-05-15]
CHR Extension: (Infected Mushroom) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnnindgjlefbclgkdfgjaikcdiaone [2016-03-12]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-07-24]
CHR Extension: (Tabuľky) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (HTTPS Everywhere) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-06-22]
CHR Extension: (FoxyProxy Standard) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2016-03-12]
CHR Extension: (Facebook™ Chat Privacy) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfpgaanechfneiboempkfjghninbibjn [2017-08-15]
CHR Extension: (Nano Defender) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggolfgbegefeeoocgjbmkembbncoadlb [2018-08-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2016-03-12]
CHR Extension: (IE Tab) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2018-08-04]
CHR Extension: (Appspector) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\homgcnaoacgigpkkljjjekpignblkeae [2018-05-15]
CHR Extension: (Nástroj na obnovenie Chromebooku) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2018-01-07]
CHR Extension: (CSFD Magnets) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkoccljoocknljaljhpifcnkmillmilo [2018-06-20]
CHR Extension: (ScriptMonkey) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-08-04]
CHR Extension: (Torrentz2 Magnet Links +) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldknhpjddofdohocbhakahagoepainmo [2017-12-26]
CHR Extension: (Clickable Links) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp [2016-04-25]
CHR Extension: (Kontrola pošty Google) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-03-12]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-07-30]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2018-08-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Prehliadač dokumentov PDF / PowerPoint (od spoločnosti Google)) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2016-03-12]
CHR Extension: (CSFD Vyhľadávanie & Rozšírenia) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhejngpnlkejplknjeligcfnegimip [2018-01-14]
CHR Extension: (Gmail) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-12]
CHR Extension: (Chrome Media Router) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-14]
CHR Profile: C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-06-18]
CHR Profile: C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-06-18]
CHR Extension: (Prezentácie) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-18]
CHR Extension: (Dokumenty) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-18]
CHR Extension: (Disk Google) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-18]
CHR Extension: (YouTube) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-18]
CHR Extension: (Tabuľky) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-18]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-18]
CHR Extension: (Avast Online Security) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-18]
CHR Extension: (Gmail) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-18]
CHR Extension: (Chrome Media Router) - C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-18]
CHR Profile: C:\Users\xXx\AppData\Local\Google\Chrome\User Data\System Profile [2018-06-18]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKLM\SYSTEM\CurrentControlSet\Services\45837BB00AC645ED <==== ATTENTION (Rootkit!)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-30] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-30] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
S3 EvoSvc; D:\Programy\Evolve\EvoSvc.exe [1583488 2017-01-20] (Echobit LLC)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-01-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2016-12-14] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2102880 2017-02-15] (MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2331744 2017-02-15] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2017-02-10] (MSI)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation)
R2 ss_conn_service; D:\Programy\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S4 TeamViewer; D:\Programy\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-05-17] (Intel(R) Corporation)
S4 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [77912 2015-09-23] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [322560 2015-09-23] (SafeNet Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-06-30] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-06-30] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-06-30] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-06-30] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-06-30] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-06-30] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-06-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467064 2018-07-23] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-06-30] (AVAST Software)
S3 cmnxusbser; C:\Windows\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-02-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-02-26] (Disc Soft Ltd)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2017-01-20] (Echobit, LLC)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-04-20] (Huawei Technologies Co., Ltd.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [350552 2015-09-23] (SafeNet Inc.)
S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2018-04-20] (Huawei Technologies Co., Ltd.)
S3 HWHandSetProLine; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2018-04-20] (Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\hw_cdcacm.sys [127360 2018-04-20] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31728 2015-11-12] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2016-10-18] (hxxp://libusb-win32.sourceforge.net)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1627520 2009-06-10] (NXP Semiconductors)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2016-06-15] (The OpenVPN Project)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [123520 2011-07-29] (QUALCOMM Incorporated) [File not signed]
S3 Rockusb; C:\Windows\System32\DRIVERS\rockusb.sys [67024 2013-03-12] (Fuzhou Rockchip Electronics Co,Ltd.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1525904 2013-11-09] (Realtek Semiconductor Corporation )
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [31232 2011-04-26] (The OpenVPN Project) [File not signed]
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [53912 2018-05-11] (Intel Corporation)
S3 DellBIOS; \??\C:\Users\xXx\AppData\Local\Temp\DellBIOS.Sys [X] <==== ATTENTION
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 UCOREW64; \??\C:\Users\xXx\Desktop\Jano PC\amiflash\AMIBIOS\AFUWin\32\UCOREW64.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-04 14:23 - 2018-08-04 14:23 - 000032223 _____ C:\Users\xXx\Desktop\FRST.txt
2018-08-04 14:20 - 2018-08-04 14:19 - 001263528 _____ ( ) C:\Users\xXx\Desktop\DRE-G935FXXS1DQHG-20170831153701_C2CRU8.exe
2018-08-04 14:19 - 2018-08-04 14:19 - 000000303 _____ C:\Users\xXx\Desktop\DRE-G935FXXS1DQHG-20170831153701_C2CRU8.torrent
2018-08-04 13:51 - 2018-08-04 14:23 - 000000000 ____D C:\FRST
2018-08-04 13:43 - 2018-08-04 13:43 - 002412544 _____ (Farbar) C:\Users\xXx\Desktop\FRST64.exe
2018-08-04 13:43 - 2018-08-04 13:43 - 000000000 ____D C:\ProgramData\Doctor Web
2018-08-04 13:39 - 2018-08-04 13:43 - 000000000 ____D C:\Users\xXx\Doctor Web
2018-08-04 13:38 - 2018-08-04 13:38 - 005819544 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\xXx\Desktop\HiJackThis.exe
2018-08-04 13:38 - 2018-08-04 13:38 - 005819544 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\xXx\Desktop\HiJackThis(1).exe
2018-08-04 13:07 - 2018-08-04 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-08-04 13:05 - 2018-08-04 13:07 - 000000000 ____D C:\Program Files\HitmanPro
2018-08-04 13:04 - 2018-08-04 13:11 - 000000000 ____D C:\ProgramData\HitmanPro
2018-08-04 12:55 - 2018-08-04 12:56 - 011576808 _____ (SurfRight B.V.) C:\Users\xXx\Desktop\HitmanPro_x64.exe
2018-08-04 12:16 - 2018-08-04 12:35 - 000000000 ____D C:\AdwCleaner
2018-08-04 12:16 - 2018-08-04 12:16 - 007417040 _____ (Malwarebytes) C:\Users\xXx\Desktop\adwcleaner_7.2.2.exe
2018-08-04 11:57 - 2018-08-04 11:57 - 007535192 _____ (SoftwareTec GmbH ) C:\Users\xXx\Desktop\install_DE_en_1211745.exe
2018-08-04 11:50 - 2018-08-04 11:50 - 000003232 _____ C:\Windows\System32\Tasks\{667FF094-77D5-44FE-BDEE-A8411424888B}
2018-08-04 11:38 - 2018-08-04 11:38 - 000003114 _____ C:\Windows\System32\Tasks\{22FE4E7E-252A-40AD-9DB1-7A7A68E39485}
2018-08-04 11:38 - 2018-08-04 11:38 - 000000000 ____D C:\Users\xXx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boxoft Toolbox
2018-08-04 10:11 - 2018-08-04 10:11 - 000003698 _____ C:\Windows\System32\Tasks\{B21F1416-A9C6-F2BB-5380-3336A9C0EF57}
2018-08-04 10:11 - 2018-08-04 10:11 - 000003636 _____ C:\Windows\System32\Tasks\{8A2D841E-80A5-C162-35AC-C9F4840C5848}
2018-08-04 10:11 - 2018-08-04 10:11 - 000003372 _____ C:\Windows\System32\Tasks\{11CAC34E-A310-D8D2-ACEC-034BDA57A585}
2018-08-04 10:11 - 2018-08-04 10:11 - 000000002 _____ C:\Users\xXx\AppData\Local\imw.ini
2018-08-03 05:27 - 2018-08-03 05:27 - 000003278 _____ C:\Windows\System32\Tasks\{30052238-6DFD-490F-969D-4305A4DB0BBE}
2018-08-03 05:27 - 2018-08-03 05:27 - 000000000 _____ C:\Windows\Setup.INI
2018-08-01 19:06 - 2018-08-01 19:06 - 000000000 ____D C:\Users\xXx\AppData\Roaming\ApkInstaller
2018-08-01 06:46 - 2018-08-01 06:46 - 000000000 ____D C:\Users\xXx\Documents\SideSync
2018-08-01 05:53 - 2018-08-01 05:53 - 000000000 ____D C:\ProgramData\wsr
2018-08-01 05:52 - 2018-08-04 06:29 - 000000000 ____D C:\Users\xXx\AppData\Roaming\Wondershare
2018-08-01 05:52 - 2018-08-04 06:28 - 000000000 ____D C:\ProgramData\Wondershare
2018-08-01 05:52 - 2018-08-04 06:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-08-01 05:51 - 2018-08-04 06:25 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2018-07-31 18:45 - 2018-07-31 18:45 - 000000000 ____D C:\Users\xXx\Documents\Intel XTU Profiles
2018-07-31 14:27 - 2018-07-31 14:27 - 000002669 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2018-07-31 14:26 - 2018-07-31 14:26 - 000000000 ____D C:\Windows\System32\Tasks\Intel
2018-07-31 14:26 - 2018-07-31 14:26 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
2018-07-31 14:26 - 2018-07-31 14:26 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2018-07-31 14:26 - 2018-07-31 14:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2018-07-31 14:26 - 2018-07-31 14:26 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2018-07-31 14:05 - 2018-07-31 14:05 - 030765288 _____ (Intel Corporation) C:\Users\xXx\Desktop\XTUSetup.exe
2018-07-29 09:09 - 2018-07-29 09:09 - 000000000 ____D C:\Users\xXx\AppData\Local\fontconfig
2018-07-29 09:08 - 2018-07-30 05:34 - 000000000 ____D C:\ProgramData\UMS
2018-07-28 21:22 - 2018-07-29 09:08 - 000000760 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server.lnk
2018-07-28 21:22 - 2018-07-28 21:22 - 000000000 ____D C:\Users\xXx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth
2018-07-28 21:22 - 2018-07-28 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server
2018-07-28 21:22 - 2018-07-28 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth
2018-07-28 21:21 - 2018-07-28 21:21 - 086569921 _____ C:\Users\xXx\Desktop\UMS-7.2.0.exe
2018-07-28 00:27 - 2018-07-28 00:27 - 000000000 ____D C:\Users\xXx\AppData\Roaming\EasyAntiCheat
2018-07-28 00:18 - 2018-06-08 03:59 - 000069544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-07-28 00:18 - 2018-04-24 19:29 - 000065792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-07-28 00:14 - 2018-07-28 00:14 - 000000000 ____D C:\Users\xXx\Documents\CPY_SAVES
2018-07-22 10:56 - 2018-07-22 10:56 - 000000657 _____ C:\Users\xXx\Desktop\Realterm.lnk
2018-07-22 10:56 - 2018-07-22 10:56 - 000000000 ____D C:\Users\xXx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realterm
2018-07-22 10:56 - 2018-07-22 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realterm
2018-07-20 06:51 - 2018-08-04 13:00 - 000000000 ____D C:\Users\xXx\Desktop\Galaxy S7
2018-07-15 18:50 - 2018-06-21 02:58 - 000398376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-15 18:50 - 2018-06-21 02:00 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-15 18:50 - 2018-06-16 19:07 - 025743872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-15 18:50 - 2018-06-16 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-07-15 18:50 - 2018-06-16 18:46 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-07-15 18:50 - 2018-06-16 18:36 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-15 18:50 - 2018-06-16 18:33 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-15 18:50 - 2018-06-16 18:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-07-15 18:50 - 2018-06-16 18:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-15 18:50 - 2018-06-16 18:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-07-15 18:50 - 2018-06-16 18:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-07-15 18:50 - 2018-06-16 18:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-07-15 18:50 - 2018-06-16 18:27 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-15 18:50 - 2018-06-16 18:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-07-15 18:50 - 2018-06-16 18:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-07-15 18:50 - 2018-06-16 18:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-07-15 18:50 - 2018-06-16 18:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-07-15 18:50 - 2018-06-16 18:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-07-15 18:50 - 2018-06-16 18:19 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-15 18:50 - 2018-06-16 18:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-07-15 18:50 - 2018-06-16 18:19 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-07-15 18:50 - 2018-06-16 18:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-15 18:50 - 2018-06-16 18:08 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-07-15 18:50 - 2018-06-16 18:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-15 18:50 - 2018-06-16 18:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-07-15 18:50 - 2018-06-16 18:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-07-15 18:50 - 2018-06-16 18:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-07-15 18:50 - 2018-06-16 18:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-07-15 18:50 - 2018-06-16 18:02 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-15 18:50 - 2018-06-16 18:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-07-15 18:50 - 2018-06-16 18:02 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-15 18:50 - 2018-06-16 18:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-07-15 18:50 - 2018-06-16 17:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-07-15 18:50 - 2018-06-16 17:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-07-15 18:50 - 2018-06-16 17:58 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-07-15 18:50 - 2018-06-16 17:57 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-07-15 18:50 - 2018-06-16 17:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-07-15 18:50 - 2018-06-16 17:56 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-15 18:50 - 2018-06-16 17:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-07-15 18:50 - 2018-06-16 17:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-07-15 18:50 - 2018-06-16 17:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-07-15 18:50 - 2018-06-16 17:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-07-15 18:50 - 2018-06-16 17:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-07-15 18:50 - 2018-06-16 17:46 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-15 18:50 - 2018-06-16 17:44 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-07-15 18:50 - 2018-06-16 17:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-15 18:50 - 2018-06-16 17:42 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-15 18:50 - 2018-06-16 17:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-07-15 18:50 - 2018-06-16 17:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-15 18:50 - 2018-06-16 17:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-07-15 18:50 - 2018-06-16 17:40 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-07-15 18:50 - 2018-06-16 17:39 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-15 18:50 - 2018-06-16 17:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-07-15 18:50 - 2018-06-16 17:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-07-15 18:50 - 2018-06-16 17:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-07-15 18:50 - 2018-06-16 17:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-07-15 18:50 - 2018-06-16 17:34 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-15 18:50 - 2018-06-16 17:32 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-15 18:50 - 2018-06-16 17:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-07-15 18:50 - 2018-06-16 17:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-15 18:50 - 2018-06-16 17:28 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-15 18:50 - 2018-06-16 17:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-15 18:50 - 2018-06-16 17:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-07-15 18:50 - 2018-06-16 17:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-15 18:50 - 2018-06-16 17:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-15 18:50 - 2018-06-16 17:05 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-15 18:50 - 2018-06-16 17:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-15 18:50 - 2018-06-16 17:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-15 18:50 - 2018-06-13 18:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-15 18:50 - 2018-06-13 18:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-15 18:50 - 2018-06-13 18:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-15 18:50 - 2018-06-13 18:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-15 18:50 - 2018-06-13 17:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-15 18:50 - 2018-06-13 17:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-15 18:50 - 2018-06-13 17:40 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-15 18:50 - 2018-06-08 18:27 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-15 18:50 - 2018-06-08 18:27 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-15 18:50 - 2018-06-08 18:27 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-07-15 18:50 - 2018-06-08 18:27 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-15 18:50 - 2018-06-08 18:27 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-15 18:50 - 2018-06-08 18:23 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-15 18:50 - 2018-06-08 18:22 - 001665344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-15 18:50 - 2018-06-08 18:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-15 18:50 - 2018-06-08 18:21 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-07-15 18:50 - 2018-06-08 18:21 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-15 18:50 - 2018-06-08 18:21 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-15 18:50 - 2018-06-08 18:21 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-15 18:50 - 2018-06-08 18:21 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-15 18:50 - 2018-06-08 18:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-07-15 18:50 - 2018-06-08 18:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-15 18:50 - 2018-06-08 18:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-15 18:50 - 2018-06-08 18:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-15 18:50 - 2018-06-08 18:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-07-15 18:50 - 2018-06-08 18:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-15 18:50 - 2018-06-08 18:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 18:02 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-07-15 18:50 - 2018-06-08 18:02 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-07-15 18:50 - 2018-06-08 17:57 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-07-15 18:50 - 2018-06-08 17:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-15 18:50 - 2018-06-08 17:44 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-15 18:50 - 2018-06-08 17:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-15 18:50 - 2018-06-08 17:44 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-15 18:50 - 2018-06-08 17:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-07-15 18:50 - 2018-06-08 17:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-15 18:50 - 2018-06-08 17:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-07-15 18:50 - 2018-06-08 17:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-07-15 18:50 - 2018-06-08 17:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-15 18:50 - 2018-06-08 17:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-15 18:50 - 2018-06-08 17:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-15 18:50 - 2018-06-08 17:33 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-07-15 18:50 - 2018-06-08 17:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-15 18:50 - 2018-06-08 17:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-15 18:50 - 2018-06-08 17:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-15 18:50 - 2018-06-08 17:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-07-15 18:50 - 2018-06-08 17:21 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-07-15 18:50 - 2018-06-08 17:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-07-15 18:50 - 2018-06-08 17:21 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-07-15 18:50 - 2018-06-08 17:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-07-15 18:50 - 2018-06-08 17:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-07-15 18:50 - 2018-06-08 17:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-15 18:50 - 2018-06-08 15:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-15 18:50 - 2018-06-08 15:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-15 18:50 - 2018-06-08 15:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-15 18:50 - 2018-06-08 15:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-15 18:50 - 2018-06-08 15:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-15 18:50 - 2018-06-08 15:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-15 18:50 - 2018-06-08 15:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-15 18:50 - 2018-06-08 15:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-15 18:50 - 2018-06-07 18:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-15 18:50 - 2018-06-07 18:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-15 18:50 - 2018-06-07 18:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-15 18:50 - 2018-06-07 18:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-15 18:50 - 2018-06-07 17:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-15 18:50 - 2018-06-07 17:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-15 18:50 - 2018-06-07 17:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-15 18:50 - 2018-05-31 18:28 - 001893568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-15 18:50 - 2018-05-31 18:28 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-07-15 18:50 - 2018-05-31 18:28 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-10 06:32 - 2018-07-26 07:19 - 000000889 _____ C:\Users\xXx\.maps-toolconfig
2018-07-05 08:56 - 2018-06-25 19:27 - 040346984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 040092248 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 035250264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 032361048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 017000808 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-07-05 08:56 - 2018-06-25 19:27 - 003965288 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 003496376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 002013808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439836.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 001562560 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 001468456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439836.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 001419112 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 001216264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 001092480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 000627240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-07-05 08:56 - 2018-06-25 19:27 - 000517720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 031242016 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 025959416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 020295744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 019083216 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 013728120 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 011273624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 001157400 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 000904744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 000544480 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 000462832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 000420184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 000182600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 000164952 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 000159712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-07-05 08:56 - 2018-06-25 19:26 - 000142632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-07-05 08:56 - 2018-06-25 19:25 - 017748120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-07-05 08:56 - 2018-06-25 19:25 - 015693248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-07-05 08:56 - 2018-06-25 19:25 - 015163664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-07-05 08:56 - 2018-06-25 19:25 - 004081952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-04 14:20 - 2016-02-26 17:53 - 000000000 ____D C:\Users\xXx\AppData\Roaming\uTorrent
2018-08-04 14:16 - 2016-03-15 12:38 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-04 14:12 - 2016-11-20 09:07 - 000000000 ____D C:\Users\xXx\AppData\LocalLow\Mozilla
2018-08-04 13:43 - 2016-02-25 23:21 - 000000000 ____D C:\Users\xXx
2018-08-04 13:22 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-04 13:22 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-04 13:21 - 2011-04-12 10:34 - 000661472 _____ C:\Windows\system32\perfh005.dat
2018-08-04 13:21 - 2011-04-12 10:34 - 000141620 _____ C:\Windows\system32\perfc005.dat
2018-08-04 13:21 - 2009-07-14 07:13 - 001586648 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-04 13:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-04 13:16 - 2016-06-12 22:44 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-04 13:14 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-04 10:38 - 2016-05-23 17:43 - 000000000 ____D C:\Users\xXx\AppData\Local\JDownloader v2.0
2018-08-04 07:54 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\ModemLogs
2018-08-04 07:18 - 2017-08-09 12:18 - 000000000 ____D C:\Users\xXx\Desktop\Redmi Note 4
2018-08-04 06:45 - 2016-07-07 19:11 - 000000000 ____D C:\Users\xXx\AppData\Local\CrashDumps
2018-08-04 06:06 - 2016-06-12 22:35 - 000000000 ____D C:\Users\xXx\AppData\Local\IE Tab
2018-08-03 05:27 - 2018-05-08 08:54 - 000000000 ____D C:\Users\xXx\Desktop\medion
2018-08-02 07:40 - 2016-03-16 11:42 - 000000000 ____D C:\Users\xXx\Desktop\skpl
2018-08-02 06:48 - 2018-03-26 07:08 - 000000000 ____D C:\Users\xXx\AppData\Local\AVAST Software
2018-08-01 10:11 - 2018-01-12 09:57 - 000272480 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-01 07:12 - 2018-02-10 18:52 - 000000000 ____D C:\Users\xXx\Desktop\FRP Gsm Tech
2018-08-01 06:46 - 2017-12-07 08:28 - 000000000 ____D C:\Users\xXx\AppData\Roaming\Samsung
2018-08-01 05:52 - 2018-01-12 09:57 - 000059616 _____ C:\Users\xXx\AppData\Local\GDIPFONTCACHEV1.DAT
2018-07-31 19:15 - 2016-06-21 18:38 - 000000000 ____D C:\Users\xXx\Documents\temp
2018-07-31 18:37 - 2016-02-25 23:51 - 000000000 ____D C:\ProgramData\Intel
2018-07-31 14:27 - 2016-02-25 23:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-07-31 14:26 - 2016-02-25 23:26 - 000000000 ____D C:\ProgramData\Package Cache
2018-07-31 14:26 - 2016-02-25 23:22 - 000000000 ____D C:\Program Files (x86)\Intel
2018-07-31 14:25 - 2016-06-26 19:43 - 000000000 ____D C:\Users\xXx\Games
2018-07-31 14:22 - 2017-07-31 21:26 - 000000000 ____D C:\Users\xXx\AppData\Roaming\Kodi
2018-07-31 14:19 - 2018-02-25 10:32 - 000000000 ____D C:\Users\xXx\AppData\Local\Nox
2018-07-31 14:14 - 2016-02-25 23:26 - 000000000 ____D C:\ProgramData\AVAST Software
2018-07-31 14:10 - 2016-02-25 23:22 - 000000000 ____D C:\Program Files\Intel
2018-07-28 07:22 - 2016-06-12 22:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-07-28 00:18 - 2018-05-26 17:23 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2018-05-26 17:23 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2018-05-26 17:22 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2018-05-26 17:22 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2018-05-26 17:22 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2018-04-29 12:15 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2016-12-18 08:29 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2016-09-29 12:17 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2016-09-29 12:17 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2016-09-29 12:17 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2016-09-29 12:17 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-28 00:18 - 2016-09-29 12:17 - 000001380 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-07-28 00:18 - 2016-06-12 22:43 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-28 00:18 - 2016-06-12 22:39 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-07-28 00:14 - 2017-03-21 20:10 - 000000000 ____D C:\Users\xXx\Documents\My Games
2018-07-26 18:47 - 2016-02-26 07:45 - 000000592 __RSH C:\ProgramData\ntuser.pol
2018-07-23 17:23 - 2016-02-25 23:26 - 000467064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-07-19 22:20 - 2018-05-26 17:23 - 002340392 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-07-19 22:20 - 2018-05-26 17:23 - 001936424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-07-19 22:20 - 2018-05-26 17:23 - 001311784 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-07-19 19:44 - 2016-12-18 08:29 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-07-16 20:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-07-15 19:07 - 2016-02-28 08:43 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-15 18:55 - 2016-02-25 23:50 - 001553136 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-15 18:52 - 2016-02-28 13:44 - 000000000 ____D C:\Windows\system32\MRT
2018-07-15 18:50 - 2016-02-28 13:44 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-11 19:49 - 2016-02-26 07:26 - 000000000 ____D C:\Users\xXx\AppData\Roaming\DAEMON Tools Lite
2018-07-11 06:16 - 2018-03-14 08:30 - 000004520 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-11 06:16 - 2016-03-15 12:38 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-11 06:16 - 2016-03-15 12:38 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 06:16 - 2016-03-15 12:38 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-11 06:16 - 2016-03-15 12:38 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-10 05:57 - 2017-01-13 17:22 - 000000727 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2018-07-09 08:22 - 2017-10-21 10:12 - 000002041 _____ C:\Users\xXx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2018-07-08 20:16 - 2016-02-28 10:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-08 16:41 - 2017-03-15 10:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-08 13:00 - 2010-02-01 00:00 - 000000000 ____D C:\Users\xXx\Desktop\OpenHardwareMonitor
2018-07-05 08:57 - 2018-04-29 12:31 - 000000000 ____D C:\Windows\system32\unknown
2018-07-05 08:57 - 2016-05-26 22:04 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-07-05 08:57 - 2016-02-26 14:46 - 000000000 ____D C:\Users\xXx\AppData\Roaming\Notepad++

==================== Files in the root of some directories =======

2009-07-14 03:14 - 2009-07-14 03:14 - 000073216 ____N (Microsoft Corporation) C:\Users\xXx\IIle.exe
2009-07-14 03:14 - 2009-07-14 03:14 - 000073216 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\jGaHoDagsEAtB.exe
2016-09-24 19:16 - 2016-09-24 19:16 - 000000046 _____ () C:\Users\xXx\AppData\Roaming\Camdata.ini
2016-09-24 19:16 - 2016-09-24 19:16 - 000000408 _____ () C:\Users\xXx\AppData\Roaming\CamLayout.ini
2016-09-24 19:16 - 2016-09-24 19:16 - 000000408 _____ () C:\Users\xXx\AppData\Roaming\CamShapes.ini
2016-09-24 19:16 - 2016-09-24 19:16 - 000004536 _____ () C:\Users\xXx\AppData\Roaming\CamStudio.cfg
2017-02-23 09:02 - 2017-02-23 10:53 - 000000040 _____ () C:\Users\xXx\AppData\Roaming\cdr.ini
2009-07-14 03:14 - 2009-07-14 03:14 - 000186368 ____N (Microsoft Corporation) C:\Users\xXx\AppData\Roaming\qIIHUkE.exe
2016-09-24 19:15 - 2016-09-24 19:15 - 000000096 _____ () C:\Users\xXx\AppData\Roaming\version2.xml
2017-02-06 17:45 - 2017-02-06 17:45 - 000003584 _____ () C:\Users\xXx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-04 10:11 - 2018-08-04 10:11 - 000000002 _____ () C:\Users\xXx\AppData\Local\imw.ini
2017-01-20 19:04 - 2018-04-25 20:18 - 000007602 _____ () C:\Users\xXx\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2018-08-04 10:36 - 2018-08-04 10:36 - 000040448 ____N () C:\Users\xXx\AppData\Local\Temp\proxy_vole8707380511065832531.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-01 15:36

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by xXx (04-08-2018 14:23:44)
Running from C:\Users\xXx\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-02-25 21:21:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1087696589-3678301289-1686821463-500 - Administrator - Disabled)
Guest (S-1-5-21-1087696589-3678301289-1686821463-501 - Limited - Disabled)
xXx (S-1-5-21-1087696589-3678301289-1686821463-1000 - Administrator - Enabled) => C:\Users\xXx

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 17.01 beta (x64) (HKLM\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.28.1 - Asmedia Technology)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (09/01/2011 2.0.1136.0) (HKLM\...\32DC281B7E359EA3D16ECC7D98609F6A592B981D) (Version: 09/01/2011 2.0.1136.0 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. Net (07/14/2011 1.1129.00) (HKLM\...\89BF901AB9E67C6D8D35E49F33EBEA28C8B5F658) (Version: 07/14/2011 1.1129.00 - MediaTek Inc.)
Balíček ovladače systému Windows - Microsoft (WUDFRd) WPD (02/22/2006 5.2.5326.4762) (HKLM\...\B77DDB8A5697AAF5DA4E4859E53C301B877DD206) (Version: 02/22/2006 5.2.5326.4762 - Microsoft)
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
ControlConsole API version 2.70 (HKLM-x32\...\{E6C0F5ED-B5EA-451D-8CB1-57902AA188DE}_is1) (Version: 2.70 - Enstone)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
Electrum (HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\Electrum) (Version: 3.1.0 - Electrum Technologies GmbH)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.18 - Echobit, LLC)
f.lux (HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\Flux) (Version: - f.lux Software LLC)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: - )
Far Cry 5 (HKLM-x32\...\Far Cry 5_is1) (Version: - )
FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.24.1 - Androxyde)
Ghost Recon: Wildlands (HKLM-x32\...\Ghost Recon: Wildlands_is1) (Version: - )
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 2.00.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 2.00.0000 - GIGABYTE Technology Co.,Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
Intel Extreme Tuning Utility (HKLM-x32\...\{1d91bf86-43a0-4b7a-8fdf-76c3bfb5a36f}) (Version: 6.4.1.23 - Intel Corporation)
Intel Extreme Tuning Utility (HKLM-x32\...\{FA506D5A-CCF5-4D4D-A218-FFB31F36EACF}) (Version: 6.4.1.23 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.5.69 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\Kodi) (Version: - XBMC-Foundation)
Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version: - )
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.2.2 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 61.0.1 (x64 sk) (HKLM\...\Mozilla Firefox 61.0.1 (x64 sk)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.18 - MSI)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.36 - NVIDIA Corporation) Hidden
PCSC Bridge (HKLM-x32\...\{86B45C9B-50F9-4DE4-B7EF-C7F23EBC1D21}) (Version: 3.0.0 - Gemalto)
PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.316.1 - Tracker Software Products (Canada) Ltd.)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: - Kakao Corp.)
Prostředí Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16432 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.107.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8216 - Realtek Semiconductor Corp.)
Realterm 2.0.0.70_SignedWrapper (HKLM-x32\...\Realterm) (Version: 2.0.0.70_SignedWrapper - Broadcast Equipment)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
SSDlife Free (HKLM-x32\...\{18302BF2-AA3C-46E3-B039-996FD0DB5639}) (Version: 2.5.82 - BinarySense Inc.)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
UnCleaner (HKLM\...\UnCleaner) (Version: 1.7 - Josh Cell Softwares Corporation)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 7.2.0 - Universal Media Server)
Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinImage (HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\...\WinImage) (Version: - )
WirelessMon V4.0 (HKLM-x32\...\WirelessMon_is1) (Version: - PassMark Software ®)
XiaoMiFlash (HKLM-x32\...\{17027A8C-4379-424D-9236-075003273CE3}) (Version: 1.1.4 - XiaoMi)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1087696589-3678301289-1686821463-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1087696589-3678301289-1686821463-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1087696589-3678301289-1686821463-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1087696589-3678301289-1686821463-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1087696589-3678301289-1686821463-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1087696589-3678301289-1686821463-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1087696589-3678301289-1686821463-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-30] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-30] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-30] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-12-21] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-30] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00051F9A-B160-4FF6-9635-9F6A7AA09011} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {04E34DC0-8DB8-44C9-B88A-2EA3B05CA8C5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {0A07D508-3A06-4DC5-AA06-067B926F5954} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0B8244CA-FC08-4225-BAA1-F2D07B64D124} - System32\Tasks\GIGABYTE OC GURU => C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU IIOC_GURU.exe
Task: {0D4C1F75-353B-4DB9-A766-4A4421EE23B2} - System32\Tasks\{30052238-6DFD-490F-969D-4305A4DB0BBE} => C:\Windows\system32\pcalua.exe -a "C:\Users\xXx\Desktop\medion\asd\Display (XP) (Vers. 1.0.0.1727)\Setup.exe" -d "C:\Users\xXx\Desktop\medion\asd\Display (XP) (Vers. 1.0.0.1727)"
Task: {16274751-3E34-4563-A157-2A4C673D2AF1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-06-30] (AVAST Software)
Task: {1E140CB6-4440-421D-802F-D1E20DEB32C2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {30F3B46D-273D-4D9E-BAAC-1F3C50015B69} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {38F8DABF-8968-4B4C-A2FD-0202084B4E8B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {3950D6A1-E224-473F-A2FF-0AE4594C8ECE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {3F146C94-7E81-48FC-99F8-7BEF1926DB62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12] (Google Inc.)
Task: {48FE42B9-0E44-4AED-8C1C-07B054472D8C} - System32\Tasks\{8A2D841E-80A5-C162-35AC-C9F4840C5848} => C:\Program Files (x86)\Common Files\jGaHoDagsEAtB.exe [2009-07-14] (Microsoft Corporation)
Task: {4D5F5AE2-CD88-4CFF-964F-1C45D358FD1D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {64966F48-F3C3-4E51-97E1-839A5FCB67A7} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {7506DF5B-EF4D-4417-AAC6-AA3D6A9FE620} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {7C12ECCB-916B-472C-8098-16780B961C4F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {86E9760B-9AF4-448B-BFAC-27B9F9F65527} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8B0298D7-D3F2-425E-A4A0-86823E20DAF8} - System32\Tasks\{667FF094-77D5-44FE-BDEE-A8411424888B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsUpdInstaller.exe" -d "C:\Program Files (x86)\Wondershare\WAF\2.4.3.237"
Task: {8E47F72C-75BB-404C-AF15-EA65EC3658E5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-06-06] (AVAST Software)
Task: {8FE9E874-3C8E-4ABC-BD98-63711C0736AF} - System32\Tasks\{22FE4E7E-252A-40AD-9DB1-7A7A68E39485} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\Boxtools\Uninstall.exe -d C:\ProgramData\Boxtools
Task: {91D2E5AC-80B5-4D0C-A215-EFF7E2904297} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {94BA4676-9027-466D-8CE9-823A6E8C0448} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {AFBBDAD4-1140-4A32-84BC-91CBA0BF87AA} - System32\Tasks\{B21F1416-A9C6-F2BB-5380-3336A9C0EF57} => "C:\Program Files\Mozilla Firefox\firefox.exe" hxxp://puklusi.ru/cl/?guid=7o4j5p5tqh2s11sxn2eoan54vgipvkwt&prid=1&pid=4_963_0
Task: {B2F3FD4B-00EB-4F3A-94F2-4BAFAD9E0EFA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BA340DB4-9E63-4C29-A0FF-61B3D6CD9B14} - System32\Tasks\{11CAC34E-A310-D8D2-ACEC-034BDA57A585} => C:\Users\xXx\IIle.exe [2009-07-14] (Microsoft Corporation)
Task: {BAEE7A5C-0058-42A9-B248-68FCA1959719} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {C37EC5DC-B0A6-484D-B92F-E2DCBFD1F231} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {C476A0E1-4F8C-4EEF-BE99-E669B8C8A0FF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {CC909068-89A4-4B34-8234-25420E511FA3} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {CCD535EE-DCE3-4DF3-B0E0-E21CE99BB0EF} - System32\Tasks\{9F4307F9-6E44-42D6-9EB7-2E251D032CE5} => C:\Windows\system32\pcalua.exe -a "C:\Users\xXx\Desktop\Redmi 3S\miflash_unlock-en-2.2.624.14\MiUsbDriver.exe" -d "C:\Users\xXx\Desktop\Redmi 3S\miflash_unlock-en-2.2.624.14"
Task: {DEABAF53-925F-40E3-AFD2-A9D6FF44B1DB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E3034674-84C1-4DD5-965F-B85E331B06D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {E657FA7E-B56A-4DB9-A9D8-B98298A0F109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12] (Google Inc.)
Task: {E7937704-B6A4-49AC-93CF-79657495AD5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {FE2F6866-6CF5-4217-A666-81133AE2DB59} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\xXx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Nástroj na obnovenie Chromebooku.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=jndclpdbaamdhonoechobihbbiimdgai

==================== Loaded Modules (Whitelisted) ==============

2017-06-12 19:48 - 2017-06-12 19:48 - 000052392 _____ () D:\Programy\FileZilla FTP Client\fzshellext_64.dll
2017-08-29 02:43 - 2017-08-29 02:43 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-29 12:17 - 2018-07-19 22:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-06-30 05:33 - 2018-06-30 05:33 - 000599768 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-06-26 06:52 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-26 06:52 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-06-30 05:33 - 2018-06-30 05:33 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-04 11:47 - 2018-08-04 11:47 - 005896848 _____ () C:\Program Files\AVAST Software\Avast\defs\18080400\algo.dll
2018-06-30 05:33 - 2018-06-30 05:33 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-06-30 05:33 - 2018-06-30 05:33 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-06-30 05:33 - 2018-06-30 05:33 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-06-30 05:33 - 2018-06-30 05:33 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-13 13:48 - 2018-03-13 13:48 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-06-30 05:33 - 2018-06-30 05:33 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2016-09-29 12:17 - 2018-07-19 22:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-11-10 13:12 - 2014-11-10 13:12 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1087696589-3678301289-1686821463-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\xXx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{CA46C0E5-673F-4D29-919A-14D8EBF4BFF6}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\xxx\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C2EF2DF6-4040-4226-A207-4A769C2B313A}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\xxx\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{844E3E67-EE04-4803-A4AA-1C5A115B653D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FF4027B6-B593-47FE-B052-37163DFA0356}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F40449F8-5C2E-4A01-9199-13F06343B96C}] => (Allow) D:\Valve\Steam\Steam.exe
FirewallRules: [{CB45110C-B31A-4321-A1EE-313B18634B18}] => (Allow) D:\Valve\Steam\Steam.exe
FirewallRules: [{484E9704-14CF-4BBD-A115-B2A0B306BF52}] => (Allow) D:\Valve\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{629D5E15-0972-4C92-B19D-E9F8C13B4D5A}] => (Allow) D:\Valve\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{095B547A-D55C-4F19-B3FD-77CA8994C028}D:\valve\steam\steamapps\common\half-life\hl.exe] => (Allow) D:\valve\steam\steamapps\common\half-life\hl.exe
FirewallRules: [UDP Query User{F437EAA2-73EB-422E-B01B-8A736E245F35}D:\valve\steam\steamapps\common\half-life\hl.exe] => (Allow) D:\valve\steam\steamapps\common\half-life\hl.exe
FirewallRules: [TCP Query User{B082FAFB-CDF2-4C01-83A8-FB8538F9C290}H:\wd_windows_tools\wddiscovery\wddiscovery.exe] => (Allow) H:\wd_windows_tools\wddiscovery\wddiscovery.exe
FirewallRules: [UDP Query User{B8CDE7F4-3C19-467B-82D8-7752B7536C4F}H:\wd_windows_tools\wddiscovery\wddiscovery.exe] => (Allow) H:\wd_windows_tools\wddiscovery\wddiscovery.exe
FirewallRules: [{30167E98-8EDF-44FC-9690-F59B216EF71E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D77BB91E-02FC-4B3A-8226-63625A36EF7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{30F26C31-8A4A-4A4F-A9AD-DFA3EE9E661B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F8F5F9F0-1ABA-4891-98B8-2343893AC57F}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{3463FB97-197C-4E2F-89AB-5AFF03C8B197}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{E051B6DE-2599-4937-8379-80083D9ECB9B}] => (Allow) LPort=26675
FirewallRules: [{881AB7B2-B17B-45AE-9BB5-D2BC0134464F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{6D97D815-9E24-4DF3-A0E6-3051DE3004A6}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{F0D1443B-00EC-4E7B-834B-1166CDA8C56B}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{F5D8B1D1-7FB4-4E3E-A033-E726C91683ED}] => (Allow) D:\Valve\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CA12E0D3-D25B-4CA3-8C01-F113844352A6}] => (Allow) D:\Valve\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{385F10F7-5261-4640-9DA0-C04536D08DAF}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{E25A2256-DB00-4EE3-B00C-7D5420874691}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{C972DE2E-7B3F-4FFD-ACA8-DBA4A87E5348}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B8B99743-2D18-4139-A2CF-FD9614679BAE}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{10307CFC-0C6A-4324-BF88-95C8E96126F4}] => (Allow) D:\Programy\Evolve\EvoSvc.exe
FirewallRules: [{54EE37B6-AF25-422A-B154-7CC917F6558D}] => (Allow) D:\Programy\Evolve\EvolveClient.exe
FirewallRules: [{49C4FEB9-134D-485B-B50E-55C4CF4CE9A0}] => (Allow) D:\Valve\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{D7EFE82E-8D8C-4AF3-8C93-2AFD68BA6293}] => (Allow) D:\Valve\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{AB05796A-2E41-4571-86CA-262180488100}] => (Allow) D:\Valve\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{C53D61C8-0443-4654-AE65-915277F94233}] => (Allow) D:\Valve\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [TCP Query User{0E546765-7A99-46C7-BA5C-A1B90C67AE2B}D:\programy\filezilla ftp client\filezilla.exe] => (Allow) D:\programy\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{7368B6B1-A5C7-44B0-B7BC-60631323504F}D:\programy\filezilla ftp client\filezilla.exe] => (Allow) D:\programy\filezilla ftp client\filezilla.exe
FirewallRules: [{A00B42A7-07E5-4F44-B7A5-874F134A253E}] => (Allow) C:\Users\xXx\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{D64CE89B-DA0A-4706-A52D-F8DA7033A9C1}] => (Allow) C:\Users\xXx\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{15406450-F62F-4280-A91B-1F7A52FFE640}D:\programy\kodi\kodi.exe] => (Allow) D:\programy\kodi\kodi.exe
FirewallRules: [UDP Query User{3E5C332C-C1E2-4654-A8E0-EC3BC1DC8DA9}D:\programy\kodi\kodi.exe] => (Allow) D:\programy\kodi\kodi.exe
FirewallRules: [{92AFB555-6174-4832-BDC0-9AC6B09D175A}] => (Allow) D:\Valve\Steam\SteamApps\common\Sven Co-op\svencoop.exe
FirewallRules: [{2D257305-CC5C-4ACA-BBD5-6408DC88DA9E}] => (Allow) D:\Valve\Steam\SteamApps\common\Sven Co-op\svencoop.exe
FirewallRules: [{27FEA834-718A-41C0-AD61-E2E3BCE562A9}] => (Allow) D:\Valve\Steam\SteamApps\common\Sven Co-op\svends.exe
FirewallRules: [{75C34E39-3EB9-4CAF-BAEF-6F687B8A431D}] => (Allow) D:\Valve\Steam\SteamApps\common\Sven Co-op\svends.exe
FirewallRules: [{D28D27E1-0AB1-45DC-9E66-07133AC55E79}] => (Allow) D:\Valve\Steam\SteamApps\common\Deadfall Adventures\Binaries\Win32\ADVGame-Win32-Shipping.exe
FirewallRules: [{52417060-C89E-4EDA-A56B-5ECC9C33E2CE}] => (Allow) D:\Valve\Steam\SteamApps\common\Deadfall Adventures\Binaries\Win32\ADVGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{F94067F5-451E-419F-A439-CEA8A9A14634}D:\hry\splinter cell conviction\src\system\conviction_game.exe] => (Allow) D:\hry\splinter cell conviction\src\system\conviction_game.exe
FirewallRules: [UDP Query User{E6D2A7F0-47A4-48E5-A9D3-3476C20DF2C1}D:\hry\splinter cell conviction\src\system\conviction_game.exe] => (Allow) D:\hry\splinter cell conviction\src\system\conviction_game.exe
FirewallRules: [TCP Query User{C93FF098-E852-47E7-BE29-3A05DDACB71B}C:\program files\java\jre1.8.0_151\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_151\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{0B55E1EC-957C-4A92-9208-EE365EBD4398}C:\program files\java\jre1.8.0_151\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_151\launch4j-tmp\frd.exe
FirewallRules: [{8A7066A2-78F1-496B-B05F-49F47B0D1967}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{1BBB8010-DB77-4178-8A24-D8B510EDFF83}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{09F46A99-D1B1-482B-9ACD-C557235165AA}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B0D7DB17-DB0E-4441-A16F-756D1F59B8D2}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{14C2D5B4-BDE7-483E-AD0E-EEF1ECBC429D}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [TCP Query User{FDABDE5D-9F01-4FCD-9679-57136B59DDB4}D:\hry\tom clancy's ghost recon - wildlands\grw.exe] => (Allow) D:\hry\tom clancy's ghost recon - wildlands\grw.exe
FirewallRules: [UDP Query User{69193F53-A6D2-491B-9FC7-F8444FFDD985}D:\hry\tom clancy's ghost recon - wildlands\grw.exe] => (Allow) D:\hry\tom clancy's ghost recon - wildlands\grw.exe
FirewallRules: [TCP Query User{F5DAE6C3-3FA8-45C4-A00E-12BBE12C4A0E}D:\hry\far cry 4\bin\farcry4.exe] => (Block) D:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{B4E481E1-D683-4435-B669-F49ACF7F203E}D:\hry\far cry 4\bin\farcry4.exe] => (Block) D:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [{2C87C263-59DC-4FAA-A3DF-9EA627522939}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2CE8DF33-C381-45CF-A871-72BCE7197C9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A5AE9390-0144-4B2B-A23E-7F4EF83A8B4D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{5CBAEE6C-5A1D-4B83-8EA5-33FCD90E2EAD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{A17F52FE-6B8E-4EE1-A2FA-EBF73B38A3D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{06EB0AC8-B801-42C2-AAC1-CBBC7BEF2124}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{BEF900AD-BC25-4E50-A687-C2CF4C1486DF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{174982B8-1134-4F95-8D51-2A56B0D78F95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{49FACAC0-B6F7-49BB-865B-D7947D48AA0D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7A76B730-5993-4CC8-B626-C9593B13E584}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EC78BF6B-443B-4894-9BC9-071865BD466A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{553D5605-3BB1-45E3-87B7-56CD27FA4AC2}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{6327EEA4-5DD1-4426-9A2E-F4E677529F47}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{0C2B65A3-554D-46A6-9321-A1CC84F52BEB}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{D61D20F3-ADC5-43EE-A4DA-6EE87305A828}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{28AA49F3-63DA-4C31-988B-8D0D5F9D53CB}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{F93752B8-E256-4229-9A3C-5429B51B0DF8}] => (Allow) C:\Program Files (x86)\Common Files\jGaHoDagsEAtB.exe
FirewallRules: [{AE145107-5631-4065-B3FA-F7BEB6854B42}] => (Allow) C:\Users\xXx\IIle.exe
FirewallRules: [{DE0CA083-50E7-48BC-8EB2-363165DA16BB}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{0C10105D-7526-4C52-BACF-FE66D3F222CC}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{C5DB640F-5873-41DE-AF6E-C8EBF9F4C1BE}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{E74CA08D-E588-48FE-8801-38F510DE6602}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{144EAE73-050C-4D46-9191-966F6F0DCD3D}] => (Allow) C:\Windows\SysWOW64\svchost.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Evolve Virtual Ethernet Adapter
Description: Evolve Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Echobit LLC
Service: EvolveVirtualAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/04/2018 01:14:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/04/2018 12:36:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/04/2018 06:44:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adb.exe, verze: 0.0.0.0, časové razítko: 0x34a734a0
Název chybujícího modulu: WINUSB.DLL, verze: 6.1.7600.16385, časové razítko: 0x4a5bc86d
Kód výjimky: 0xc0000005
Posun chyby: 0x000026c6
ID chybujícího procesu: 0x670
Čas spuštění chybující aplikace: 0x01d42bab3204dacb
Cesta k chybující aplikaci: D:\Programy\adb\adb.exe
Cesta k chybujícímu modulu: C:\Windows\system32\WINUSB.DLL
ID zprávy: 182a5c48-97a1-11e8-9f83-448a5b9d9e0b

Error: (08/04/2018 06:02:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/03/2018 04:37:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/02/2018 06:46:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/02/2018 06:47:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/01/2018 03:18:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (08/04/2018 01:38:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (08/04/2018 01:38:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (08/04/2018 01:13:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/04/2018 01:13:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (08/04/2018 01:13:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/04/2018 01:13:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/04/2018 01:13:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/04/2018 01:13:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SAMSUNG Mobile Connectivity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2018-02-26 09:57:19.377
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume15\Windows\System32\WindowsActionDialog.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-02-26 09:57:19.159
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume15\Windows\System32\WindowsActionDialog.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-02-26 09:57:18.940
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume15\Windows\System32\WindowsActionDialog.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-02-26 09:57:18.722
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume15\Windows\System32\WindowsActionDialog.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-02-26 09:57:18.503
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume15\Windows\System32\WindowsActionDialog.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-02-26 09:57:18.269
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume15\Windows\System32\WindowsActionDialog.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-02-26 09:57:18.051
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume15\Windows\System32\WindowsActionDialog.exe because the set of per-page image hashes could not be found on the system.

Date: 2018-02-26 09:57:17.817
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume15\Windows\System32\WindowsActionDialog.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 49%
Total physical RAM: 8138.18 MB
Available physical RAM: 4073.86 MB
Total Virtual: 16274.54 MB
Available Virtual: 11155.57 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:119.02 GB) (Free:18.59 GB) NTFS
Drive d: () (Fixed) (Total:231.44 GB) (Free:46.54 GB) NTFS
Drive e: () (Fixed) (Total:700.07 GB) (Free:36.19 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3FEC7C18)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 613D3BFA)

Partition: GPT.

========================================================
Disk: 2 (Size: 119.2 GB) (Disk ID: 9F78F0F1)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Zdravím!
Jak je na tom váš oper. systém s legalitou?

[Gr4s5]

windows by mal byt legalny, pc som kupoval z likvidacie z firmy, akurat som dodal graficku kartu

[Rudy]

OK. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Gr4s5]

takze stranky z postu navstivit neviem, samo mi vypina chrome, to iste ked sa pokusam spustit adwcleaner samo ho vypne, to iste ked sa snazim ist do zlozky adwcleaner, ked vytvorim prazdnu zlozku premenujem na adwclenaer a chcem ju otvorit tak tiez ju vypina

musel som dat pc do nudzoveho rezimu a tak spustit adwclenaer a skopirovat log, takze to bude nieco co sa zapina pri spusteni pc
tu je log z adwcleanera

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build:    07-17-2018
# Database: 2018-07-12.1
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-05-2018
# Duration: 00:00:06
# OS:       Windows 7 Ultimate
# Scanned:  41762
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy             paddiapjbnmknhhobfcjnnmhgihnpgne

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1402 octets] - [04/08/2018 12:16:26]
AdwCleaner[C00].txt - [1528 octets] - [04/08/2018 12:35:48]
AdwCleaner[S01].txt - [1395 octets] - [04/08/2018 12:55:28]
AdwCleaner[S02].txt - [1456 octets] - [04/08/2018 13:13:46]
AdwCleaner[C02].txt - [1622 octets] - [04/08/2018 13:13:55]
AdwCleaner[S03].txt - [1578 octets] - [04/08/2018 14:38:32]
AdwCleaner[S04].txt - [1639 octets] - [05/08/2018 05:49:25]
AdwCleaner[C04].txt - [1805 octets] - [05/08/2018 05:49:59]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

[Gr4s5]

takze spustil som pc v nudzovom rezime stiahol malwarebyte premium 14 dnovy trial, spustil skenovanie naslo nejake hrozby (produkey - utilita na zistenie win klucu, pre istotu keby mi trebalo preinstalovat win) dal som cistit a restartovat, pc normalne nabootoval (nie safe mod) malwarebyte sa spustilo hned po starte s vysledkami, dal som sken naslo 24 hrozieb (log pripojeny na konci) dal som vsetko do karanteny, restart, malware sa zase spustilo ale s informaciou ze je vypnuta ochrana proti malware nedalo sa zapnut spat, spustil som znova sken, ziadna hrozba, ochrana proti malware stale vypnuta, adwcleaner vypinalo, takze este niekde nieco muselo byt, restart do safe modu, sken, nenaslo nic ani malwarebyte ani adwcleaner, dal som zmazat vsetky polozky v karantene, restart bez safe modu, malwarebyte ma zapnutu vsetku ochranu adwcleaner ide spustit aj navstivit linky z predchadzajuceho prispevku viem, no len adwcleaner stale najde tu hrozbu s predchadzajuceho logu

pripajam log z malwarebyte

Kód: Vybrat vše

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 05.08.18
Čas skenování: 6:43
Logovací soubor: 0aa23c99-986a-11e8-a833-448a5b9d9e0b.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.391
Aktualizovat verzi balíku komponent: 1.0.6203
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: xXx-PC\xXx

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 258365
Zjištěné hrozby: 24
Hrozby umístěné do karantény: 24
Uplynulý čas: 1 min, 42 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 12
Trojan.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{11CAC34E-A310-D8D2-ACEC-034BDA57A585}, V karanténě, [14138], [528272],1.0.6203
Trojan.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BA340DB4-9E63-4C29-A0FF-61B3D6CD9B14}, V karanténě, [14138], [528272],1.0.6203
Trojan.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{BA340DB4-9E63-4C29-A0FF-61B3D6CD9B14}, V karanténě, [14138], [528272],1.0.6203
Trojan.StartPage.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{11CAC34E-A310-D8D2-ACEC-034BDA57A585}, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA340DB4-9E63-4C29-A0FF-61B3D6CD9B14}, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BA340DB4-9E63-4C29-A0FF-61B3D6CD9B14}, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8A2D841E-80A5-C162-35AC-C9F4840C5848}, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48FE42B9-0E44-4AED-8C1C-07B054472D8C}, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48FE42B9-0E44-4AED-8C1C-07B054472D8C}, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{8A2D841E-80A5-C162-35AC-C9F4840C5848}, V karanténě, [14138], [528272],1.0.6203
Trojan.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{48FE42B9-0E44-4AED-8C1C-07B054472D8C}, V karanténě, [14138], [528272],1.0.6203
Trojan.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{48FE42B9-0E44-4AED-8C1C-07B054472D8C}, V karanténě, [14138], [528272],1.0.6203

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 12
Trojan.StartPage.BatBitRst, C:\WINDOWS\SYSTEM32\TASKS\{11CAC34E-A310-D8D2-ACEC-034BDA57A585}, V karanténě, [14138], [528272],1.0.6203
Trojan.StartPage.BatBitRst, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, C:\WINDOWS\SYSTEM32\TASKS\{11CAC34E-A310-D8D2-ACEC-034BDA57A585}, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, C:\WINDOWS\SYSTEM32\TASKS\{8A2D841E-80A5-C162-35AC-C9F4840C5848}, V karanténě, [14138], [-1],0.0.0
Trojan.StartPage.BatBitRst, C:\WINDOWS\SYSTEM32\TASKS\{8A2D841E-80A5-C162-35AC-C9F4840C5848}, V karanténě, [14138], [528272],1.0.6203

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

07:33 update: stale nieco mam, prave mi vyskocilo okno firefoxu s reklamou

[Rudy]

Nálezy MBAM kompletně smažte a pak spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://www.stahuj.cz/utility_a_ostatni/ ... al-tool/?g
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[Gr4s5]

takze vyzera to tak ze to zabralo, tu su logy

update 19:33 - nepomohlo, zas mi vyskocilo okno

Kód: Vybrat vše

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by xXx on ne 05. 08. 2018 at 18:25:42,10.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\xXx\Desktop\zoek.exe    [Scan all users] [Script inserted] 

==== System Restore Info ======================

5. 8. 2018 18:26:35 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
# localhost name resolution is handled within DNS itself. 
127.0.0.1       localhost 
::1             localhost 

==== Empty Folders Check ======================

C:\PROGRA~2\Boxoft free Flac to MP3 Converter deleted successfully
C:\PROGRA~2\Kodi deleted successfully
C:\PROGRA~2\OpenVPN Technologies deleted successfully
C:\Program Files\Rockstar Games deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\BOINC deleted successfully
C:\PROGRA~3\Freemake deleted successfully
C:\Users\xXx\AppData\Local\Adobe deleted successfully
C:\Users\xXx\AppData\Local\CrashDumps deleted successfully
C:\Users\xXx\AppData\Local\Notepad++ deleted successfully
C:\Users\xXx\AppData\Local\Samsung deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\fr9bnwey.default\prefs.js:
user_pref("browser.startup.homepage", "google.sk");

Added to C:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\fr9bnwey.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\fr9bnwey.default

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"sendToDevice
---- FireFox user.js and prefs.js backups ---- 

prefs_201805.08._1838_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Boxoft free Flac to MP3 Converter not found
C:\PROGRA~2\Kodi not found
C:\PROGRA~2\OpenVPN Technologies not found
C:\Users\xXx\AppData\Roaming\necrobotvisualizer deleted
C:\Users\xXx\.android deleted
C:\PROGRA~2\E.M. PowerPoint Video Converter deleted
C:\Users\xXx\AppData\Roaming\Wondershare deleted
C:\Users\xXx\AppData\Roaming\cdr.ini deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\xXx\AppData\Local\AVAST Software deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\xXx\AppData\Roaming\qIIHUkE.exe deleted
C:\Users\xXx\IIle.exe deleted
"C:\ProgramData\mntemp" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\fr9bnwey.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\fr9bnwey.default
- short_ uBlock\u2080 - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\xXx\AppData\Roaming\Mozilla\Firefox\Profiles\fr9bnwey.default
- C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll - [?]
0548F2C71D0AB4ADE08554ECD0CB653C	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Web Plugin
449AFECEC9E025D61CD2D9D45AD859A4	- C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll -	Silverlight Plug-In
CAB03A6BBFDB1D245A8CAF07E654AD83	- C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll -	Microsoft® Silverlight
19C6FF90D40C1C647B41AAEDE24E9957	- C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll -	Java(TM) Platform SE 8 U171
F3D74EAD674CAD808DC2C3326F970403	- C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npdeployJava1.dll -	Java Deployment Toolkit 8.0.1710.11


==== Chromium Look ======================

Google Chrome Version: 67.0.3396.99

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
daanglpcpkjjlkhcbladppjphglbigam - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

Forecastfox (fix version) - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\boljdehmejbffnfiiicckjhafabdepnd
uBlockâ‚€ - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm
Flag for Chrome - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn
Tampermonkey - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
FoxyProxy Standard - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp
Nano Defender - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggolfgbegefeeoocgjbmkembbncoadlb
MagicScroll eBook Reader - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble
IE Tab - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd
ScriptMonkey - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lblbnlfhhblmfconjalikamamlgoobbe
Torrentz2 Magnet Links + - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldknhpjddofdohocbhakahagoepainmo
Clickable Links - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp
F.B. Purity - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep
Chrome Media Router - xXx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Avast Online Security - xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Avast Online Security - xXx\AppData\Local\Google12315\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - xXx\AppData\Local\Google12315\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\xXx\AppData\Local\Google12315\Chrome\User Data\Default\Local Storage\http_search.tvplusnewtabsearch.com_0.localstorage deleted successfully
C:\Users\xXx\AppData\Local\Google12315\Chrome\User Data\Default\Local Storage\http_search.tvplusnewtabsearch.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Preferences was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Secure Preferences was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\xXx\AppData\Local\Google12315\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\xXx\AppData\Local\Google12315\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Web Data was reset successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\xXx\AppData\Local\Google12315\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\xXx\AppData\Local\Google12315\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Kodi deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\xXx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\xXx\AppData\Local\Mozilla\Firefox\Profiles\fr9bnwey.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\Profile 3\Cache emptied successfully
C:\Users\xXx\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully
C:\Users\xXx\AppData\Local\Google12315\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=787 folders=73 179239744 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\xXx\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\xXx\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 05. 08. 2018 at 18:48:42,26 ======================

Kód: Vybrat vše

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64 
Ran by xXx (Administrator) on ne 05. 08. 2018 at 18:51:31,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9 

Successfully deleted: C:\xiaomi (Folder) 
Successfully deleted: C:\Users\xXx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CK5BP4H (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\xXx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BD0UCAIM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\xXx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D03K9WHV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\xXx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D5T2I7YM (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3CK5BP4H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BD0UCAIM (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D03K9WHV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D5T2I7YM (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 05. 08. 2018 at 18:53:11,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

dam vediet v priebehu nasledujucich dni, zatial dik

[Rudy]

OK. Jak to vypadá nyní?

[Gr4s5]

pred asi polhodkou mi zas vyskocilo okno z reklamou

adwcleaner stale hlasi problem z rozsirenim v chrome

[Rudy]

Zkuste to rozšíření vypnout, nebo odinstalovat.

[Gr4s5]

no to je problem kedze ja take rozsirenie v chrome nevidim

[Rudy]

V tom případě ho přeinstalujeme . Chrome zazálohujte pomocí ChromeBackup: http://www.stahuj.cz/internet_a_site/pr ... me-backup/ . Pak Chrome kompletně odinstalujte vč. jeho profilu (podadresáře Chrome v c:\users\xXx\appdata\local, c:\users\xXx\appdata\roaming, c:\users\xXx\data aplikací, c:\users\xXx\local settings a v c:\program data musí být smazány). Potom udělejte novou, čistou instalaci Chrome a zpět ze zálohy nakopírujte pouze záložky a hesla.

[Gr4s5]

tak rano som chrome odinstaloval, cez revo uninstaller, ked pridem z prace tak este na to pozrem ci vycistilo aj tie zlozky

este ma napada, nebude tam niekde po spusteni nejaky proces/uloha ktora sa spusti par sekund/minut po spusteni windowsu a nainstaluje to rozsirenie? kedze v safe mode mi to nerobilo

[Rudy]

Nic jsem tam neviděl. Nevím sice jak u Chrome (nepoužívám), ale instalaci doplňků si obvykle obstarává sám prohlžeč.