Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by milda (administrator) on DESKTOP-7HILCAL (24-11-2018 21:55:46)
Running from C:\Users\milda\Desktop
Loaded Profiles: milda (Available Profiles: milda)
Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0329759.inf_amd64_379f06e83dab0e48\B329716\atiesrxx.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0329759.inf_amd64_379f06e83dab0e48\B329716\atieclxx.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(BitTorrent Inc.) C:\Users\milda\AppData\Roaming\uTorrent\uTorrent.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(BitTorrent Inc.) C:\Users\milda\AppData\Roaming\uTorrent\updates\3.5.4_44846\utorrentie.exe
(BitTorrent Inc.) C:\Users\milda\AppData\Roaming\uTorrent\updates\3.5.4_44846\utorrentie.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Free Time Co., Ltd.) D:\PicosmosTools\PicosmosToolsX64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ESET spol. s r.o.) E:\STAŽENÉ SOUBORY-D\esetonlinescanner_csynew.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.400_none_eb2ff40c1d41442d\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\milda\Desktop\FRST64 new.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [50416 2015-06-30] (Hewlett-Packard )
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-11-09] (ESET)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1712656 2015-06-30] (Tempo Semiconductor Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-09-20] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113256 2018-10-01] (Electronic Arts)
HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\Run: [uTorrent] => C:\Users\milda\AppData\Roaming\uTorrent\uTorrent.exe [1738936 2018-11-13] (BitTorrent Inc.)
HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5878256 2018-10-19] (Adobe Systems Incorporated)
BootExecute: autocheck autochk * Partizan
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 84.16.96.2 84.16.113.2
Tcpip\..\Interfaces\{40376a30-b0e7-4d7b-9917-9c9da74a954d}: [DhcpNameServer] 84.16.96.2 84.16.113.2
Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-09-06] (Internet Download Manager, Tonec Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2018-05-04] (HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-09-06] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2018-05-04] (HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-09-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\milda\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\milda\AppData\Roaming\IDM\idmmzcc5 [2018-11-24] [Legacy] [not signed]
FF HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-08-03] [Legacy]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> D:\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> D:\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-15] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/newTab.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default [2018-11-24]
CHR Extension: (Překladač Google) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-06-15]
CHR Extension: (Prezentace) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-15]
CHR Extension: (Safe Torrent Scanner) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2018-10-19]
CHR Extension: (Dokumenty) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-15]
CHR Extension: (Disk Google) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-15]
CHR Extension: (IBM Security Rapport) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-10-15]
CHR Extension: (Seznam doplněk - Email) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-11-22]
CHR Extension: (AdGuard AdBlocker) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2018-11-22]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-11-22]
CHR Extension: (YouTube) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-15]
CHR Extension: (Adobe Acrobat) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-15]
CHR Extension: (Tabulky) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-15]
CHR Extension: (Úpravy souborů Office) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2018-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Earth) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jieopfhnlbjmbpckpdhfdedccdmngdac [2018-06-15]
CHR Extension: (Přeložit pomocí slovnik.cz) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhibffeamhlmgdhohnjcnlckebkkdjim [2018-09-29]
CHR Extension: (Mapy Google) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-06-15]
CHR Extension: (IDM Integration Module) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-10-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-15]
CHR Extension: (Gmail) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\milda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-19]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-09-09]
CHR HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-09-09]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0329759.inf_amd64_379f06e83dab0e48\B329716\atiesrxx.exe [482280 2018-06-13] (AMD)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-11-09] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-11-09] (ESET)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2018-11-24] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-07-09] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2216256 2018-10-01] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3087176 2018-10-01] (Electronic Arts)
S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5256184 2018-09-06] (IBM Corp.)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [322712 2018-11-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350216 2015-06-30] (Tempo Semiconductor Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-07-31] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-07-31] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-07-09] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0329759.inf_amd64_379f06e83dab0e48\B329716\atikmdag.sys [44683240 2018-06-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0329759.inf_amd64_379f06e83dab0e48\B329716\atikmpag.sys [553448 2018-06-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111080 2018-05-24] (Advanced Micro Devices)
S3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30352 2018-06-16] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143448 2018-11-09] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107896 2018-11-09] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2018-04-12] (ESET)
S3 efavdrv; C:\Windows\system32\drivers\efavdrv.sys [139704 2018-07-12] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188832 2018-11-09] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50144 2018-11-09] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [82304 2018-11-09] (ESET)
S1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2014-08-20] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [109864 2018-11-09] (ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [181160 2018-11-24] (ESET)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2018-11-24] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106120 2018-11-24] (McAfee, Inc.)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2018-11-24] (Greatis Software)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [498064 2018-09-06] (IBM Corp.)
R1 RapportCerberus_1930074; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930074.sys [1651176 2018-10-15] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [719440 2018-09-06] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [339920 2018-09-06] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [604752 2018-09-06] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [752000 2018-09-06] (IBM Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek )
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [561672 2015-06-30] (Tempo Semiconductor Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-07-31] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-07-31] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-07-31] (Microsoft Corporation)
S3 Denuvo Kuser Data Driver; \??\E:\HRY-D\Football Manager 2018\Football Manager 2018\Denuvo64.sys [X]
S4 sptd2; System32\Drivers\sptd2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-24 21:55 - 2018-11-24 21:56 - 000022678 _____ C:\Users\milda\Desktop\FRST.txt
2018-11-24 21:25 - 2018-11-24 21:25 - 000478392 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\EBF208E2.sys
2018-11-24 21:25 - 2018-11-24 21:25 - 000085600 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\43488311.sys
2018-11-24 21:22 - 2013-04-26 02:20 - 000000076 _____ C:\Users\milda\Desktop\JRT_NEW.exe
2018-11-24 19:27 - 2018-11-24 19:27 - 000000642 _____ C:\Users\milda\Desktop\Picosmos Tools.lnk
2018-11-24 19:27 - 2018-11-24 19:27 - 000000642 _____ C:\Users\milda\Desktop\Picosmos Shows.lnk
2018-11-24 19:27 - 2018-11-24 19:27 - 000000000 ____D C:\Users\milda\AppData\Roaming\Picosmos
2018-11-24 19:27 - 2018-11-24 19:27 - 000000000 ____D C:\Users\milda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicosmosTools
2018-11-24 14:07 - 2018-11-24 14:07 - 000004436 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2018-11-24 06:01 - 2018-11-24 06:01 - 000000000 ____D C:\Quarantine
2018-11-24 05:39 - 2018-11-24 05:39 - 000864072 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfehidk.sys
2018-11-24 05:39 - 2018-11-24 05:39 - 000250672 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2018-11-24 05:39 - 2018-11-24 05:39 - 000106120 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mferkdet.sys
2018-11-24 05:20 - 2018-11-24 05:34 - 000003390 _____ C:\Users\milda\Desktop\Rkill.txt
2018-11-24 05:18 - 2018-11-24 05:18 - 000085600 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\45315780.sys
2018-11-24 05:14 - 2018-11-24 05:14 - 000000000 _____ C:\Windows\system32\Drivers\00858320.sys
2018-11-24 05:03 - 2018-11-24 05:03 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-11-24 05:01 - 2018-11-24 05:01 - 000198000 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-11-24 03:32 - 2018-11-24 03:32 - 000000000 ____D C:\Users\milda\AppData\Local\mbamtray
2018-11-24 03:32 - 2018-11-24 03:32 - 000000000 ____D C:\Users\milda\AppData\Local\mbam
2018-11-24 03:31 - 2018-11-24 03:31 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-24 03:31 - 2018-11-24 03:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-24 03:26 - 2018-11-24 05:01 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-11-24 03:26 - 2018-11-24 03:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-24 03:26 - 2018-11-24 03:26 - 000000000 ____D C:\Program Files\Malwarebytes
2018-11-24 03:25 - 2018-11-24 03:25 - 000864324 _____ C:\Users\milda\Downloads\6f1d6228-5769-4d5e-9e68-c880083ee423.tmp
2018-11-24 02:50 - 2018-11-24 02:50 - 000040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2018-11-24 02:23 - 2018-11-24 02:23 - 000000000 ____D C:\Users\milda\AppData\Local\GHISLER
2018-11-24 01:23 - 2018-11-24 01:23 - 000000000 ____D C:\ProgramData\RegRun
2018-11-24 01:22 - 2018-11-24 14:17 - 000000000 ____D C:\Users\Public\Documents\RegRunInfo
2018-11-24 01:22 - 2018-11-24 14:16 - 000000000 ____D C:\Users\milda\Documents\RegRun2
2018-11-24 01:22 - 2018-11-24 01:25 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2018-11-24 01:22 - 2018-11-24 01:22 - 000003420 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2018-11-24 01:22 - 2018-11-24 01:22 - 000001080 _____ C:\Users\milda\Desktop\UnHackMe.lnk
2018-11-24 01:22 - 2018-11-24 01:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2018-11-24 01:22 - 2018-11-15 11:38 - 000014984 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2018-11-24 01:22 - 2018-09-15 17:49 - 000000203 _____ C:\Windows\system32\Drivers\etc\hosts.old
2018-11-24 01:22 - 2015-12-28 11:32 - 000049968 _____ (Greatis Software) C:\Windows\system32\partizan.exe
2018-11-21 10:16 - 2018-11-24 14:09 - 000000000 ____D C:\Users\milda\AppData\LocalLow\uTorrent
2018-11-21 10:12 - 2018-11-17 00:00 - 000834960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-21 10:12 - 2018-11-17 00:00 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-16 00:45 - 2018-11-16 00:45 - 000000000 ____D C:\Program Files\rempl
2018-11-15 11:46 - 2018-11-01 12:49 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-11-15 11:46 - 2018-11-01 12:46 - 002394960 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2018-11-15 11:46 - 2018-11-01 12:45 - 004527776 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2018-11-15 11:46 - 2018-11-01 12:45 - 001617320 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2018-11-15 11:46 - 2018-11-01 12:45 - 001376672 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-15 11:46 - 2018-11-01 12:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2018-11-15 11:46 - 2018-11-01 12:31 - 006602240 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-11-15 11:46 - 2018-11-01 12:30 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-11-15 11:46 - 2018-11-01 12:30 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-11-15 11:46 - 2018-11-01 12:29 - 012710400 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-15 11:46 - 2018-11-01 12:29 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll
2018-11-15 11:46 - 2018-11-01 12:28 - 003649024 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-11-15 11:46 - 2018-11-01 12:28 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2018-11-15 11:46 - 2018-11-01 12:27 - 001121792 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2018-11-15 11:46 - 2018-11-01 12:27 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2018-11-15 11:46 - 2018-11-01 12:26 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2018-11-15 11:46 - 2018-11-01 12:26 - 000503296 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2018-11-15 11:46 - 2018-11-01 12:26 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-15 11:46 - 2018-11-01 12:25 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2018-11-15 11:46 - 2018-11-01 11:09 - 001027000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-15 11:46 - 2018-11-01 10:59 - 005669888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-11-15 11:46 - 2018-11-01 10:56 - 011902464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-15 11:46 - 2018-11-01 10:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2018-11-15 11:46 - 2018-11-01 10:56 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-11-15 11:46 - 2018-11-01 10:54 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-11-15 11:46 - 2018-11-01 10:53 - 000908288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2018-11-15 11:46 - 2018-11-01 10:52 - 002892800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-11-15 11:46 - 2018-11-01 10:15 - 023861760 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2018-11-15 11:46 - 2018-11-01 10:13 - 019525120 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-11-15 11:46 - 2018-11-01 08:39 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2018-11-15 11:46 - 2018-11-01 08:38 - 000269336 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2018-11-15 11:46 - 2018-11-01 08:37 - 000272408 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave.dll
2018-11-15 11:46 - 2018-11-01 08:28 - 001221432 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-11-15 11:46 - 2018-11-01 08:28 - 001062712 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2018-11-15 11:46 - 2018-11-01 08:28 - 001029944 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-11-15 11:46 - 2018-11-01 08:28 - 000566568 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2018-11-15 11:46 - 2018-11-01 08:28 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-11-15 11:46 - 2018-11-01 08:28 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2018-11-15 11:46 - 2018-11-01 08:27 - 001017152 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2018-11-15 11:46 - 2018-11-01 08:27 - 000491200 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-11-15 11:46 - 2018-11-01 08:26 - 007432120 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-11-15 11:46 - 2018-11-01 08:26 - 003291640 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-11-15 11:46 - 2018-11-01 08:26 - 003180080 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2018-11-15 11:46 - 2018-11-01 08:26 - 001363536 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 009089848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-15 11:46 - 2018-11-01 08:25 - 007520088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 004404912 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 002822456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-15 11:46 - 2018-11-01 08:25 - 002571320 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 002371296 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 001934808 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 001784680 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 001456728 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-11-15 11:46 - 2018-11-01 08:25 - 001288920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 001257880 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-11-15 11:46 - 2018-11-01 08:25 - 001209888 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 001190248 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 001140672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-11-15 11:46 - 2018-11-01 08:25 - 000982592 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-11-15 11:46 - 2018-11-01 08:25 - 000885968 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 000793080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-11-15 11:46 - 2018-11-01 08:25 - 000713472 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 000594224 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-11-15 11:46 - 2018-11-01 08:25 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\coml2.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 000413720 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-15 11:46 - 2018-11-01 08:25 - 000375824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-15 11:46 - 2018-11-01 08:25 - 000268088 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2018-11-15 11:46 - 2018-11-01 08:25 - 000261000 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-11-15 11:46 - 2018-11-01 08:09 - 025855488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-11-15 11:46 - 2018-11-01 08:03 - 003397120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-11-15 11:46 - 2018-11-01 08:03 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\dusmtask.exe
2018-11-15 11:46 - 2018-11-01 08:02 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\dusmapi.dll
2018-11-15 11:46 - 2018-11-01 08:02 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\CSystemEventsBrokerClient.dll
2018-11-15 11:46 - 2018-11-01 08:01 - 022716416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-15 11:46 - 2018-11-01 08:01 - 009084928 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2018-11-15 11:46 - 2018-11-01 08:01 - 007057408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2018-11-15 11:46 - 2018-11-01 08:00 - 008189440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-11-15 11:46 - 2018-11-01 08:00 - 006031360 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2018-11-15 11:46 - 2018-11-01 08:00 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-15 11:46 - 2018-11-01 08:00 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-11-15 11:46 - 2018-11-01 08:00 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2018-11-15 11:46 - 2018-11-01 07:59 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-11-15 11:46 - 2018-11-01 07:59 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2018-11-15 11:46 - 2018-11-01 07:59 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-15 11:46 - 2018-11-01 07:59 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2018-11-15 11:46 - 2018-11-01 07:59 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2018-11-15 11:46 - 2018-11-01 07:58 - 007573504 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-11-15 11:46 - 2018-11-01 07:58 - 004867072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-15 11:46 - 2018-11-01 07:58 - 004383744 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2018-11-15 11:46 - 2018-11-01 07:58 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2018-11-15 11:46 - 2018-11-01 07:58 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-11-15 11:46 - 2018-11-01 07:58 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-11-15 11:46 - 2018-11-01 07:58 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 003381248 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 002825728 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 002364928 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2018-11-15 11:46 - 2018-11-01 07:57 - 000265728 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2018-11-15 11:46 - 2018-11-01 07:56 - 002929664 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2018-11-15 11:46 - 2018-11-01 07:56 - 002172928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-11-15 11:46 - 2018-11-01 07:56 - 001768448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-11-15 11:46 - 2018-11-01 07:56 - 001395200 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2018-11-15 11:46 - 2018-11-01 07:56 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2018-11-15 11:46 - 2018-11-01 07:55 - 002738688 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-15 11:46 - 2018-11-01 07:55 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-15 11:46 - 2018-11-01 07:55 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 001679360 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 001551360 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 001264640 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 001023488 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 000895488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-15 11:46 - 2018-11-01 07:54 - 000606208 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-11-15 11:46 - 2018-11-01 07:53 - 002248192 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-11-15 11:46 - 2018-11-01 07:53 - 001373696 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-11-15 11:46 - 2018-11-01 07:53 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-15 11:46 - 2018-11-01 07:53 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-11-15 11:46 - 2018-11-01 07:53 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-15 11:46 - 2018-11-01 07:53 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-15 11:46 - 2018-11-01 06:39 - 000001310 _____ C:\Windows\system32\tcbres.wim
2018-11-15 11:46 - 2018-11-01 06:08 - 002417952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2018-11-15 11:46 - 2018-11-01 05:50 - 000861712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2018-11-15 11:46 - 2018-11-01 05:50 - 000786288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-15 11:46 - 2018-11-01 05:48 - 006039064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-11-15 11:46 - 2018-11-01 05:48 - 004790184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-11-15 11:46 - 2018-11-01 05:48 - 002478872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-11-15 11:46 - 2018-11-01 05:48 - 002331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2018-11-15 11:46 - 2018-11-01 05:48 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2018-11-15 11:46 - 2018-11-01 05:48 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2018-11-15 11:46 - 2018-11-01 05:48 - 000880248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2018-11-15 11:46 - 2018-11-01 05:48 - 000384520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\coml2.dll
2018-11-15 11:46 - 2018-11-01 05:47 - 006570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-15 11:46 - 2018-11-01 05:47 - 001980776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-15 11:46 - 2018-11-01 05:47 - 001379792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2018-11-15 11:46 - 2018-11-01 05:47 - 001020064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2018-11-15 11:46 - 2018-11-01 05:47 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-11-15 11:46 - 2018-11-01 05:47 - 000567256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2018-11-15 11:46 - 2018-11-01 05:47 - 000129304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-11-15 11:46 - 2018-11-01 05:40 - 022015488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-11-15 11:46 - 2018-11-01 05:35 - 019403776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-15 11:46 - 2018-11-01 05:34 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-15 11:46 - 2018-11-01 05:33 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-11-15 11:46 - 2018-11-01 05:33 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-15 11:46 - 2018-11-01 05:32 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2018-11-15 11:46 - 2018-11-01 05:31 - 005307904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2018-11-15 11:46 - 2018-11-01 05:31 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-15 11:46 - 2018-11-01 05:30 - 005883904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2018-11-15 11:46 - 2018-11-01 05:30 - 005775872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-11-15 11:46 - 2018-11-01 05:30 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2018-11-15 11:46 - 2018-11-01 05:30 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2018-11-15 11:46 - 2018-11-01 05:30 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-11-15 11:46 - 2018-11-01 05:30 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2018-11-15 11:46 - 2018-11-01 05:30 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-11-15 11:46 - 2018-11-01 05:29 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-15 11:46 - 2018-11-01 05:29 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2018-11-15 11:46 - 2018-11-01 05:29 - 001862656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2018-11-15 11:46 - 2018-11-01 05:29 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2018-11-15 11:46 - 2018-11-01 05:29 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-11-15 11:46 - 2018-11-01 05:29 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-11-15 11:46 - 2018-11-01 05:29 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-15 11:46 - 2018-11-01 05:28 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2018-11-15 11:46 - 2018-11-01 05:28 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2018-11-15 11:46 - 2018-11-01 05:28 - 000978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2018-11-15 11:46 - 2018-11-01 05:27 - 001627648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-15 11:46 - 2018-11-01 05:27 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-15 11:46 - 2018-11-01 05:27 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2018-11-15 11:46 - 2018-11-01 05:27 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-15 11:46 - 2018-11-01 05:27 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-15 11:46 - 2018-11-01 05:26 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-15 11:46 - 2018-11-01 05:26 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-15 11:46 - 2018-11-01 05:26 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-02 22:35 - 2018-10-21 14:00 - 021386368 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-11-02 22:35 - 2018-10-21 14:00 - 001639560 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2018-11-02 22:35 - 2018-10-21 14:00 - 001516120 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-11-02 22:35 - 2018-10-21 14:00 - 000790416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2018-11-02 22:35 - 2018-10-21 14:00 - 000396304 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-11-02 22:35 - 2018-10-21 13:59 - 000766480 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2018-11-02 22:35 - 2018-10-21 13:59 - 000236728 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2018-11-02 22:35 - 2018-10-21 13:46 - 013572096 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-11-02 22:35 - 2018-10-21 13:46 - 004393472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2018-11-02 22:35 - 2018-10-21 13:45 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-11-02 22:35 - 2018-10-21 13:44 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2018-11-02 22:35 - 2018-10-21 13:44 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-11-02 22:35 - 2018-10-21 13:43 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2018-11-02 22:35 - 2018-10-21 13:43 - 000276992 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2018-11-02 22:35 - 2018-10-21 13:43 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2018-11-02 22:35 - 2018-10-21 13:42 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2018-11-02 22:35 - 2018-10-21 13:42 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2018-11-02 22:35 - 2018-10-21 13:42 - 000592896 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2018-11-02 22:35 - 2018-10-21 13:42 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2018-11-02 22:35 - 2018-10-21 13:41 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-11-02 22:35 - 2018-10-21 12:38 - 001322376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2018-11-02 22:35 - 2018-10-21 12:38 - 000662312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2018-11-02 22:35 - 2018-10-21 12:38 - 000660480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2018-11-02 22:35 - 2018-10-21 12:38 - 000221216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-02 22:35 - 2018-10-21 12:37 - 020381808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-11-02 22:35 - 2018-10-21 12:37 - 001626656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2018-11-02 22:35 - 2018-10-21 12:28 - 012501504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-11-02 22:35 - 2018-10-21 12:28 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-11-02 22:35 - 2018-10-21 12:23 - 000622080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2018-11-02 22:35 - 2018-10-21 12:23 - 000523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2018-11-02 22:35 - 2018-10-21 12:22 - 002405888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2018-11-02 22:35 - 2018-10-21 12:22 - 000224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2018-11-02 22:35 - 2018-10-21 10:29 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2018-11-02 22:35 - 2018-10-21 09:44 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-02 22:35 - 2018-10-21 08:48 - 005602456 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2018-11-02 22:35 - 2018-10-21 08:47 - 000368440 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2018-11-02 22:35 - 2018-10-21 08:46 - 000717112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2018-11-02 22:35 - 2018-10-21 08:46 - 000709936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-11-02 22:35 - 2018-10-21 08:46 - 000611640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-11-02 22:35 - 2018-10-21 08:46 - 000560136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2018-11-02 22:35 - 2018-10-21 08:46 - 000497864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2018-11-02 22:35 - 2018-10-21 08:46 - 000171024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-02 22:35 - 2018-10-21 08:45 - 003283512 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2018-11-02 22:35 - 2018-10-21 08:45 - 002719032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-11-02 22:35 - 2018-10-21 08:45 - 001946208 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-02 22:35 - 2018-10-21 08:45 - 001098064 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-11-02 22:35 - 2018-10-21 08:45 - 000607136 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2018-11-02 22:35 - 2018-10-21 08:45 - 000185120 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-02 22:35 - 2018-10-21 08:45 - 000175624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2018-11-02 22:35 - 2018-10-21 08:45 - 000139792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-02 22:35 - 2018-10-21 08:45 - 000058088 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-02 22:35 - 2018-10-21 08:28 - 016592384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2018-11-02 22:35 - 2018-10-21 08:22 - 004710912 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-11-02 22:35 - 2018-10-21 08:21 - 001589248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2018-11-02 22:35 - 2018-10-21 08:21 - 000123424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-11-02 22:35 - 2018-10-21 08:20 - 000424000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-02 22:35 - 2018-10-21 08:20 - 000295224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2018-11-02 22:35 - 2018-10-21 08:20 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2018-11-02 22:35 - 2018-10-21 08:20 - 000141312 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2018-11-02 22:35 - 2018-10-21 08:20 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2018-11-02 22:35 - 2018-10-21 08:19 - 002487088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2018-11-02 22:35 - 2018-10-21 08:19 - 001620776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-11-02 22:35 - 2018-10-21 08:19 - 001130768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-11-02 22:35 - 2018-10-21 08:19 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2018-11-02 22:35 - 2018-10-21 08:19 - 000505616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2018-11-02 22:35 - 2018-10-21 08:19 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2018-11-02 22:35 - 2018-10-21 08:19 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2018-11-02 22:35 - 2018-10-21 08:19 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2018-11-02 22:35 - 2018-10-21 08:19 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2018-11-02 22:35 - 2018-10-21 08:19 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2018-11-02 22:35 - 2018-10-21 08:19 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2018-11-02 22:35 - 2018-10-21 08:19 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\ofdeploy.exe
2018-11-02 22:35 - 2018-10-21 08:19 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\BthAvrcpAppSvc.dll
2018-11-02 22:35 - 2018-10-21 08:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhf.sys
2018-11-02 22:35 - 2018-10-21 08:19 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-02 22:35 - 2018-10-21 08:18 - 000761344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-11-02 22:35 - 2018-10-21 08:18 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Activities.dll
2018-11-02 22:35 - 2018-10-21 08:18 - 000395264 _____ (Microsoft Corporation) C:\Windows\system32\BthAvctpSvc.dll
2018-11-02 22:35 - 2018-10-21 08:18 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2018-11-02 22:35 - 2018-10-21 08:18 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2018-11-02 22:35 - 2018-10-21 08:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2018-11-02 22:35 - 2018-10-21 08:18 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2018-11-02 22:35 - 2018-10-21 08:17 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2018-11-02 22:35 - 2018-10-21 08:17 - 001668096 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2018-11-02 22:35 - 2018-10-21 08:17 - 000787456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-11-02 22:35 - 2018-10-21 08:17 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2018-11-02 22:35 - 2018-10-21 08:17 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-02 22:35 - 2018-10-21 08:17 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\BthAvrcp.dll
2018-11-02 22:35 - 2018-10-21 08:17 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2018-11-02 22:35 - 2018-10-21 08:16 - 002584576 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-11-02 22:35 - 2018-10-21 08:16 - 002368512 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2018-11-02 22:35 - 2018-10-21 08:16 - 001535488 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-02 22:35 - 2018-10-21 08:16 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2018-11-02 22:35 - 2018-10-21 08:16 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2018-11-02 22:35 - 2018-10-21 08:16 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2018-11-02 22:35 - 2018-10-21 08:15 - 003212800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-11-02 22:35 - 2018-10-21 08:15 - 002904064 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-02 22:35 - 2018-10-21 08:15 - 000743936 _____ (Microsoft Corporation) C:\Windows\system32\PrintRenderAPIHost.DLL
2018-11-02 22:35 - 2018-10-21 08:15 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2018-11-02 22:35 - 2018-10-21 08:14 - 002224640 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-11-02 22:35 - 2018-10-21 08:14 - 001919488 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-11-02 22:35 - 2018-10-21 08:14 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-11-02 22:35 - 2018-10-21 08:14 - 001034752 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2018-11-02 22:35 - 2018-10-21 08:14 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2018-11-02 22:35 - 2018-10-21 08:14 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2018-11-02 22:35 - 2018-10-21 08:14 - 000453632 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-11-02 22:35 - 2018-10-21 08:14 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2018-11-02 22:35 - 2018-10-21 08:09 - 013873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2018-11-02 22:35 - 2018-10-21 08:02 - 002966528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-11-02 22:35 - 2018-10-21 08:02 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2018-11-02 22:35 - 2018-10-21 08:01 - 001189376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2018-11-02 22:35 - 2018-10-21 08:01 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-02 22:35 - 2018-10-21 08:00 - 000214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2018-11-02 22:35 - 2018-10-21 07:59 - 000602112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-11-02 22:35 - 2018-10-21 07:58 - 001124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2018-11-02 22:35 - 2018-10-21 07:58 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-02 22:35 - 2018-10-21 07:58 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2018-11-02 22:35 - 2018-10-21 07:57 - 002611200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-11-02 22:35 - 2018-10-21 06:59 - 000806320 _____ C:\Windows\SysWOW64\locale.nls
2018-11-02 22:35 - 2018-10-21 06:59 - 000806320 _____ C:\Windows\system32\locale.nls
2018-11-02 22:35 - 2018-04-28 05:02 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-10-26 14:02 - 2018-10-26 14:04 - 000000000 ____D C:\Users\milda\AppData\Roaming\Spotify
2018-10-26 13:15 - 2018-10-26 13:15 - 000000000 ____D C:\Users\milda\AppData\Local\RadeonSettings
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-24 21:57 - 2018-06-15 17:40 - 000000000 ____D C:\Users\milda\AppData\Roaming\uTorrent
2018-11-24 21:56 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2018-11-24 21:56 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-24 21:55 - 2018-07-13 17:57 - 000000000 ____D C:\FRST
2018-11-24 20:43 - 2018-06-15 13:34 - 000000000 ____D C:\Users\milda\AppData\Local\D3DSCache
2018-11-24 19:26 - 2018-08-07 19:41 - 000000000 ____D C:\Program Files (x86)\PicosmosTools
2018-11-24 19:15 - 2018-09-15 18:24 - 000002085 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2018-11-24 16:08 - 2018-06-15 10:44 - 000000000 ____D C:\Users\milda\AppData\Local\Packages
2018-11-24 14:07 - 2018-07-15 20:01 - 000000000 ____D C:\Program Files (x86)\SKILLBRAINS.del
2018-11-24 14:07 - 2018-06-15 10:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-24 07:47 - 2018-06-15 13:37 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-11-24 07:47 - 2018-04-11 22:04 - 000524288 _____ C:\Windows\system32\config\BBI
2018-11-24 07:40 - 2018-06-15 10:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-11-24 06:32 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2018-11-24 06:03 - 2018-07-12 23:20 - 000000000 ____D C:\Program Files\stinger
2018-11-24 05:45 - 2018-07-12 23:17 - 000181160 _____ (ESET) C:\Windows\system32\Drivers\ESETCleanersDriver.sys
2018-11-24 02:59 - 2018-09-30 20:24 - 000000364 _____ C:\Windows\Tasks\HPCeeScheduleFormilda.job
2018-11-24 02:42 - 2018-07-12 23:13 - 000000000 ____D C:\AdwCleaner
2018-11-24 01:03 - 2018-08-07 19:49 - 000000000 ____D C:\Users\milda\AppData\Roaming\DMCache
2018-11-22 18:29 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-21 15:24 - 2018-09-30 20:24 - 000003256 _____ C:\Windows\System32\Tasks\HPCeeScheduleFormilda
2018-11-21 10:22 - 2018-06-15 10:29 - 001689050 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-21 10:22 - 2018-04-12 16:50 - 000715034 _____ C:\Windows\system32\perfh005.dat
2018-11-21 10:22 - 2018-04-12 16:50 - 000144328 _____ C:\Windows\system32\perfc005.dat
2018-11-21 00:05 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2018-11-20 22:30 - 2018-06-25 21:39 - 000000000 ____D C:\Users\milda\Documents\ccleaner záloha
2018-11-20 22:21 - 2018-06-15 13:36 - 000007600 _____ C:\Users\milda\AppData\Local\Resmon.ResmonCfg
2018-11-20 15:56 - 2018-06-15 16:31 - 000000000 ____D C:\ProgramData\Electronic Arts
2018-11-19 16:43 - 2018-06-15 14:12 - 000000000 ____D C:\Program Files (x86)\AVerMedia
2018-11-19 16:03 - 2018-06-21 20:33 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-11-19 15:39 - 2018-09-18 17:48 - 000002728 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-7HILCAL-milda
2018-11-17 16:22 - 2018-09-15 16:58 - 000003542 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-17 16:11 - 2018-07-12 14:58 - 000000000 ____D C:\ProgramData\Apple
2018-11-17 16:09 - 2018-07-12 14:59 - 000000000 ____D C:\ProgramData\Apple Computer
2018-11-17 16:09 - 2018-07-12 14:59 - 000000000 ____D C:\Program Files (x86)\QuickTime
2018-11-17 16:07 - 2018-07-12 15:22 - 000000000 ____D C:\Users\milda\AppData\Roaming\Apple Computer
2018-11-17 16:06 - 2018-06-15 14:21 - 000000000 ____D C:\ProgramData\Temp
2018-11-17 16:06 - 2018-06-15 14:21 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2018-11-17 16:06 - 2018-06-15 10:55 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-11-17 16:05 - 2018-06-17 10:08 - 000000000 ____D C:\Users\milda\Documents\CyberLink
2018-11-17 16:05 - 2018-06-15 14:24 - 000000000 ____D C:\Users\milda\AppData\Local\CyberLink
2018-11-17 16:05 - 2018-06-15 14:24 - 000000000 ____D C:\ProgramData\CyberLink
2018-11-17 16:05 - 2018-06-15 10:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2018-11-15 20:23 - 2018-09-22 20:08 - 000000000 ____D C:\Users\milda\Documents\My Games
2018-11-15 19:46 - 2018-06-15 10:17 - 000263112 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\zu-ZA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\yo-NG
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\xh-ZA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\wo-SN
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\uz-Latn-UZ
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\tn-ZA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\ti-ET
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\tg-Cyrl-TJ
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-RS
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-BA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\sd-Arab-PK
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\rw-RW
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\quc-Latn-GT
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\pa-Arab-PK
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\nso-ZA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\ku-Arab-IQ
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\ig-NG
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\chr-CHER-US
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\ha-Latn-NG
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\ca-ES-valencia
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\bs-Latn-BA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\SysWOW64\az-Latn-AZ
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\zu-ZA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\yo-NG
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\xh-ZA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\wo-SN
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\uz-Latn-UZ
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\tn-ZA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\ti-ET
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\tg-Cyrl-TJ
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\sr-Cyrl-RS
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\sr-Cyrl-BA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\sd-Arab-PK
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\rw-RW
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\quc-Latn-GT
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\pa-Arab-PK
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\nso-ZA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\ku-Arab-IQ
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\ig-NG
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\chr-CHER-US
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\ha-Latn-NG
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\ca-ES-valencia
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\bs-Latn-BA
2018-11-15 19:42 - 2018-04-12 16:51 - 000000000 ____D C:\Windows\system32\az-Latn-AZ
2018-11-15 19:42 - 2018-04-12 00:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-11-15 19:42 - 2018-04-12 00:38 - 000000000 ___SD C:\Windows\system32\F12
2018-11-15 19:42 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\TextInput
2018-11-15 19:42 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\ShellExperiences
2018-11-15 19:42 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\ShellExperiences
2018-11-15 19:42 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\bcastdvr
2018-11-15 19:27 - 2018-06-22 14:38 - 000000000 ____D C:\Users\milda\AppData\Roaming\vlc
2018-11-15 14:30 - 2018-06-16 20:55 - 000000000 ____D C:\ProgramData\Packages
2018-11-15 14:29 - 2018-06-21 20:42 - 000000000 ____D C:\Users\milda\AppData\Local\Adobe
2018-11-15 14:29 - 2018-06-15 10:44 - 000000000 ____D C:\Users\milda\AppData\Roaming\Adobe
2018-11-14 15:21 - 2018-06-15 11:17 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-14 10:36 - 2018-06-15 14:39 - 000000000 ____D C:\Windows\system32\MRT
2018-11-14 10:32 - 2018-06-15 14:39 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-14 10:30 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-11-14 09:49 - 2018-06-21 20:44 - 000000000 ____D C:\Users\milda\AppData\LocalLow\Adobe
2018-11-13 22:05 - 2018-09-15 16:57 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2018-11-11 19:47 - 2018-08-17 13:38 - 000000000 ____D C:\Users\milda\Documents\Picosmos
2018-11-11 18:46 - 2018-06-15 18:29 - 000000000 ____D C:\Users\milda\Documents\ZELENÁČE-VŠE KOLEM DOKUMENTY ZKUŠENOSTI VIDEA FOTKY
2018-11-10 00:50 - 2018-06-15 10:23 - 000000000 ____D C:\Windows\softwaredistribution.bak
2018-11-10 00:45 - 2018-06-15 11:22 - 000000000 ____D C:\Windows\HP
2018-11-10 00:44 - 2018-06-15 10:48 - 000000000 ____D C:\SWSETUP
2018-11-09 10:45 - 2018-04-12 15:26 - 000050144 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2018-11-09 10:45 - 2014-08-20 14:35 - 000188832 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2018-11-09 10:45 - 2014-08-20 14:35 - 000143448 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2018-11-09 10:45 - 2014-08-20 14:35 - 000109864 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2018-11-09 10:45 - 2014-08-20 14:35 - 000107896 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2018-11-09 10:45 - 2014-08-20 14:35 - 000082304 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2018-11-02 22:53 - 2018-06-15 10:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-02 22:53 - 2018-06-15 10:44 - 000000000 ___RD C:\Users\milda\3D Objects
2018-11-02 22:49 - 2018-04-12 00:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-10-31 20:42 - 2018-06-15 10:42 - 000000000 ____D C:\Users\milda
2018-10-27 16:46 - 2018-07-20 20:23 - 000000000 ____D C:\Users\milda\AppData\Local\PackageStaging
==================== Files in the root of some directories =======
2018-09-28 12:57 - 2018-09-28 12:57 - 000000000 _____ () C:\Users\milda\AppData\Local\oobelibMkey.log
2018-06-15 13:36 - 2018-11-20 22:21 - 000007600 _____ () C:\Users\milda\AppData\Local\Resmon.ResmonCfg
2018-07-15 20:01 - 2018-07-15 20:01 - 000000003 _____ () C:\Users\milda\AppData\Local\updater.log
2018-07-15 20:01 - 2018-07-15 20:18 - 000000425 _____ () C:\Users\milda\AppData\Local\UserProducts.xml
Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\00858320.sys
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-15 10:17
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by milda (24-11-2018 21:57:38)
Running from C:\Users\milda\Desktop
Windows 10 Home Version 1803 17134.407 (X64) (2018-06-15 09:22:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2537763425-3246276975-3855636770-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2537763425-3246276975-3855636770-503 - Limited - Disabled)
Guest (S-1-5-21-2537763425-3246276975-3855636770-501 - Limited - Disabled)
milda (S-1-5-21-2537763425-3246276975-3855636770-1001 - Administrator - Enabled) => C:\Users\milda
WDAGUtilityAccount (S-1-5-21-2537763425-3246276975-3855636770-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{F60B8711-9A86-46F0-B4F0-E9E4D74E5DFD}) (Version: 20.28.3317.04403 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.28.3317.04403 - Alcor Micro Corp.)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.6.1 - Advanced Micro Devices, Inc.)
AVerMedia A867 USB DVB-T 8.0.64.70 (HKLM-x32\...\AVerMedia A867 USB DVB-T) (Version: 8.0.64.70 - AVerMedia TECHNOLOGIES, Inc.)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.850 - Broadcom Corporation)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Far Cry 5 (HKLM-x32\...\Far Cry 5_is1) (Version: - )
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{F322B446-B157-4257-B44F-4F22D41F8EDB}) (Version: 8.6.18.11 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{92496DD7-4337-422B-B84D-7A9E391D7FE7}) (Version: 12.9.24.3 - HP Inc.)
IDM Crack 6.26 build 2 (HKLM-x32\...\IDM Crack 6.26 build 2) (Version: build 2 - Crackingpatching.com Team)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6504.0 - IDT)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.100 - Trusteer)
Origin (HKLM-x32\...\Origin) (Version: 10.5.28.13288 - Electronic Arts, Inc.)
PicosmosTools 2.1.1.0 (HKLM-x32\...\PicosmosTools) (Version: 2.1.1.0 - Free Time)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.9 - Power Software Ltd)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.100 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Samsung AllShare (HKLM-x32\...\{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Skype verze 8.28 (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
UnHackMe 10.0 (HKLM-x32\...\UnHackMe_is1) (Version: - Greatis Software, LLC.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-11-09] (ESET)
ContextMenuHandlers1: [FormatFactoryShell] -> [CC]{A3777921-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers1: [PicosmosShell] -> {A3888921-CFD3-4A6B-89BF-08E6B95716E8} => D:\PicosmosTools\ShellEx64_101.dll [2018-11-01] (Free Time)
ContextMenuHandlers1: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-11-09] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [FormatFactoryShell] -> [CC]{A3777921-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers4: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-06-07] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> [CC]{B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\PowerISO\PWRISOSH.DLL [2017-06-07] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F0402D4-25D1-418A-B9B5-6A876A0851A0} - System32\Tasks\HPCeeScheduleFormilda => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.)
Task: {22C3749A-F19A-4684-A189-6D599924A4D0} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-7HILCAL-milda => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {28A0CA8C-E5BD-4EF4-A3FD-2399A8D88BB6} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2018-11-15] (Greatis Software)
Task: {3BF9E149-30C8-4E14-98B1-55399CC4F65F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {3D44CF83-5CA2-4B57-95A7-E9E13327745E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {3D647483-FF51-44F0-BE7B-41E560B798BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2018-05-02] (HP Inc.)
Task: {4F18AA55-746F-4F5D-BD8B-CAA4F7E3787C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-06-07] (Advanced Micro Devices, Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {68DD5591-8DAE-47A5-9F66-9BB6782889F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-11-08] (HP Inc.)
Task: {6F7528F8-B737-404B-B5B6-59F2998365E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-15] (Google Inc.)
Task: {83B042CC-24CA-4162-8E54-E4F1B71DEC8B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-06-07] (Advanced Micro Devices, Inc.)
Task: {A4D30C7E-E4CB-499E-8842-94EA6DE62E2F} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-11-08] (Microsoft Corporation)
Task: {A5F18FDB-2CD7-4F62-9F42-9E81A246CCC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-15] (Google Inc.)
Task: {B3106A56-A5CB-4ADF-B699-29CC158F3ECE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {B38FA93C-43FC-4315-B7E9-75AD9BDEFC31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {D504D733-34DC-44E3-B189-73134C910204} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2018-05-02] (HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\HPCeeScheduleFormilda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-06-15 10:59 - 2016-03-09 16:18 - 000025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2018-06-15 10:59 - 2016-03-09 16:18 - 002513920 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2018-06-15 10:59 - 2016-03-09 16:18 - 002436096 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 10:25 - 2013-12-21 10:25 - 000036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 10:26 - 2013-12-21 10:26 - 000144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 10:27 - 2013-12-21 10:27 - 000018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 08:52 - 2013-10-22 08:52 - 000030720 _____ () C:\Windows\SYSTEM32\MediaDB64.dll
2013-10-22 08:52 - 2013-10-22 08:52 - 000908800 _____ () C:\Windows\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 10:27 - 2013-12-21 10:27 - 000521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 000049152 _____ () C:\Windows\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 000016896 _____ () C:\Windows\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 000299520 _____ () C:\Windows\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 000058880 _____ () C:\Windows\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-11-15 11:46 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-11-13 07:41 - 2018-11-13 07:41 - 003519488 _____ () D:\PicosmosTools\FTCoreX64.dll
2018-11-13 07:38 - 2018-11-13 07:38 - 004438016 _____ () D:\PicosmosTools\FFImageX64.dll
2018-11-13 07:38 - 2018-11-13 07:38 - 022744576 _____ () D:\PicosmosTools\FFOpenCVX64.dll
2018-11-14 15:21 - 2018-11-08 23:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll
2018-11-14 15:21 - 2018-11-08 23:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 001114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 000227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-10-24 15:53 - 2013-10-24 15:53 - 000107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-10-24 15:53 - 2013-10-24 15:53 - 000032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 15:38 - 2013-04-19 15:38 - 000055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 000038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 000012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 000046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 08:48 - 2013-10-22 08:48 - 000707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 000102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 000077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 000520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 000450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 005717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 18:49 - 2013-10-25 18:49 - 000028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 15:45 - 2013-12-11 15:45 - 000017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 000028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 000013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 000064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 000023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 000117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 000686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 000289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 000366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 001033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 004671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 000152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-12-11 15:45 - 2013-12-11 15:45 - 000134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 000290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 000147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 000070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 000399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 000044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2015-06-02 14:51 - 2015-06-02 14:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 001135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 000520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 000450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 005717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 000070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 000152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 000366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-22 15:46 - 2012-02-22 15:46 - 000024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 000147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 004671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 000686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 000399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-01-05 21:40 - 2012-01-05 21:40 - 000044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\AcroTray.cze
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-07-16 17:19 - 2018-11-24 05:01 - 000025333 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
0.0.0.0 0x1f4b0.com
0.0.0.0 1q2w3.fun
0.0.0.0 1q2w3.life
0.0.0.0 1q2w3.website
0.0.0.0 2giga.dowload
0.0.0.0 2giga.link
0.0.0.0 8jd2lfsq.me
0.0.0.0 aalbbh84.info
0.0.0.0 acbp0020171456.page.tl
0.0.0.0 adless.io
0.0.0.0 ad-miner.com
0.0.0.0 adplusplus.fr
0.0.0.0 adrenali.gq
0.0.0.0 afflow.18-plus.net
0.0.0.0 afminer.com
0.0.0.0 ajcryptominer.com
0.0.0.0 ajplugins.com
0.0.0.0 akvideo.stream
0.0.0.0 allfontshere.press
0.0.0.0 altavista.ovh
0.0.0.0 amhixwqagiz.ru
0.0.0.0 analytics.blue
0.0.0.0 andlache.com
0.0.0.0 anime.reactor.cc
There are 980 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\milda\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 84.16.96.2 - 84.16.113.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "BeatsOSDApp"
HKLM\...\StartupApproved\Run: => "Samsung Link"
HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "AllShareAgent"
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2537763425-3246276975-3855636770-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{593F113E-0D33-4FC4-8999-53F1918F96F4}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{3AC1CF08-6C2C-4905-8F1A-F134E2761EFB}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{8CF31A23-2259-4566-B086-87EE4F6B4B30}] => (Allow) D:\FormatFactory\FormatFactory.exe
FirewallRules: [{72C09720-5A6D-45D8-B46E-DF14AE1095D5}] => (Allow) D:\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{582E8FD0-1D5E-4731-B356-F55C242F754A}] => (Allow) D:\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{B4554EE4-8578-400C-AF56-9946FD877815}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{819D96F7-E773-455A-BF56-4DA643A0003E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [TCP Query User{08A67C55-FFB1-43BA-858B-24F14B8E50C6}C:\users\milda\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\milda\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{DD472D1A-A5C5-425A-9C9A-E82E05AC78FF}C:\users\milda\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\milda\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{67F25753-8D8D-4D1C-B3B0-AF83D8AC4C28}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777935}}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA9}}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777934}}] => (Allow) C:\Program Files (x86)\UnHackMe\regruninfo.exe
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA8}}] => (Allow) C:\Program Files (x86)\UnHackMe\regruninfo.exe
FirewallRules: [{0E9C59B0-E176-4A2B-97DD-8613339A817E}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe
FirewallRules: [{538DBF02-716C-441E-A9D6-7737E30EB748}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe
FirewallRules: [{82751445-1EE1-450F-A5F6-8298DFB503AA}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe
FirewallRules: [{90C53A1B-95C3-4951-B583-1631F485EF57}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe
FirewallRules: [{1B29B5B5-296A-44C1-971F-DB0262A5F802}] => (Allow) C:\Users\milda\AppData\Local\Temp\7zS74E0\HPDiagnosticCoreUI.exe
FirewallRules: [{74F8D18D-A36F-401B-A9A5-669F5C51DC5E}] => (Allow) C:\Users\milda\AppData\Local\Temp\7zS74E0\HPDiagnosticCoreUI.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: 260ci WIA Driver (USB)
Description: 260ci WIA Driver (USB)
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Kyocera
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/24/2018 09:32:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mmc.exe, verze: 10.0.17134.1, časové razítko: 0x81b0c732
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.407, časové razítko: 0x99042cc0
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x27ec
Čas spuštění chybující aplikace: 0x01d4842ebf973753
Cesta k chybující aplikaci: C:\Windows\system32\mmc.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 026f7a50-1e37-4a96-9ce7-f3ec88502441
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/24/2018 09:32:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: mmc.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
v System.Windows.Forms.ListView.ListViewItemCollection.get_Item(Int32 index)
v System.Windows.Forms.ListView.WmReflectNotify(Message& m)
v System.Windows.Forms.ListView.WndProc(Message& m)
v Microsoft.Windows.ManagementUI.CombinedControls.ListViewEx.WndProc(Message& m)
v System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
Informace o výjimce: System.Reflection.TargetInvocationException
v Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.OnThreadException(Object sender, ThreadExceptionEventArgs e)
v System.Windows.Forms.Application.ThreadContext.OnThreadException(Exception t)
v System.Windows.Forms.Control.WndProcException(Exception e)
v System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
v System.Windows.Forms.UnsafeNativeMethods.SendMessage(HandleRef hWnd, Int32 msg, IntPtr wParam, IntPtr lParam)
v System.Windows.Forms.Control.SendMessage(Int32 msg, IntPtr wparam, IntPtr lparam)
v System.Windows.Forms.Control.ReflectMessageInternal(IntPtr hWnd, Message& m)
v System.Windows.Forms.Control.WmNotify(Message& m)
v System.Windows.Forms.Control.WndProc(Message& m)
v System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
Informace o výjimce: System.Reflection.TargetInvocationException
v Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.OnThreadException(Object sender, ThreadExceptionEventArgs e)
v System.Windows.Forms.Application.ThreadContext.OnThreadException(Exception t)
v System.Windows.Forms.Control.WndProcException(Exception e)
v System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
v System.Windows.Forms.UnsafeNativeMethods.CallWindowProc(IntPtr wndProc, IntPtr hWnd, Int32 msg, IntPtr wParam, IntPtr lParam)
v System.Windows.Forms.NativeWindow.DefWndProc(Message& m)
v Microsoft.Windows.ManagementUI.CombinedControls.ListViewEx.DefWndProc(Message& m)
v System.Windows.Forms.ListView.WmMouseDown(Message& m, MouseButtons button, Int32 clicks)
v System.Windows.Forms.ListView.WndProc(Message& m)
v Microsoft.Windows.ManagementUI.CombinedControls.ListViewEx.WndProc(Message& m)
v System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
Informace o výjimce: System.Reflection.TargetInvocationException
v Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.OnThreadException(Object sender, ThreadExceptionEventArgs e)
v System.Windows.Forms.Application.ThreadContext.OnThreadException(Exception t)
v System.Windows.Forms.Control.WndProcException(Exception e)
v System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
v System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
v System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
v System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
v System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
v Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run()
na Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run()
na Microsoft.ManagementConsole.Executive.SnapInThread.OnThreadStart()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (11/24/2018 08:43:07 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-7HILCAL)
Description: httphttp-2147467263
Error: (11/24/2018 02:17:42 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-7HILCAL)
Description: httphttp-2147467263
Error: (11/24/2018 06:08:28 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Program Files (x86)\UnHackMe\reanimator.exe Files (x86)\UnHackMe\reanimator.exe" /wiz /full; Popis = UnHackMe Malware Removal; Chyba = 0x8004231f).
Error: (11/24/2018 06:07:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary EBF208E2.
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (11/24/2018 05:18:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 1.0.1.922, časové razítko: 0x55010546
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2be1e
Kód výjimky: 0x40000015
Posun chyby: 0x0008d6fd
ID chybujícího procesu: 0x2a80
Čas spuštění chybující aplikace: 0x01d483acb2d06894
Cesta k chybující aplikaci: E:\APLIKACE-PROGRAMY\MALWARE, ROOTKITY , VIRY, LOGY, JINÁ HAVĚŤ,APLIKACE\Antiviry portable 04_2015\Malwarebytes' Anti-Malware 2.1.4.1018 Portable Premium ML (17.3.2015)\App\Malwarebytes\mbam.exe
Cesta k chybujícímu modulu: E:\APLIKACE-PROGRAMY\MALWARE, ROOTKITY , VIRY, LOGY, JINÁ HAVĚŤ,APLIKACE\Antiviry portable 04_2015\Malwarebytes' Anti-Malware 2.1.4.1018 Portable Premium ML (17.3.2015)\App\Malwarebytes\MSVCR100.dll
ID zprávy: 71c1eb0c-cd9d-473b-ae17-0c22197c2a22
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/24/2018 05:13:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 1.0.1.922, časové razítko: 0x55010546
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2be1e
Kód výjimky: 0x40000015
Posun chyby: 0x0008d6fd
ID chybujícího procesu: 0x2008
Čas spuštění chybující aplikace: 0x01d483ac066c8aee
Cesta k chybující aplikaci: E:\APLIKACE-PROGRAMY\MALWARE, ROOTKITY , VIRY, LOGY, JINÁ HAVĚŤ,APLIKACE\Antiviry portable 04_2015\Malwarebytes' Anti-Malware 2.1.4.1018 Portable Premium ML (17.3.2015)\App\Malwarebytes\mbam.exe
Cesta k chybujícímu modulu: E:\APLIKACE-PROGRAMY\MALWARE, ROOTKITY , VIRY, LOGY, JINÁ HAVĚŤ,APLIKACE\Antiviry portable 04_2015\Malwarebytes' Anti-Malware 2.1.4.1018 Portable Premium ML (17.3.2015)\App\Malwarebytes\MSVCR100.dll
ID zprávy: ed992b7e-28d4-4a04-b390-d9406df4f977
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (11/24/2018 09:35:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/24/2018 09:35:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\milda\AppData\Local\Temp\ehdrv.sys
Error: (11/24/2018 09:35:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/24/2018 09:35:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\milda\AppData\Local\Temp\ehdrv.sys
Error: (11/24/2018 09:35:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/24/2018 09:35:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\milda\AppData\Local\Temp\ehdrv.sys
Error: (11/24/2018 09:35:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/24/2018 09:35:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\milda\AppData\Local\Temp\ehdrv.sys
Windows Defender:
===================================
Date: 2018-08-03 22:25:18.612
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EBCFD13A-B058-4508-A4D0-7C270B757C97}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-07-22 22:24:44.935
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {21F9F516-CD29-490E-BADB-AAA2C61A233A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-07-18 14:38:19.859
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {ED2EC72D-1454-4DFC-B133-3E4642DA5449}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-07-15 03:55:18.672
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {42D523AC-639E-44E6-9444-2B651E7F8245}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-07-15 03:44:52.639
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4C1B35A6-8052-4367-A6CA-DBAB4760B030}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-08-16 18:36:03.199
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.
Date: 2018-07-13 00:40:35.504
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.263.48.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14600.4
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.
Date: 2018-07-13 00:35:13.330
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.263.48.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14600.4
Kód chyby: 0x80070643
Popis chyby
ři instalaci došlo k závažné chybě. Date: 2018-07-13 00:35:06.899
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.271.900.0
Předchozí verze podpisu: 1.263.48.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.14600.4
Předchozí verze modulu: 1.1.14600.4
Kód chyby: 0x80070666
Popis chyby :Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2018-07-13 00:35:06.899
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.271.900.0
Předchozí verze podpisu: 1.263.48.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.14600.4
Předchozí verze modulu: 1.1.14600.4
Kód chyby: 0x80070666
Popis chyby :Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
CodeIntegrity:
===================================
Date: 2018-11-17 16:11:58.204
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-11-17 16:11:58.201
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-11-17 16:02:49.952
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-11-17 16:02:49.948
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-11-17 16:02:49.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-11-17 16:02:49.936
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-11-17 16:02:49.475
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-11-17 16:02:49.471
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD A8-6500 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 64%
Total physical RAM: 7348.79 MB
Available physical RAM: 2589.21 MB
Total Virtual: 10548.79 MB
Available Virtual: 5846.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:150.26 GB) (Free:0.63 GB) NTFS
Drive d: () (Fixed) (Total:97.06 GB) (Free:39.16 GB) NTFS
Drive e: (DATA DISK) (Fixed) (Total:683.59 GB) (Free:125.79 GB) NTFS
\\?\Volume{16da3718-f009-4fe3-bde6-806c2c40e839}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS
\\?\Volume{d70cc970-ba70-46c4-a48b-ad44afcf43c8}\ () (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 974CB63F)
Partition: GPT.
==================== End of Addition.txt ============================
Skontroluj, ci ti nebezi na pozadi nejake stahovanie (napr. BitTorrent). Tiez skus pozriet napr. cez program 
Přispějete na provoz fóra?