Trojský Kůň

Zpráva

Sauryy · #1 Příspěvek od **Sauryy** » 28 lis 2018 14:05

Zdravím, přícházím k vám pro pár rad, dneska mi v ESETu vyběhlo, že mám v komplu nějaký virus win32/coinminer.dv
procák je vytíženej na max.. takže nejsem schopný skoro nic dělat :/
Poradili by jste mi prosím? Už sem z toho celkem marný..

#2 Příspěvek od **Rudy** » 28 lis 2018 15:11

Zdravím!
Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

Sauryy · #3 Příspěvek od **Sauryy** » 28 lis 2018 17:06

Zdravím. zasílám vám logy

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2017 01 ([color=red]ATTENTION: ====> FRSTversion is 590 days old and could be outdated[/color])
Ran by adria (administrator) on DESKTOP-COSN14B (28-11-2018 17:03:59)
Running from C:\Users\adria\AppData\Local\Temp\scoped_dir6148_31293
Loaded Profiles: adria (Available Profiles: defaultuser0 & adria)
Platform: Windows 10 Pro Version 1803 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> Registry
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\SysWOW64\ASGT.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
() D:\Torrenty\Wallpaper Engine\wallpaper32.exe
(mfbot.de) C:\Users\adria\Desktop\mfbot\MFBot.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS Echelon Laser Gaming Mouse\mousehid.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS Echelon Laser Gaming Mouse\trayicon.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files\Opera\56.0.3051.116\opera.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-29] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [177928 2018-10-31] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [ASUS_Echelon] => C:\Program Files (x86)\ASUS\ASUS Echelon Laser Gaming Mouse\mousehid.exe [301568 2013-10-24] (ASUS)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1031120 2015-05-18] (MSI)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [805840 2015-07-31] (MSI)
HKLM-x32\...\Run: [MSI Gaming Lan Manager] => C:\MSI\MSI Gaming Lan Manager\MSI_Gaming_Lan_Manager.exe [1956304 2015-08-24] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15371216 2017-03-07] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-02] (Disc Soft Ltd)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [Discord] => C:\Users\adria\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [Spotify Web Helper] => C:\Users\adria\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-19] (Spotify Ltd)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [Spotify] => C:\Users\adria\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-04-19] (Spotify Ltd)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [WallpaperEngine] => D:\Torrenty\Wallpaper Engine\wallpaper32.exe [735232 2018-04-16] ()
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [mfbot] => C:\Users\adria\Desktop\mfbot\MFBot.exe [47833088 2018-07-10] (mfbot.de)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\Run: [com.squirrel.splice.Splice] => C:\Users\adria\AppData\Local\splice\app-3.2.48468\Splice.exe
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MSI)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\MountPoints2: {0ed15ead-880e-11e8-831f-d8cb8ac65195} - "L:\autorun.exe" 
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\MountPoints2: {ceacc57c-ea45-11e6-82b1-d8cb8ac65195} - "K:\autorun.exe" 
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\adria\AppData\Local\MEGAsync\ShellExtX64.dll [2018-01-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\adria\AppData\Local\MEGAsync\ShellExtX64.dll [2018-01-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\adria\AppData\Local\MEGAsync\ShellExtX64.dll [2018-01-30] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2016-08-09] (DESlock Limited)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\adria\AppData\Local\MEGAsync\ShellExtX32.dll [2018-01-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\adria\AppData\Local\MEGAsync\ShellExtX32.dll [2018-01-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\adria\AppData\Local\MEGAsync\ShellExtX32.dll [2018-01-30] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll [2018-11-06] (Dropbox, Inc.)
Startup: C:\Users\adria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-10-01]
ShortcutTarget: MEGAsync.lnk -> C:\Users\adria\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\adria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2018-04-17]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2017-01-25]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.56.113 10.10.10.10
Tcpip\..\Interfaces\{294516df-9a69-455e-bf47-34aee0c37c10}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{74ca931a-81ef-4ea2-ace6-c99ff3b924bd}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{74ca931a-81ef-4ea2-ace6-c99ff3b924bd}: [DhcpNameServer] 172.16.56.113 10.10.10.10

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-29] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-29] (Oracle Corporation)

Edge: 
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2018-04-12]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [2018-04-12]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-29] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-29] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-05-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-05-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\adria\AppData\Local\Google\Chrome\User Data\Default [2018-10-24]
CHR Extension: (FBDown Video Downloader) - C:\Users\adria\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2018-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\adria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-26]
CHR Extension: (Chrome Media Router) - C:\Users\adria\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-24]

Opera: 
=======
OPR Extension: (YouTube Downloader) - C:\Users\adria\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2018-09-02]
OPR Extension: (Adblock Plus) - C:\Users\adria\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-11-15]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
S3 AssignedAccessManagerSvc; C:\WINDOWS\System32\assignedaccessmanagersvc.dll [604672 2018-04-12] (Microsoft Corporation)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1364992 2018-11-01] (Microsoft Corporation)
S3 BcastDVRUserService_8a8cfca; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 BcastDVRUserService_8a8cfca; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-03-08] ()
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_8a8cfca; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_8a8cfca; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [514048 2018-10-21] (Microsoft Corporation)
S3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [395264 2018-10-21] (Microsoft Corporation)
S3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [266752 2018-06-15] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [125952 2018-04-12] (Microsoft Corporation)
S3 CaptureService_8a8cfca; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 CaptureService_8a8cfca; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-08-20] (cFos Software GmbH)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-07-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-07-26] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc_8a8cfca; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc_8a8cfca; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\WINDOWS\System32\DevicesFlowBroker.dll [750080 2018-04-12] (Microsoft Corporation)
S3 DevicesFlowUserSvc_8a8cfca; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 DevicesFlowUserSvc_8a8cfca; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-02] (Disc Soft Ltd)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [540864 2016-07-08] (DESlock Limited.)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
R2 DusmSvc; C:\WINDOWS\System32\dusmsvc.dll [356352 2018-11-01] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-18] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302152 2018-10-31] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302152 2018-10-31] (ESET)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [31400 2015-08-18] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe [2018768 2015-08-14] (Micro-Star INT'L CO., LTD.)
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-02-19] (Hi-Rez Studios) [File not signed]
S3 InstallService; C:\WINDOWS\system32\InstallService.dll [1487360 2018-06-15] (Microsoft Corporation)
S3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-06-15] (Microsoft Corporation)
S3 IpxlatCfgSvc; C:\WINDOWS\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2106832 2015-06-29] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4050384 2015-08-25] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2123216 2015-07-08] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4177360 2015-08-06] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2002896 2015-07-28] (MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2284496 2015-07-30] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2072528 2015-06-29] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [599504 2015-07-28] (MSI)
R2 MSI_Cloud_Service; C:\Program Files (x86)\MSI\MSI M-Cloud\MSI_Cloud_Service.exe [97232 2015-06-30] (Micro-Star Int'l Co., Ltd.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2286032 2017-03-06] (Micro-Star INT'L CO., LTD.)
R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\MSI RAMDisk\MSI_RAMDisk_Service.exe [69072 2015-07-09] (Micro-Star Int'l Co., Ltd.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
S3 NaturalAuthentication; C:\WINDOWS\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [764896 2018-05-22] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [645160 2018-10-10] (NVIDIA Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [170496 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_8a8cfca; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_8a8cfca; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [322712 2018-11-08] (Microsoft Corporation)
R3 SEMgrSvc; C:\WINDOWS\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 TokenBroker; C:\WINDOWS\System32\TokenBroker.dll [1395200 2018-11-01] (Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2018-11-01] (Microsoft Corporation)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [873968 2017-06-30] (Tunngle.net GmbH) [File not signed]
S3 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 updater; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]
S3 VacSvc; C:\WINDOWS\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [392704 2018-08-09] (Microsoft Corporation)
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\WINDOWS\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1359360 2018-07-14] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1456640 2018-05-20] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120096 2017-11-08] (Wondershare)
S3 xbgm; C:\WINDOWS\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\WINDOWS\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19216 2015-07-07] (Intel(R) Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-04-12] (Microsoft Corporation)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [92056 2018-04-12] (Microsoft Corporation)
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
S3 CAD; C:\WINDOWS\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
R2 CldFlt; C:\WINDOWS\System32\drivers\cldflt.sys [414720 2018-07-14] (Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [179712 2016-08-04] (DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121184 2016-08-09] (DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98304 2016-08-04] (DESlock Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-02-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-02-04] (Disc Soft Ltd)
S3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [530416 2015-06-18] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-31] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-31] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-31] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-10-31] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-10-31] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-31] (ESET)
S3 EvolveVirtualAdapter; C:\WINDOWS\System32\drivers\evolve.sys [21656 2018-07-26] (Echobit, LLC)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [82440 2018-01-04] (Multi Theft Auto)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
R3 iaLPSS2_UART2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [287032 2016-10-26] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2018-05-19] (hxxp://libusb-win32.sourceforge.net)
S3 mausbhost; C:\WINDOWS\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\WINDOWS\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f32bf428bbff8aa5\nvlddmkm.sys [17194584 2018-05-23] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
S3 pmem; C:\WINDOWS\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S1 prodrv06; C:\Windows\SysWOW64\drivers\prodrv06.sys [52128 2003-10-10] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [62720 2003-10-10] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
R2 RAMDriv; C:\WINDOWS\system32\DRIVERS\ramdriv.sys [81912 2012-12-27] (Micro-Star Int'l Co., Ltd.)
R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [81912 2012-12-27] (Micro-Star Int'l Co., Ltd.)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-09-06] (Protection Technology) [File not signed]
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
S3 SpatialGraphFilter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [25088 2015-04-14] (SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135736 2016-08-04] (DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 WinNat; C:\WINDOWS\System32\drivers\winnat.sys [228864 2018-10-21] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2018-02-20] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-28 17:03 - 2018-11-28 17:03 - 02424832 _____ (Farbar) C:\Users\adria\Desktop\FRST64.exe
2018-11-28 17:03 - 2018-11-28 17:03 - 00000000 ____D C:\FRST
2018-11-28 17:02 - 2018-11-28 17:02 - 01741312 _____ (Farbar) C:\Users\adria\Desktop\FRST.exe
2018-11-18 19:02 - 2018-11-28 17:00 - 02711363 _____ C:\WINDOWS\TestDll.bin
2018-11-18 19:02 - 2018-11-28 17:00 - 00102400 _____ C:\WINDOWS\Systemcall.exe
2018-11-17 19:36 - 2018-11-17 19:36 - 00003770 _____ C:\WINDOWS\System32\Tasks\SystemSettings
2018-11-17 19:36 - 2018-11-16 14:15 - 92564513 _____ C:\Users\adria\Desktop\Lvcas Dope & DJ Wich - Diamant (2018).rar
2018-11-17 19:36 - 2018-11-16 14:14 - 00000000 ____D C:\Users\adria\Desktop\Lvcas Dope & DJ Wich - Diamant (2018)
2018-11-17 19:35 - 2018-11-17 19:35 - 08219620 _____ C:\Users\adria\Downloads\Unrarer.zip
2018-11-17 19:35 - 2018-11-17 19:35 - 00371416 _____ (Alexander Roshal) C:\Users\adria\Documents\unrar.exe
2018-11-17 14:15 - 2018-10-25 16:26 - 185022886 _____ C:\Users\adria\Desktop\Lvcas Dope & DJ Wich -- Diamant (2018).exe
2018-11-17 14:07 - 2018-11-17 14:16 - 92647924 _____ C:\Users\adria\Downloads\Lvcas Dope & DJ Wich - Diamant (2018) (1).zip
2018-11-17 13:39 - 2018-11-17 13:56 - 185013046 _____ C:\Users\adria\Downloads\Lvcas Dope & DJ Wich - Diamant (2018).zip
2018-11-15 20:51 - 2018-11-16 00:24 - 00000000 ____D C:\Users\adria\AppData\Roaming\WhatsApp
2018-11-15 20:51 - 2018-11-15 20:51 - 00002261 _____ C:\Users\adria\Desktop\WhatsApp.lnk
2018-11-15 20:51 - 2018-11-15 20:51 - 00000000 ____D C:\Users\adria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-11-15 20:51 - 2018-11-15 20:51 - 00000000 ____D C:\Users\adria\AppData\Local\WhatsApp
2018-11-15 20:48 - 2018-11-15 20:49 - 146730936 _____ (WhatsApp) C:\Users\adria\Desktop\WhatsAppSetup.exe
2018-11-14 13:57 - 2018-11-01 12:46 - 02394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-14 13:57 - 2018-11-01 12:45 - 01376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-14 13:57 - 2018-11-01 12:28 - 03649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-14 13:57 - 2018-11-01 12:27 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-14 13:57 - 2018-11-01 11:09 - 01027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-14 13:57 - 2018-11-01 08:28 - 01221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-14 13:57 - 2018-11-01 08:28 - 01029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-14 13:57 - 2018-11-01 08:28 - 00076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-14 13:57 - 2018-11-01 08:27 - 01017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-14 13:57 - 2018-11-01 08:27 - 00491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-14 13:57 - 2018-11-01 08:26 - 03291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-14 13:57 - 2018-11-01 08:26 - 03180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-14 13:57 - 2018-11-01 08:25 - 09089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-14 13:57 - 2018-11-01 08:25 - 01934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-14 13:57 - 2018-11-01 08:25 - 01784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-14 13:57 - 2018-11-01 08:25 - 01288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-14 13:57 - 2018-11-01 08:25 - 01209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-14 13:57 - 2018-11-01 08:25 - 00885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-14 13:57 - 2018-11-01 08:25 - 00793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-14 13:57 - 2018-11-01 08:25 - 00594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-14 13:57 - 2018-11-01 08:25 - 00413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-14 13:57 - 2018-11-01 08:25 - 00412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-14 13:57 - 2018-11-01 08:25 - 00375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-14 13:57 - 2018-11-01 08:00 - 08189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-14 13:57 - 2018-11-01 08:00 - 06031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-14 13:57 - 2018-11-01 08:00 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-14 13:57 - 2018-11-01 07:58 - 07573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-14 13:57 - 2018-11-01 07:58 - 04867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-14 13:57 - 2018-11-01 07:58 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-14 13:57 - 2018-11-01 07:57 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-14 13:57 - 2018-11-01 07:57 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-14 13:57 - 2018-11-01 07:57 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-14 13:57 - 2018-11-01 07:56 - 02172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-14 13:57 - 2018-11-01 07:56 - 01768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-14 13:57 - 2018-11-01 07:55 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-14 13:57 - 2018-11-01 07:54 - 01551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-14 13:57 - 2018-11-01 07:54 - 00943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-14 13:57 - 2018-11-01 07:54 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-14 13:57 - 2018-11-01 07:53 - 02248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-14 13:57 - 2018-11-01 07:53 - 01159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-14 13:57 - 2018-11-01 07:53 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-14 13:57 - 2018-11-01 05:50 - 00861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-14 13:57 - 2018-11-01 05:50 - 00786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-14 13:57 - 2018-11-01 05:48 - 04790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-14 13:57 - 2018-11-01 05:48 - 02478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-14 13:57 - 2018-11-01 05:48 - 01805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-14 13:57 - 2018-11-01 05:48 - 01011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-14 13:57 - 2018-11-01 05:47 - 01379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-14 13:57 - 2018-11-01 05:47 - 01020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-14 13:57 - 2018-11-01 05:47 - 00567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-14 13:57 - 2018-11-01 05:33 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-14 13:57 - 2018-11-01 05:31 - 05307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-14 13:57 - 2018-11-01 05:30 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-14 13:57 - 2018-10-21 13:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-14 13:57 - 2018-10-21 12:28 - 12501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-14 13:57 - 2018-10-21 12:22 - 02405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-14 13:57 - 2018-10-21 08:46 - 00709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-14 13:57 - 2018-10-21 08:46 - 00560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-14 13:57 - 2018-10-21 08:46 - 00171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-14 13:57 - 2018-10-21 08:45 - 03283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-14 13:57 - 2018-10-21 08:45 - 00607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-14 13:57 - 2018-10-21 08:28 - 16592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-14 13:57 - 2018-10-21 08:20 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-14 13:57 - 2018-10-21 08:19 - 02487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-14 13:57 - 2018-10-21 08:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-14 13:57 - 2018-10-21 08:17 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-14 13:57 - 2018-10-21 08:17 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-14 13:57 - 2018-10-21 08:16 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-14 13:57 - 2018-10-21 08:16 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-14 13:57 - 2018-10-21 08:15 - 02904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-14 13:57 - 2018-10-21 08:15 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-14 13:57 - 2018-10-21 08:14 - 02224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-14 13:57 - 2018-10-21 08:14 - 01034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-14 13:57 - 2018-10-21 08:09 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-14 13:57 - 2018-10-21 07:58 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-14 13:56 - 2018-11-01 12:49 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-14 13:56 - 2018-11-01 12:45 - 04527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-14 13:56 - 2018-11-01 12:45 - 01617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-14 13:56 - 2018-11-01 12:32 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-14 13:56 - 2018-11-01 12:31 - 06602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-14 13:56 - 2018-11-01 12:30 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-14 13:56 - 2018-11-01 12:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-14 13:56 - 2018-11-01 12:29 - 12710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-14 13:56 - 2018-11-01 12:29 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-14 13:56 - 2018-11-01 12:28 - 04491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-14 13:56 - 2018-11-01 12:28 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-14 13:56 - 2018-11-01 12:27 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-14 13:56 - 2018-11-01 12:26 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-14 13:56 - 2018-11-01 12:26 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-14 13:56 - 2018-11-01 12:26 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-11-14 13:56 - 2018-11-01 12:26 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-14 13:56 - 2018-11-01 12:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-11-14 13:56 - 2018-11-01 12:25 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-14 13:56 - 2018-11-01 10:59 - 05669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-14 13:56 - 2018-11-01 10:56 - 11902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-14 13:56 - 2018-11-01 10:56 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-14 13:56 - 2018-11-01 10:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-14 13:56 - 2018-11-01 10:54 - 03397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-14 13:56 - 2018-11-01 10:54 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-14 13:56 - 2018-11-01 10:53 - 00908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-14 13:56 - 2018-11-01 10:52 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-14 13:56 - 2018-11-01 10:15 - 23861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-14 13:56 - 2018-11-01 10:13 - 19525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-14 13:56 - 2018-11-01 08:39 - 01035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-14 13:56 - 2018-11-01 08:38 - 00269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-14 13:56 - 2018-11-01 08:37 - 00272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-14 13:56 - 2018-11-01 08:28 - 01062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-14 13:56 - 2018-11-01 08:28 - 00566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-14 13:56 - 2018-11-01 08:28 - 00134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-14 13:56 - 2018-11-01 08:26 - 07432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-14 13:56 - 2018-11-01 08:26 - 01363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-14 13:56 - 2018-11-01 08:25 - 07520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-14 13:56 - 2018-11-01 08:25 - 04404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-14 13:56 - 2018-11-01 08:25 - 02822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-14 13:56 - 2018-11-01 08:25 - 02571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-14 13:56 - 2018-11-01 08:25 - 02371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-14 13:56 - 2018-11-01 08:25 - 01456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-14 13:56 - 2018-11-01 08:25 - 01257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-14 13:56 - 2018-11-01 08:25 - 01190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-14 13:56 - 2018-11-01 08:25 - 01140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-14 13:56 - 2018-11-01 08:25 - 00982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-14 13:56 - 2018-11-01 08:25 - 00713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-14 13:56 - 2018-11-01 08:25 - 00463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-14 13:56 - 2018-11-01 08:25 - 00268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-14 13:56 - 2018-11-01 08:25 - 00261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-14 13:56 - 2018-11-01 08:09 - 25855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-14 13:56 - 2018-11-01 08:03 - 03397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-14 13:56 - 2018-11-01 08:03 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-14 13:56 - 2018-11-01 08:02 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-14 13:56 - 2018-11-01 08:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-14 13:56 - 2018-11-01 08:01 - 22716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-14 13:56 - 2018-11-01 08:01 - 09084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-14 13:56 - 2018-11-01 08:01 - 07057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-14 13:56 - 2018-11-01 08:00 - 03392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-14 13:56 - 2018-11-01 08:00 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-14 13:56 - 2018-11-01 07:59 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-14 13:56 - 2018-11-01 07:59 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-14 13:56 - 2018-11-01 07:59 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-14 13:56 - 2018-11-01 07:59 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-14 13:56 - 2018-11-01 07:59 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-14 13:56 - 2018-11-01 07:58 - 04383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-14 13:56 - 2018-11-01 07:58 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-14 13:56 - 2018-11-01 07:58 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-14 13:56 - 2018-11-01 07:58 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-14 13:56 - 2018-11-01 07:57 - 03381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-14 13:56 - 2018-11-01 07:57 - 02825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-14 13:56 - 2018-11-01 07:57 - 02364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-14 13:56 - 2018-11-01 07:57 - 01804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-14 13:56 - 2018-11-01 07:57 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-14 13:56 - 2018-11-01 07:57 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-14 13:56 - 2018-11-01 07:57 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-14 13:56 - 2018-11-01 07:57 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-14 13:56 - 2018-11-01 07:57 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-14 13:56 - 2018-11-01 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-14 13:56 - 2018-11-01 07:56 - 02929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-14 13:56 - 2018-11-01 07:56 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-14 13:56 - 2018-11-01 07:56 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-14 13:56 - 2018-11-01 07:55 - 02738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-14 13:56 - 2018-11-01 07:55 - 01058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-14 13:56 - 2018-11-01 07:54 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-14 13:56 - 2018-11-01 07:54 - 01264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-14 13:56 - 2018-11-01 07:54 - 01225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-14 13:56 - 2018-11-01 07:54 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-14 13:56 - 2018-11-01 07:54 - 00916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 13:56 - 2018-11-01 07:54 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-14 13:56 - 2018-11-01 07:54 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-14 13:56 - 2018-11-01 07:54 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-14 13:56 - 2018-11-01 07:53 - 01373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-14 13:56 - 2018-11-01 07:53 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-14 13:56 - 2018-11-01 07:53 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-14 13:56 - 2018-11-01 06:39 - 00001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-14 13:56 - 2018-11-01 06:08 - 02417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-14 13:56 - 2018-11-01 05:48 - 06039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-14 13:56 - 2018-11-01 05:48 - 02331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-14 13:56 - 2018-11-01 05:48 - 00880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-14 13:56 - 2018-11-01 05:48 - 00384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-14 13:56 - 2018-11-01 05:47 - 06570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-14 13:56 - 2018-11-01 05:47 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-14 13:56 - 2018-11-01 05:47 - 00581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-14 13:56 - 2018-11-01 05:47 - 00129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-14 13:56 - 2018-11-01 05:40 - 22015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-14 13:56 - 2018-11-01 05:35 - 19403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-14 13:56 - 2018-11-01 05:34 - 02700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-14 13:56 - 2018-11-01 05:33 - 03711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-14 13:56 - 2018-11-01 05:32 - 06647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-14 13:56 - 2018-11-01 05:31 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-14 13:56 - 2018-11-01 05:30 - 05883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-14 13:56 - 2018-11-01 05:30 - 05775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-14 13:56 - 2018-11-01 05:30 - 02449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-14 13:56 - 2018-11-01 05:30 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-14 13:56 - 2018-11-01 05:30 - 00561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-14 13:56 - 2018-11-01 05:30 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-14 13:56 - 2018-11-01 05:29 - 02258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-14 13:56 - 2018-11-01 05:29 - 01986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-14 13:56 - 2018-11-01 05:29 - 01862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-14 13:56 - 2018-11-01 05:29 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-14 13:56 - 2018-11-01 05:29 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-14 13:56 - 2018-11-01 05:29 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-14 13:56 - 2018-11-01 05:29 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-14 13:56 - 2018-11-01 05:28 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-14 13:56 - 2018-11-01 05:28 - 01000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-14 13:56 - 2018-11-01 05:28 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-14 13:56 - 2018-11-01 05:27 - 01627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-14 13:56 - 2018-11-01 05:27 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-14 13:56 - 2018-11-01 05:27 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-14 13:56 - 2018-11-01 05:27 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-14 13:56 - 2018-11-01 05:27 - 00534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-14 13:56 - 2018-11-01 05:26 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-14 13:56 - 2018-11-01 05:26 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-14 13:56 - 2018-11-01 05:26 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-14 13:56 - 2018-10-21 14:04 - 02267448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-11-14 13:56 - 2018-10-21 14:00 - 21386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-14 13:56 - 2018-10-21 14:00 - 01639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-14 13:56 - 2018-10-21 14:00 - 01516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-14 13:56 - 2018-10-21 14:00 - 00790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-14 13:56 - 2018-10-21 14:00 - 00396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-14 13:56 - 2018-10-21 13:59 - 00766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-14 13:56 - 2018-10-21 13:59 - 00236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-14 13:56 - 2018-10-21 13:46 - 13572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-14 13:56 - 2018-10-21 13:46 - 04393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-14 13:56 - 2018-10-21 13:44 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-14 13:56 - 2018-10-21 13:44 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-14 13:56 - 2018-10-21 13:43 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-14 13:56 - 2018-10-21 13:43 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-14 13:56 - 2018-10-21 13:43 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-14 13:56 - 2018-10-21 13:42 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-14 13:56 - 2018-10-21 13:42 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-14 13:56 - 2018-10-21 13:42 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-14 13:56 - 2018-10-21 13:42 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-14 13:56 - 2018-10-21 13:41 - 01180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-14 13:56 - 2018-10-21 12:41 - 01540408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-11-14 13:56 - 2018-10-21 12:41 - 00023056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-11-14 13:56 - 2018-10-21 12:38 - 01322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-14 13:56 - 2018-10-21 12:38 - 00662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-14 13:56 - 2018-10-21 12:38 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-14 13:56 - 2018-10-21 12:38 - 00221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-14 13:56 - 2018-10-21 12:37 - 20381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-14 13:56 - 2018-10-21 12:37 - 01626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-14 13:56 - 2018-10-21 12:28 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-14 13:56 - 2018-10-21 12:23 - 00622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-14 13:56 - 2018-10-21 12:23 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-14 13:56 - 2018-10-21 12:22 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-14 13:56 - 2018-10-21 10:29 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-14 13:56 - 2018-10-21 09:44 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-14 13:56 - 2018-10-21 08:48 - 05602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-14 13:56 - 2018-10-21 08:47 - 00368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-14 13:56 - 2018-10-21 08:46 - 00717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-14 13:56 - 2018-10-21 08:46 - 00611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-14 13:56 - 2018-10-21 08:46 - 00497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-14 13:56 - 2018-10-21 08:45 - 02719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-14 13:56 - 2018-10-21 08:45 - 01946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-14 13:56 - 2018-10-21 08:45 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-14 13:56 - 2018-10-21 08:45 - 00185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-14 13:56 - 2018-10-21 08:45 - 00175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-14 13:56 - 2018-10-21 08:45 - 00139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-14 13:56 - 2018-10-21 08:45 - 00058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-14 13:56 - 2018-10-21 08:22 - 04710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-14 13:56 - 2018-10-21 08:21 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-14 13:56 - 2018-10-21 08:21 - 00123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-14 13:56 - 2018-10-21 08:20 - 00424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-14 13:56 - 2018-10-21 08:20 - 00295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-14 13:56 - 2018-10-21 08:20 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-14 13:56 - 2018-10-21 08:20 - 00141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-14 13:56 - 2018-10-21 08:19 - 01620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-14 13:56 - 2018-10-21 08:19 - 01130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-14 13:56 - 2018-10-21 08:19 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-14 13:56 - 2018-10-21 08:19 - 00505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-14 13:56 - 2018-10-21 08:19 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-14 13:56 - 2018-10-21 08:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-14 13:56 - 2018-10-21 08:19 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-14 13:56 - 2018-10-21 08:19 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-14 13:56 - 2018-10-21 08:19 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-14 13:56 - 2018-10-21 08:19 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-14 13:56 - 2018-10-21 08:19 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-14 13:56 - 2018-10-21 08:19 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-14 13:56 - 2018-10-21 08:19 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-14 13:56 - 2018-10-21 08:18 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-14 13:56 - 2018-10-21 08:18 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-14 13:56 - 2018-10-21 08:18 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-14 13:56 - 2018-10-21 08:18 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-14 13:56 - 2018-10-21 08:18 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-14 13:56 - 2018-10-21 08:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-14 13:56 - 2018-10-21 08:18 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-14 13:56 - 2018-10-21 08:17 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-14 13:56 - 2018-10-21 08:17 - 01668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-14 13:56 - 2018-10-21 08:17 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-14 13:56 - 2018-10-21 08:17 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-14 13:56 - 2018-10-21 08:17 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-14 13:56 - 2018-10-21 08:16 - 02584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-14 13:56 - 2018-10-21 08:16 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-14 13:56 - 2018-10-21 08:16 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-14 13:56 - 2018-10-21 08:16 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-14 13:56 - 2018-10-21 08:15 - 03212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-14 13:56 - 2018-10-21 08:15 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-14 13:56 - 2018-10-21 08:14 - 01919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-14 13:56 - 2018-10-21 08:14 - 01854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-14 13:56 - 2018-10-21 08:14 - 00932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-14 13:56 - 2018-10-21 08:14 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-14 13:56 - 2018-10-21 08:14 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-14 13:56 - 2018-10-21 08:14 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-14 13:56 - 2018-10-21 08:02 - 02966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-14 13:56 - 2018-10-21 08:02 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-14 13:56 - 2018-10-21 08:01 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-14 13:56 - 2018-10-21 08:01 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-14 13:56 - 2018-10-21 08:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-14 13:56 - 2018-10-21 07:59 - 00602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-14 13:56 - 2018-10-21 07:58 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-14 13:56 - 2018-10-21 07:58 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-14 13:56 - 2018-10-21 07:57 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-14 13:56 - 2018-10-21 06:59 - 00806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-14 13:56 - 2018-10-21 06:59 - 00806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-14 13:56 - 2018-04-28 05:02 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-11-09 12:42 - 2018-11-09 14:46 - 00000000 ____D C:\Users\adria\Desktop\TRANSCEND USB
2018-11-09 12:12 - 2018-11-09 12:13 - 00351568 _____ C:\Users\adria\Downloads\vaICcEOiRZnO.128.mp3.sfk
2018-11-07 22:02 - 2018-11-07 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-06 14:06 - 2018-11-06 14:06 - 00051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-11-06 14:06 - 2018-11-06 14:06 - 00047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-11-06 14:06 - 2018-11-06 14:06 - 00047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-11-06 14:06 - 2018-11-06 14:06 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-10-31 14:20 - 2018-10-31 14:20 - 00000000 ____D C:\Users\adria\AppData\Local\Ubisoft
2018-10-31 13:14 - 2018-10-31 13:14 - 00000000 ____D C:\Users\adria\Documents\The Crew
2018-10-31 13:14 - 2018-10-31 13:14 - 00000000 ____D C:\Users\adria\Documents\ProfileCache
2018-10-30 23:54 - 2018-10-31 14:20 - 00000000 ____D C:\Users\adria\AppData\Local\Ubisoft Game Launcher
2018-10-30 23:54 - 2018-10-31 14:20 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2018-10-30 13:13 - 2018-10-30 13:13 - 00000000 ____D C:\Users\adria\AppData\LocalLow\BitTorrent
2018-10-29 22:31 - 2018-10-29 22:29 - 00110968 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-28 17:03 - 2018-04-12 00:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-28 16:59 - 2017-05-17 18:18 - 00000000 ____D C:\ProgramData\NVIDIA
2018-11-28 16:58 - 2018-07-10 20:56 - 00000000 ____D C:\Users\adria\Desktop\mfbot
2018-11-28 16:57 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2018-11-28 16:57 - 2017-08-06 13:36 - 00000000 ___RD C:\Users\adria\iCloudDrive
2018-11-28 14:35 - 2018-05-19 19:01 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-28 13:56 - 2018-04-12 00:38 - 00000000 ___HD C:\Program Files\WindowsApps
2018-11-28 13:54 - 2017-01-21 21:33 - 00000000 ____D C:\Users\adria\AppData\Local\CrashDumps
2018-11-28 13:52 - 2018-05-19 19:09 - 00003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1520951350
2018-11-28 13:52 - 2018-03-13 15:27 - 00000000 ____D C:\Program Files\Opera
2018-11-28 13:52 - 2017-06-30 21:24 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-11-27 21:22 - 2018-01-24 19:51 - 00000000 ____D C:\Users\adria\AppData\Local\Packages
2018-11-27 19:21 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-23 00:25 - 2017-02-18 11:48 - 00000000 ____D C:\Users\adria\AppData\Roaming\vlc
2018-11-21 07:04 - 2018-05-19 19:12 - 01689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-21 07:04 - 2018-04-12 16:51 - 00715034 _____ C:\WINDOWS\system32\perfh005.dat
2018-11-21 07:04 - 2018-04-12 16:51 - 00144328 _____ C:\WINDOWS\system32\perfc005.dat
2018-11-21 07:04 - 2018-04-12 00:36 - 00000000 ____D C:\WINDOWS\INF
2018-11-21 07:01 - 2018-04-12 00:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2018-11-21 06:57 - 2018-05-19 19:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-19 18:52 - 2017-01-22 11:56 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-18 19:11 - 2017-02-18 17:17 - 00000000 ____D C:\Users\adria\AppData\Roaming\Spotify
2018-11-17 00:00 - 2018-04-12 00:41 - 00834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-17 00:00 - 2018-04-12 00:41 - 00179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-16 23:43 - 2018-05-19 19:09 - 00003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2496206602-2472622645-179794546-1001
2018-11-16 23:43 - 2018-05-19 19:04 - 00002387 _____ C:\Users\adria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-16 23:43 - 2017-01-21 21:13 - 00000000 ___RD C:\Users\adria\OneDrive
2018-11-16 23:41 - 2018-01-12 22:03 - 00000000 ____D C:\Program Files\rempl
2018-11-16 00:24 - 2018-05-19 19:04 - 00000000 ____D C:\Users\adria
2018-11-15 20:51 - 2017-02-07 18:50 - 00000000 ____D C:\Users\adria\AppData\Local\SquirrelTemp
2018-11-14 20:48 - 2018-04-11 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-14 19:34 - 2018-05-19 19:01 - 04912096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-14 19:34 - 2017-12-24 16:43 - 00000000 ___RD C:\Users\adria\3D Objects
2018-11-14 19:34 - 2017-01-21 21:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-11-14 14:21 - 2018-04-12 16:52 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-11-14 14:21 - 2018-04-12 00:38 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-14 14:21 - 2018-04-12 00:38 - 00000000 ___SD C:\WINDOWS\system32\F12
2018-11-14 14:21 - 2018-04-12 00:38 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-14 14:21 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\TextInput
2018-11-14 14:21 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-14 14:21 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\ShellExperiences
2018-11-14 14:21 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2018-11-14 14:02 - 2017-01-21 22:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 14:00 - 2017-01-21 22:30 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-14 13:58 - 2018-04-12 00:34 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-11-14 13:58 - 2018-04-12 00:34 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-11-09 12:21 - 2018-09-02 16:58 - 356735169 _____ C:\Users\adria\Desktop\Untitled.mp4
2018-11-07 22:02 - 2018-07-26 20:02 - 00000000 ____D C:\Program Files (x86)\Dropbox
2018-11-02 11:34 - 2018-01-31 20:06 - 00000000 ____D C:\Users\adria\AppData\Local\PlaceholderTileLogoFolder
2018-11-01 13:30 - 2018-05-30 19:33 - 00003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2018-05-30 19:33 - 00003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2018-05-30 19:33 - 00003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2018-05-30 19:33 - 00003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2018-05-30 19:33 - 00003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2018-05-19 19:09 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2018-05-19 19:09 - 00004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2018-05-19 19:09 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2018-05-19 19:09 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2018-05-19 19:09 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2018-05-19 19:09 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-01 13:30 - 2017-05-17 18:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2018-11-01 13:30 - 2017-05-17 18:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2018-11-01 13:30 - 2017-05-17 18:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-11-01 13:30 - 2017-01-21 21:24 - 00000000 ____D C:\Users\adria\AppData\Local\NVIDIA Corporation
2018-10-31 20:26 - 2018-01-24 19:19 - 00188832 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-10-31 20:26 - 2018-01-24 19:19 - 00143448 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-10-31 20:26 - 2018-01-24 19:19 - 00109864 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-10-31 20:26 - 2018-01-24 19:19 - 00107896 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2018-10-31 20:26 - 2018-01-24 19:19 - 00082304 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2018-10-31 20:26 - 2018-01-24 19:19 - 00050144 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2018-10-30 20:08 - 2017-08-17 12:06 - 00000000 ____D C:\Program Files\Java
2018-10-30 14:40 - 2017-02-03 23:31 - 00000000 ____D C:\Users\adria\AppData\Roaming\BitTorrent
2018-10-29 22:31 - 2017-08-17 11:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-10-29 22:31 - 2017-08-17 11:59 - 00000000 ____D C:\Program Files (x86)\Java
2018-10-29 22:29 - 2017-12-09 10:12 - 00110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-10-29 22:29 - 2017-08-17 11:59 - 00098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-10-29 00:14 - 2018-05-26 10:33 - 00000000 ____D C:\Users\adria\AppData\Local\D3DSCache
2018-10-29 00:13 - 2017-02-02 22:30 - 00000000 ____D C:\Program Files\Rockstar Games
2018-10-29 00:13 - 2017-02-02 22:30 - 00000000 ____D C:\Program Files (x86)\Rockstar Games

==================== Files in the root of some directories =======

2017-04-08 08:50 - 2018-09-20 10:42 - 0000132 _____ () C:\Users\adria\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-07-30 21:27 - 2018-07-30 21:29 - 1065984 _____ () C:\Users\adria\AppData\Local\file__0.localstorage
2018-09-29 20:15 - 2018-09-29 20:15 - 0000000 _____ () C:\Users\adria\AppData\Local\oobelibMkey.log
2017-05-17 18:18 - 2017-05-17 18:18 - 0000000 _____ () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-19 19:01

==================== End of FRST.txt ============================

#4 Příspěvek od **Rudy** » 28 lis 2018 17:23

Teď spusťte tuto utiltu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Sauryy · #5 Příspěvek od **Sauryy** » 29 lis 2018 07:11

Zasílám log z adw

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build:    11-26-2018
# Database: 2018-11-26.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-29-2018
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

Deleted       Updater

***** [ Folders ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PP??5.0
Deleted       C:\Program Files (x86)\PP??5.0
Deleted       C:\Users\adria\AppData\Roaming\vShare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1460 octets] - [29/11/2018 07:09:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#6 Příspěvek od **Rudy** » 29 lis 2018 10:34

Dejte nové logy FRST+Addition.

Sauryy · #7 Příspěvek od **Sauryy** » 29 lis 2018 16:40

Zasílám vám logy v ZIPu, je to moc dlouhé, předem díky moc za výpomoc!

#8 Příspěvek od **Rudy** » 29 lis 2018 17:09

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\MountPoints2: {0ed15ead-880e-11e8-831f-d8cb8ac65195} - "L:\autorun.exe"
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\MountPoints2: {ceacc57c-ea45-11e6-82b1-d8cb8ac65195} - "K:\autorun.exe"
GroupPolicy: Restriction <======= ATTENTION
C:\ProgramData\DP45977C.lfl
Task: {6A4CCDF6-A766-409D-B265-777B931E4CE4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {83837E7D-7C17-417E-85A2-0807206120ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-22] (Google Inc.)
Task: {770ABC95-D63E-4E76-86F0-B506FA787CF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-22] (Google Inc.)
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
FirewallRules: [{59DC2156-B2EA-4340-877E-6E18D44DED0D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{30FF9964-336A-402E-A078-E36D7E6196C8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FE9570FD-1DCF-4B45-8F93-FCEF01298544}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F5950CB8-1021-4CB0-AE17-32A712B8E0F5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Sauryy · #9 Příspěvek od **Sauryy** » 30 lis 2018 22:27

Zasílám vám fixlog

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by adria (30-11-2018 22:25:05) Run:1
Running from C:\Users\adria\Desktop
Loaded Profiles: adria (Available Profiles: defaultuser0 & adria)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\MountPoints2: {0ed15ead-880e-11e8-831f-d8cb8ac65195} - "L:\autorun.exe" 
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\...\MountPoints2: {ceacc57c-ea45-11e6-82b1-d8cb8ac65195} - "K:\autorun.exe" 
GroupPolicy: Restriction <======= ATTENTION
C:\ProgramData\DP45977C.lfl
Task: {6A4CCDF6-A766-409D-B265-777B931E4CE4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {83837E7D-7C17-417E-85A2-0807206120ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-22] (Google Inc.)
Task: {770ABC95-D63E-4E76-86F0-B506FA787CF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-22] (Google Inc.)
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
FirewallRules: [{59DC2156-B2EA-4340-877E-6E18D44DED0D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{30FF9964-336A-402E-A078-E36D7E6196C8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FE9570FD-1DCF-4B45-8F93-FCEF01298544}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F5950CB8-1021-4CB0-AE17-32A712B8E0F5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ed15ead-880e-11e8-831f-d8cb8ac65195} => key removed successfully
HKCR\CLSID\{0ed15ead-880e-11e8-831f-d8cb8ac65195} => key not found. 
HKU\S-1-5-21-2496206602-2472622645-179794546-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ceacc57c-ea45-11e6-82b1-d8cb8ac65195} => key removed successfully
HKCR\CLSID\{ceacc57c-ea45-11e6-82b1-d8cb8ac65195} => key not found. 
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A4CCDF6-A766-409D-B265-777B931E4CE4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A4CCDF6-A766-409D-B265-777B931E4CE4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83837E7D-7C17-417E-85A2-0807206120ED} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83837E7D-7C17-417E-85A2-0807206120ED} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{770ABC95-D63E-4E76-86F0-B506FA787CF7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{770ABC95-D63E-4E76-86F0-B506FA787CF7} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully.
C:\Users\Public\AppData => ":CSM" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{59DC2156-B2EA-4340-877E-6E18D44DED0D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{30FF9964-336A-402E-A078-E36D7E6196C8} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE9570FD-1DCF-4B45-8F93-FCEF01298544} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F5950CB8-1021-4CB0-AE17-32A712B8E0F5} => value removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 189197947 B
Java, Flash, Steam htmlcache => 106544676 B
Windows/system/drivers => 29428220 B
Edge => 3174398 B
Chrome => 353127897 B
Firefox => 0 B
Opera => 401188239 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 38788 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
defaultuser0 => 0 B
adria => 117792249 B

RecycleBin => 7992144652 B
EmptyTemp: => 8.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:25:36 ====

#10 Příspěvek od **Rudy** » 01 pro 2018 11:08

Smazáno. Nastala nějaká změna?

Sauryy · #11 Příspěvek od **Sauryy** » 01 pro 2018 11:26

Stále všechno stejné ted eset hlasí systemcall.exe nějaký virus asi :/
ve správci uloh je vytiženo na 80-100%
nachází se w C:/windows systemcall.exe 32bit..
ale zvláštní, že ho můžu normálně vypnout přes správce uloh a pak je vytíženo na 10-15%

#12 Příspěvek od **Rudy** » 01 pro 2018 12:22

OK Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu uložta, spusťte, nechte pracovat a po skončení akce smažte vše, co najde.

prqyl · #13 Příspěvek od **prqyl** » 01 pro 2018 18:18

kamaráde mám úplně stejný problém, vyřešil jsi to už?

#14 Příspěvek od **Rudy** » 01 pro 2018 18:56

2prqyl: Založe si, prosím vlastní topic a nevstupujte do cizího. Děkuji.

Sauryy · #15 Příspěvek od **Sauryy** » 01 pro 2018 19:31

Zdravím! tak úspěšně odstraněno! moc vám děkuju

Cením si toho

Klidně mužete lock

VIRY.CZ

Trojský Kůň

Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň

Re: Trojský Kůň