Moc prosím o kontrolu logu

[Bubenak1]

Dobrý den,
v poslední době se setkávám s "FPS záseky" v mém PC, může to být i hardwarový problém ale budu vděčný , kdybychom nejprve vyloučili že softwarem to není. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by dbube at 2019-02-17 16:31:25
Microsoft Windows 10 Home
System drive C: has 40 GB (35%) free of 114 GB
Total RAM: 16327 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:31:30, on 17.02.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Users\dbube\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\trend micro\dbube.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [uTorrent] "C:\Users\dbube\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Global Startup: Steam.lnk = C:\Program Files (x86)\Steam\Steam.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 7471 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS

c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe" /StartService
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc

c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files\rempl\sedsvc.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\WINDOWS\system32\AUDIODG.EXE 0x5ec
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts

winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" gpureading
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\dbube\AppData\Roaming\uTorrent\utorrent.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\dbube\AppData\Local\Steam\htmlcache" "-steampid=12052" "-buildid=1549129917" "-steamid=0" "-steamuniverse=Dev" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-out-of-process-pac --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-features=TouchpadAndWheelScrollLatching,AsyncWheelEvents --enable-media-stream --disable-smooth-scrolling --num-raster-threads=4 --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\dbube\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1549129917 --initial-client-data=0x2f0,0x2f4,0x2f8,0x2ec,0x2fc,0x7fffdbd11f78,0x7fffdbd11f88,0x7fffdbd11f98
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --lang=cs-CZ --buildid=1549129917 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --lang=cs-CZ --buildid=1549129917 --steamid=0 --service-request-channel-token=18543F306ABE6EDCD2271DE04C4BE82E --mojo-platform-channel-handle=1204 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=92C7A33B2D064B41863AD44508E396F4 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --buildid=1549129917 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=92C7A33B2D064B41863AD44508E396F4 --renderer-client-id=3 --mojo-platform-channel-handle=1948 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=03B1D808564AB8C3C3216F6A1FD92C0B --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --buildid=1549129917 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=03B1D808564AB8C3C3216F6A1FD92C0B --renderer-client-id=4 --mojo-platform-channel-handle=2412 /prefetch:1
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\dbube\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\dbube\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=72.0.3626.109 --initial-client-data=0x1d4,0x1d8,0x1dc,0x1d0,0x1e0,0x7ffff05e5510,0x7ffff05e5520,0x7ffff05e5530
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=11284 --on-initialized-event-handle=676 --parent-handle=680 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1564,17663797404598946448,15354636322668067978,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=17052958161338917094 --mojo-platform-channel-handle=1620 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1564,17663797404598946448,15354636322668067978,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=17674387406947076707 --mojo-platform-channel-handle=2000 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564,17663797404598946448,15354636322668067978,131072 --service-pipe-token=4203327567649138399 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4203327567649138399 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3132 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564,17663797404598946448,15354636322668067978,131072 --service-pipe-token=8038114546549322231 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8038114546549322231 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564,17663797404598946448,15354636322668067978,131072 --service-pipe-token=7235831439577375159 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7235831439577375159 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564,17663797404598946448,15354636322668067978,131072 --service-pipe-token=1220513309667120372 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1220513309667120372 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564,17663797404598946448,15354636322668067978,131072 --service-pipe-token=7622900755315789335 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7622900755315789335 --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6936 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564,17663797404598946448,15354636322668067978,131072 --service-pipe-token=7555570004831221827 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7555570004831221827 --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6976 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1564,17663797404598946448,15354636322668067978,131072 --service-pipe-token=15137515403046814663 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15137515403046814663 --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6900 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe117_ Global\UsGthrCtrlFltPipeMssGthrPipe117 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 760 764 772 8192 768
"C:\Users\dbube\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\dbube\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-02-17 16:31:25 ----D---- C:\rsit
2019-02-17 16:31:25 ----D---- C:\Program Files\trend micro
2019-02-15 13:07:01 ----SHD---- C:\Config.Msi
2019-02-13 16:34:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-13 16:34:30 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-13 16:34:27 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-02-13 16:34:27 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-02-13 16:34:23 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-02-13 16:34:23 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-02-13 16:34:23 ----A---- C:\WINDOWS\system32\wininet.dll
2019-02-13 16:34:23 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-02-13 16:34:22 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-02-13 16:34:22 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-02-13 16:34:21 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-02-13 16:34:21 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-13 16:34:21 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-02-13 16:34:20 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-13 16:34:20 ----A---- C:\WINDOWS\system32\cdp.dll
2019-02-13 16:34:19 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-02-13 16:34:19 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-02-13 16:34:19 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-13 16:34:18 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-02-13 16:34:18 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-02-13 16:34:18 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-13 16:34:18 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-13 16:34:18 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-02-13 16:34:18 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-02-13 16:34:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2019-02-13 16:34:17 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-02-13 16:34:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-02-13 16:34:16 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2019-02-13 16:34:16 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-02-13 16:34:16 ----A---- C:\WINDOWS\system32\smartscreen.exe
2019-02-13 16:34:16 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-02-13 16:34:16 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-02-13 16:34:16 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-02-13 16:34:16 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-02-13 16:34:15 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-02-13 16:34:15 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-02-13 16:34:15 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-02-13 16:34:15 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-02-13 16:34:15 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2019-02-13 16:34:15 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-13 16:34:15 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-13 16:34:15 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-02-13 16:34:15 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-02-13 16:34:15 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-02-13 16:34:15 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-13 16:34:14 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\svchost.exe
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\StorSvc.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\rmclient.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-13 16:34:14 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\svchost.exe
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\wldp.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\winresume.exe
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\winload.exe
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\msi.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-13 16:34:13 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\mfps.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\hal.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2019-02-13 16:34:12 ----A---- C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-13 16:34:12 ----A---- C:\WINDOWS\HelpPane.exe
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\spacebridge.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\NtlmShared.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\npmproxy.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\SYSWOW64\CapabilityAccessManagerClient.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\wuuhext.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\srpapi.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\spacebridge.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\smss.exe
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\npmproxy.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\itss.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-02-13 16:34:11 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll

======List of files/folders modified in the last 1 month======

2019-02-17 16:31:30 ----D---- C:\WINDOWS\Temp
2019-02-17 16:31:25 ----RD---- C:\Program Files
2019-02-17 16:27:24 ----D---- C:\Users\dbube\AppData\Roaming\uTorrent
2019-02-17 16:26:59 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-02-17 16:25:32 ----D---- C:\WINDOWS\Prefetch
2019-02-17 16:25:24 ----D---- C:\WINDOWS\system32\catroot2
2019-02-17 16:20:26 ----D---- C:\ProgramData\NVIDIA
2019-02-17 16:19:51 ----D---- C:\Program Files (x86)\Steam
2019-02-17 16:16:00 ----D---- C:\WINDOWS\system32\sru
2019-02-17 11:12:58 ----D---- C:\WINDOWS\AppReadiness
2019-02-17 11:12:57 ----HD---- C:\Program Files\WindowsApps
2019-02-16 10:24:03 ----D---- C:\WINDOWS\system32\SleepStudy
2019-02-16 10:07:56 ----D---- C:\WINDOWS\Logs
2019-02-16 10:04:19 ----RD---- C:\WINDOWS\Microsoft.NET
2019-02-16 10:04:02 ----RSD---- C:\WINDOWS\assembly
2019-02-16 10:02:37 ----D---- C:\WINDOWS\system32\LogFiles
2019-02-16 10:02:15 ----D---- C:\WINDOWS\system32\config
2019-02-16 09:34:00 ----D---- C:\WINDOWS\System32
2019-02-16 09:34:00 ----D---- C:\WINDOWS\INF
2019-02-16 09:34:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-15 13:07:52 ----D---- C:\WINDOWS\CbsTemp
2019-02-15 13:07:51 ----D---- C:\WINDOWS\WinSxS
2019-02-15 13:07:51 ----D---- C:\WINDOWS\SysWOW64
2019-02-15 13:07:15 ----SHDC---- C:\WINDOWS\Installer
2019-02-15 13:07:13 ----D---- C:\Program Files\rempl
2019-02-14 12:34:41 ----D---- C:\WINDOWS\system32\DriverStore
2019-02-14 12:34:34 ----D---- C:\WINDOWS\system32\drivers
2019-02-13 17:26:33 ----SD---- C:\WINDOWS\SYSWOW64\F12
2019-02-13 17:26:33 ----SD---- C:\WINDOWS\system32\F12
2019-02-13 17:26:33 ----RD---- C:\Program Files\Windows Defender
2019-02-13 17:26:33 ----D---- C:\WINDOWS\TextInput
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\zu-ZA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\yo-NG
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\xh-ZA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\wo-SN
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\tn-ZA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\ti-ET
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\rw-RW
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\nso-ZA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\migration
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\ig-NG
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\cs-CZ
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\Boot
2019-02-13 17:26:33 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-02-13 17:26:33 ----D---- C:\WINDOWS\ShellExperiences
2019-02-13 17:26:33 ----D---- C:\WINDOWS\bcastdvr
2019-02-13 17:26:33 ----D---- C:\WINDOWS\apppatch
2019-02-13 17:26:33 ----D---- C:\Windows
2019-02-13 17:26:33 ----D---- C:\Program Files\internet explorer
2019-02-13 17:26:33 ----D---- C:\Program Files (x86)\Internet Explorer
2019-02-13 16:34:00 ----D---- C:\WINDOWS\system32\MRT
2019-02-13 16:33:03 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-02-10 15:19:27 ----D---- C:\WINDOWS\system32\Tasks
2019-02-08 17:32:10 ----D---- C:\ProgramData\Packages
2019-02-02 23:53:16 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-01-24 13:57:35 ----D---- C:\WINDOWS\system32\drivers\wd

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2017-06-07 138296]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2018-12-08 82432]
R3 Hamachi;@oem41.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2018-11-23 45680]
R3 MEIx64;@oem31.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-01-19 202032]
R3 NVHDA;@oem40.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2018-10-12 227856]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f4187dc256a67a6b\nvlddmkm.sys [2018-10-12 20337064]
R3 nvoclk64;@oem29.inf,%NVRing0.SVCDESC%;NVIDIA Enthusiasts Platform KDM; C:\WINDOWS\system32\DRIVERS\nvoclk64.sys [2009-09-15 42088]
R3 nvvhci;@oem38.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-08-21 65792]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-04-12 604160]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 48544]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;@oem0.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 DM150Drv;DM150Drv; C:\WINDOWS\System32\drivers\DM150Drv.sys [2010-07-30 24312]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-02-06 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-05-20 31200]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2018-01-24 468752]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-02-06 945680]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2016-12-21 40240]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S3 ss_conn_usb_driver;SAMSUNG Mobile USB Connectivity Device Driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [2014-01-22 26368]
S3 ssudcdf;SAMSUNG Mobile Mode Changer Device; C:\WINDOWS\System32\drivers\ssudcdf.sys [2014-01-22 36608]
S3 ssuddmgr;SAMSUNG Mobile USB Device Management Serial Port(DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssuddmgr.sys [2014-01-22 206080]
S3 ssudmdm;@oem1.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudobex.sys [2014-01-22 206080]
S3 ssudqcfilter;SAMSUNG Mobile USB QCRMNET Filter Driver; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [2016-09-05 64640]
S3 ssudrmnet;SAMSUNG Mobile USB RMNET Drivers; C:\WINDOWS\System32\drivers\ssudrmnet.sys [2014-01-22 70400]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudserd.sys [2014-01-22 206080]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_2756a24;Uživatelská služba platformy připojených zařízení_2756a24; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 nTuneService;Performance Service; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [2011-09-19 278336]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-10-10 767016]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-05-20 630240]
R2 OneSyncSvc_2756a24;Hostitel synchronizace_2756a24; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-02-13 332088]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2019-02-02 1690400]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-28 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_2756a24;Uživatelská služba pro GameDVR a vysílání her_2756a24; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_2756a24;Služba pro podporu uživatelů Bluetooth_2756a24; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_2756a24;DevicePicker_2756a24; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_2756a24;Tok zařízení_2756a24; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-12-15 802432]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-25 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\elevation_service.exe [2019-02-13 1271280]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-28 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_2756a24;Služba zasílání zpráv_2756a24; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2018-10-25 2269504]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PimIndexMaintenanceSvc_2756a24;Data kontaktů_2756a24; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_2756a24;PrintWorkflow_2756a24; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2018-11-23 3364808]
S4 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-05-27 419248]
S4 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2018-10-25 3130184]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-10 495616]

-----------------EOF-----------------

[Diallix]

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

[Bubenak1]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-15.6 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-17-2019
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1286 octets] - [17/02/2019 17:51:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Diallix]

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

[Bubenak1]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.02.2019
Ran by dbube (17-02-2019 18:33:32)
Running from C:\Users\dbube\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-05-25 08:35:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4246267622-4105470206-3163352383-500 - Administrator - Disabled)
dbube (S-1-5-21-4246267622-4105470206-3163352383-1001 - Administrator - Enabled) => C:\Users\dbube
DefaultAccount (S-1-5-21-4246267622-4105470206-3163352383-503 - Limited - Disabled)
Guest (S-1-5-21-4246267622-4105470206-3163352383-501 - Limited - Disabled)
SERVIS (S-1-5-21-4246267622-4105470206-3163352383-1003 - Limited - Enabled) => C:\Users\SERVIS
Vlasta Petrová (S-1-5-21-4246267622-4105470206-3163352383-1002 - Administrator - Enabled) => C:\Users\Vlasta Petrová
WDAGUtilityAccount (S-1-5-21-4246267622-4105470206-3163352383-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

8GadgetPack (HKLM-x32\...\{E6BA0C10-856E-452A-954C-85F41072385F}) (Version: 25.0.0 - 8GadgetPack.net)
AIDA64 Extreme v5.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.92 - FinalWire Ltd.)
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
Creative Photos 1.7.0.0 (HKLM-x32\...\Creative Photos) (Version: 1.7.0.0 - Imaxel Labs S.L)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.34 - NVIDIA Corporation) Hidden
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Geeks3D FurMark 1.20.0.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.109 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.0.0.11" - Rockstar Games)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.20 - PandoraTV)
Microsoft OneDrive (HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.34 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM-x32\...\{FAB43061-FEFB-46E8-A159-96710395DB5E}) (Version: 3.2.9505 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 10.5.30.15625 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.34 - NVIDIA Corporation) Hidden
PCMark 7 (HKLM-x32\...\{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}) (Version: 1.4.0 - Futuremark)
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd)
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Sims 4 v.1.40.61.1020 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4246267622-4105470206-3163352383-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\dbube\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4246267622-4105470206-3163352383-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\dbube\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4246267622-4105470206-3163352383-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Users\dbube\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter_V2.4.gadget\GPUStatusReader.dll (AddGadgets IT -> Orbmu2k)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO 7.0 + Serial Key\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\winrar 4.20 32 - 64 bit cz sk\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\winrar 4.20 32 - 64 bit cz sk\rarext32.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO 7.0 + Serial Key\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO 7.0 + Serial Key\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => D:\Programy\RevoUninstaler Pro 3.1.9\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\winrar 4.20 32 - 64 bit cz sk\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\winrar 4.20 32 - 64 bit cz sk\rarext32.dll [2012-06-09] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03C32B1A-D8B4-42EF-89F7-FD01724A15AE} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D8C11F6-6DFE-4D9A-9D0D-22D4210E2AC4} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32581A7A-53AB-4834-899E-CA6F48E5C40C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {420F8AD8-5AE9-4D4C-BBC7-16A06550B9B6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4E38D107-3270-437C-B828-2422341F0A3C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5759EE00-5F38-4EE9-996F-8C006CEB7938} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A4E21B7-4007-4D73-9601-F1732F59A613} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7AAD4ED6-55B7-41DE-978F-44C78E67DBFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {91293FC9-4BCB-47E0-8F84-27F6B1C14E74} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99D10639-FE96-4697-9CA3-51DA51106D93} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C9956062-21B2-424B-91B2-6BE0CFEA31A9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C99E9A30-A8AE-45F9-B4F7-B4B408B8BD92} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBB3C0E2-E3CC-4D36-B557-7C95264088A9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E0E6C12C-A3E2-41D5-93FF-0BFA7ECD0DAB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1D5221F-8E65-461F-85E3-04B75D12219D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F7B7BD2F-992E-4C8E-8D4B-FAA9F35C68CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-23 13:59 - 2018-10-11 00:10 - 000154152 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-05-24 12:13 - 2018-05-20 18:36 - 001315296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 11:45 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-02-13 16:34 - 2019-02-06 03:25 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-10 18:12 - 2018-07-10 18:13 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-09-12 11:36 - 2018-12-06 00:47 - 001066784 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-09-12 11:36 - 2018-11-20 01:56 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-09-12 11:36 - 2018-11-20 01:56 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-09-12 11:36 - 2018-11-20 01:56 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2019-02-15 18:01 - 2019-02-13 06:14 - 005186032 _____ () C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\libglesv2.dll
2019-02-15 18:01 - 2019-02-13 06:14 - 000117232 _____ () C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\libegl.dll
2018-09-08 13:01 - 2018-12-06 00:47 - 000885536 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-09-08 13:01 - 2019-02-02 18:33 - 002667296 _____ () C:\Program Files (x86)\Steam\video.dll
2018-09-08 13:01 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-09-08 13:01 - 2018-11-05 19:53 - 000810784 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-09-08 13:01 - 2018-11-05 19:53 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-09-08 13:01 - 2018-11-05 19:53 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-09-08 13:01 - 2018-11-05 19:53 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-09-08 13:01 - 2018-11-05 19:53 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-09-08 13:01 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-09-08 13:01 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-09-08 13:01 - 2019-02-02 18:33 - 001031456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-09-08 13:01 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\dbube\Desktop\nem1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\nem1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\nem2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\nem2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\zadost.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\zadost.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-02-28 11:26 - 2018-02-28 11:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dbube\Desktop\artsfon.com-70424.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F98A9A2B-4F9A-4B54-AA57-E90CFAFCA046}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7422578B-FBDF-450C-A739-1B5AF8FE69CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D3752A12-882E-4C1A-89F0-A8DD511FE1EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{423B6151-600D-4DE4-BE97-90EF6BB0E9E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{53EC42DA-DC36-4819-93BE-11D6D24C04C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A79D3CB-B772-4BED-A4DA-89718ACF547E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23D62AD2-A8BD-4139-9FF9-B10410E45687}] => (Allow) D:\Hry\GTA V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{4CA8B9AB-2EF4-4CA7-B970-E52C64DA8C48}] => (Allow) D:\Hry\GTA V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{97E0D723-D1B4-409C-B312-387D2D203194}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{A92BF7BF-C9E5-4BE4-9B43-E4060F891A17}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [{CC56BFAD-CB9A-43BB-86CB-B3AA64D0FB71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{46F23AEF-A775-4619-99B8-C54A96D09A59}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F862EBE6-B82D-441E-A926-E6C65E1084F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{89E9228D-6080-4F62-B92F-0EC97A4DBA80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AE924D6B-E43E-4B88-A27E-8753BCBDE85C}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc)
FirewallRules: [{5FFD50B5-3F72-4737-9A54-04503449C8EF}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc)
FirewallRules: [{842F68FB-6878-45D5-9186-3FE5798D06DC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{596105DB-BBB5-48C5-9975-431E6AA6FD2F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{E362628D-2CD2-4C6E-820A-0CA5F52FA1F8}C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe] => (Allow) C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe No File
FirewallRules: [UDP Query User{170F6B3D-830F-49FA-9F21-B55176B7A539}C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe] => (Allow) C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe No File
FirewallRules: [{EE0CCDD2-BFE9-4EE8-AFA2-4D8786572BBC}] => (Allow) D:\Hry\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8843713A-BCDB-4DC9-83A7-F597796D476A}] => (Allow) D:\Hry\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{57CE7DD6-5BC5-43F1-9A16-570B184CE367}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{A4356269-C2CA-4F28-A29B-C5B595A19AB0}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{F30BD745-6A82-41FD-97A3-C1E0A362A616}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{D525F9E3-B21D-4B02-A237-69A5E1832189}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{183DC45A-A8AF-4007-BE8C-8D820F392264}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc)
FirewallRules: [{667AE03F-BF87-48E8-A2F1-9D4D95907E8B}] => (Allow) D:\Hry\Rocket League + DLC\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc)
FirewallRules: [{69541345-E3E9-47AC-9C1A-361D1E2AA408}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0F515C03-BD80-49D5-8FF7-8149142D6C6A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AC667925-C26E-4B42-AB38-D536062C70D8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{716FD513-F132-4C8E-8031-3656AE64D745}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02EC745F-61A4-45C5-A30B-3414F5C03187}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45B9DF83-D10F-42D5-A85F-3DCEF0A14C4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49B0735B-BBD9-475A-9840-30F0374712BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7649D774-C153-4E33-BEAE-9EB7ED40DA1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2519B9F3-87E4-499B-9519-436662B3F258}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/17/2019 05:51:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17134.285, časové razítko: 0x40f0d4bd
Kód výjimky: 0xc000041d
Posun chyby: 0x000063d7
ID chybujícího procesu: 0x31b4
Čas spuštění chybující aplikace: 0x01d4c6d40e83dddb
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: be6477ba-7f8e-46db-986d-83f2eed30982
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/17/2019 04:25:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x5c0ea689
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xadca2670
Kód výjimky: 0x00000001
Posun chyby: 0x001118a2
ID chybujícího procesu: 0x31d4
Čas spuštění chybující aplikace: 0x01d4c6d430253e67
Cesta k chybující aplikaci: D:\Hry\Rocket League + DLC\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 50078fd0-cabd-44c5-a8b9-8e2d28172907
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2019 11:30:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.17134.1, časové razítko: 0x5ace103a
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17134.137, časové razítko: 0xb5d50228
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000009cad5
ID chybujícího procesu: 0x4350
Čas spuštění chybující aplikace: 0x01d4b886bcb1ce3a
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: c9fb4992-b326-43b6-870a-bd38d65eb5e0
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (01/18/2019 05:11:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GTA5.exe verze 1.0.1604.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 196c

Čas spuštění: 01d4af47ccbbf89e

Čas ukončení: 4294967295

Cesta k aplikaci: D:\Hry\GTA V\GTA5.exe

ID hlášení: 5501ea28-3e3f-4374-918b-41292f9ecda9

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (01/18/2019 05:06:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GTA5.exe verze 1.0.1604.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1638

Čas spuštění: 01d4af46f27f7908

Čas ukončení: 4294967295

Cesta k aplikaci: D:\Hry\GTA V\GTA5.exe

ID hlášení: 99d599a4-6721-4988-96bb-2ab93e82e789

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (01/17/2019 02:38:46 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Produkt: Update for Windows 10 for x64-based Systems (KB4023057) - A later version of Update for Windows 10 for x64-based Systems (KB4023057) is already installed. Setup will now exit.

Error: (01/14/2019 09:08:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17134.165 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 34a8

Čas spuštění: 01d4abd5c703f343

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 9dd2dbaa-a531-4efb-8244-a47f42eb0a97

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (01/05/2019 03:35:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DMGR2.0.6_0K0M0P1I1T2U1P1C1V0U1E1Q1T2Z1P1V0I1G1B2Z1T1I1I1P1C2.0., verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: ntdll.dll, verze: 10.0.17134.471, časové razítko: 0xfe852bc4
Kód výjimky: 0xc0000005
Posun chyby: 0x00023269
ID chybujícího procesu: 0x1a10
Čas spuštění chybující aplikace: 0x01d4a5028427dfdc
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Temp\DMGR2.0.6\DMGR2.0.6_0K0M0P1I1T2U1P1C1V0U1E1Q1T2Z1P1V0I1G1B2Z1T1I1I1P1C2.0.6.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 4c5dc1e3-43d6-4f5b-adad-4ec319db7cc9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/17/2019 06:01:35 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (02/17/2019 05:54:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/17/2019 05:54:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/17/2019 05:52:51 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TA659B5)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-TA659B5\dbube (SID: S-1-5-21-4246267622-4105470206-3163352383-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/17/2019 05:52:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TA659B5)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-TA659B5\dbube (SID: S-1-5-21-4246267622-4105470206-3163352383-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/17/2019 05:51:56 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TA659B5)
Description: Server Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy!App se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/17/2019 05:51:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (02/17/2019 05:51:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2019-01-19 14:44:36.266
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {91000966-467C-4205-BF47-1367686584CC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-12-31 13:48:41.332
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7E3C79DE-C126-4DC9-8772-AB8939E841BD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-TA659B5\dbube

Date: 2018-12-25 11:32:21.560
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {5D8BE3C5-0FA9-4814-A705-FFBC298481E7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 16%
Total physical RAM: 16326.65 MB
Available physical RAM: 13639.78 MB
Total Virtual: 18758.65 MB
Available Virtual: 14611.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.15 GB) (Free:38.74 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:1113.99 GB) NTFS

\\?\Volume{b2b6ce9f-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
\\?\Volume{b2b6ce9f-0000-0000-0000-60d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: B2B6CE9F)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B2B6CE97)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.02.2019
Ran by dbube (administrator) on DESKTOP-TA659B5 (17-02-2019 18:32:50)
Running from C:\Users\dbube\Desktop
Loaded Profiles: dbube (Available Profiles: dbube & Vlasta Petrová & SERVIS)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(BitTorrent, Inc.) C:\Users\dbube\AppData\Roaming\uTorrent\utorrent.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Users\dbube\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\...\Run: [uTorrent] => C:\Users\dbube\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (uTorrent.CZ -> BitTorrent, Inc.)
HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\...\MountPoints2: F - "F:\setup.exe"
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\Installer\chrmstp.exe [2019-02-15] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Steam.lnk [2019-01-30]
ShortcutTarget: Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Startup: C:\Users\Vlasta Petrová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2018-03-02]
ShortcutTarget: OpenOffice.org 3.2.lnk -> D:\Programy\Open Office\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{0811e93f-3cb3-4626-9f64-bac57f348d17}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default [2019-02-17]
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-28]
CHR Extension: (Dokumenty) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-28]
CHR Extension: (Disk Google) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-28]
CHR Extension: (YouTube) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-25]
CHR Extension: (Adblock na Youtube™) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-09-17]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-10]
CHR Extension: (Gmail) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-28]
CHR Extension: (Chrome Media Router) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2018-12-15] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA Corporation -> NVIDIA)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2269504 2018-10-25] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3130184 2018-10-25] (Electronic Arts, Inc. -> Electronic Arts)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-24] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 DM150Drv; C:\WINDOWS\System32\drivers\DM150Drv.sys [24312 2010-07-30] (Pitney Bowes -> Pitney Bowes)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2018-11-23] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f4187dc256a67a6b\nvlddmkm.sys [20337064 2018-10-12] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvoclk64; C:\WINDOWS\system32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corporation -> NVIDIA Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31200 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-08-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-17 18:32 - 2019-02-17 18:33 - 000013158 _____ C:\Users\dbube\Desktop\FRST.txt
2019-02-17 18:32 - 2019-02-17 18:32 - 002434560 _____ (Farbar) C:\Users\dbube\Desktop\FRST64.exe
2019-02-17 18:32 - 2019-02-17 18:32 - 000000000 ____D C:\FRST
2019-02-17 17:51 - 2019-02-17 17:51 - 000000000 ____D C:\AdwCleaner
2019-02-17 17:50 - 2019-02-17 17:50 - 007316688 _____ (Malwarebytes) C:\Users\dbube\Desktop\adwcleaner_7.2.7.0.exe
2019-02-17 16:31 - 2019-02-17 16:31 - 001222144 _____ C:\Users\dbube\Desktop\RSITx64.exe
2019-02-17 16:31 - 2019-02-17 16:31 - 000000000 ____D C:\rsit
2019-02-17 16:31 - 2019-02-17 16:31 - 000000000 ____D C:\Program Files\trend micro
2019-02-16 10:24 - 2019-02-16 10:43 - 000000000 ____D C:\Users\Vlasta Petrová\Desktop\Terry 1-12m
2019-02-13 16:34 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-13 16:34 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-13 16:34 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-13 16:34 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-13 16:34 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-13 16:34 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-13 16:34 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-13 16:34 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-13 16:34 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-13 16:34 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-13 16:34 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-13 16:34 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-13 16:34 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-13 16:34 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-13 16:34 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-13 16:34 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-13 16:34 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-13 16:34 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-13 16:34 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-13 16:34 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-13 16:34 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-13 16:34 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-13 16:34 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-13 16:34 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-13 16:34 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-13 16:34 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-13 16:34 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-13 16:34 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-13 16:34 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-13 16:34 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-13 16:34 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-13 16:34 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-13 16:34 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-13 16:34 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-13 16:34 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-13 16:34 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 16:34 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-13 16:34 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-13 16:34 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-13 16:34 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-13 16:34 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-13 16:34 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-13 16:34 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-13 16:34 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-13 16:34 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-13 16:34 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-13 16:34 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-13 16:34 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-13 16:34 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-13 16:34 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-13 16:34 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-13 16:34 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-13 16:34 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-13 16:34 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-13 16:34 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-13 16:34 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-13 16:34 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-13 16:34 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-13 16:34 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-13 16:34 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-13 16:34 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-13 16:34 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-13 16:34 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-13 16:34 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-13 16:34 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-13 16:34 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 16:34 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-13 16:34 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-13 16:34 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 16:34 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-13 16:34 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-13 16:34 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-13 16:34 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-13 16:34 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-13 16:34 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-13 16:34 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-13 16:34 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-13 16:34 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-13 16:34 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-13 16:34 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-13 16:34 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-13 16:34 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-13 16:34 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-13 16:34 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-13 16:34 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-13 16:34 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-13 16:34 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-13 16:34 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-13 16:34 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-13 16:34 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-13 16:34 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-13 16:34 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-13 16:34 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-13 16:34 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-13 16:34 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-13 16:34 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-13 16:34 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-13 16:34 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-13 16:34 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-13 16:34 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-13 16:34 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-13 16:34 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-13 16:34 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-13 16:34 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-13 16:34 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-13 16:34 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-13 16:34 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-13 16:34 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-13 16:34 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-13 16:34 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-13 16:34 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-13 16:34 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-13 16:34 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-13 16:34 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-13 16:34 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-13 16:34 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-13 16:34 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-13 16:34 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-13 16:34 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-13 16:34 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-13 16:34 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-13 16:34 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-13 16:34 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-13 16:34 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-13 16:34 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-13 16:34 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-13 16:34 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-13 16:34 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-13 16:34 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 16:34 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-13 16:34 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-13 16:34 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-13 16:34 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 16:34 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-13 16:34 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 16:34 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-13 16:34 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-13 16:34 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-13 16:34 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-13 16:34 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-13 16:34 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-13 16:34 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-13 16:34 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-13 16:34 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-13 16:34 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-13 16:34 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-13 16:34 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-13 16:34 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-09 09:21 - 2019-02-09 09:21 - 000000219 _____ C:\Users\dbube\Desktop\Counter-Strike Global Offensive.url
2019-02-01 08:48 - 2019-02-01 08:48 - 000000000 ____D C:\Users\Vlasta Petrová\AppData\Local\Steam
2019-01-31 13:56 - 2019-01-31 13:52 - 000300391 _____ C:\Users\dbube\Desktop\zadost.jpeg
2019-01-31 13:51 - 2019-01-31 13:51 - 000354830 _____ C:\Users\dbube\Desktop\nem1.jpeg
2019-01-31 13:51 - 2019-01-31 13:51 - 000280003 _____ C:\Users\dbube\Desktop\nem2.jpeg
2019-01-31 09:02 - 2019-01-31 09:07 - 000011255 _____ C:\Users\dbube\Desktop\Nový Textový dokument OpenDocument (2).odt
2019-01-23 08:31 - 2019-01-23 08:35 - 000000000 ____D C:\Users\Vlasta Petrová\Desktop\Kočár
2019-01-22 12:57 - 2019-01-22 12:57 - 000237155 _____ C:\Users\dbube\Desktop\Jarní prázdniny Karviná 2019.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-17 18:33 - 2018-03-01 10:00 - 000000000 ____D C:\Users\dbube\AppData\Roaming\uTorrent
2019-02-17 18:26 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-17 18:00 - 2018-09-08 13:00 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-17 17:58 - 2018-05-25 09:39 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-17 17:58 - 2018-04-12 16:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-02-17 17:58 - 2018-04-12 16:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-02-17 17:58 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-17 17:54 - 2018-02-28 16:41 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-17 17:52 - 2018-05-25 09:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-17 17:51 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-02-17 17:30 - 2018-06-01 15:44 - 000004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DA4CE040-8BBF-4D40-96DB-A709BE972F82}
2019-02-17 16:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-17 11:12 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-16 10:24 - 2018-05-25 09:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-16 09:56 - 2018-02-28 10:26 - 000000000 ____D C:\Users\Vlasta Petrová\Desktop\Maminčino
2019-02-15 18:01 - 2018-02-28 16:54 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-15 13:07 - 2018-11-16 15:50 - 000000000 ____D C:\Program Files\rempl
2019-02-15 13:07 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-14 12:34 - 2018-05-25 09:30 - 000260736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-13 17:26 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-13 17:26 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-13 17:26 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-13 17:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-13 17:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-13 17:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-13 16:34 - 2018-03-01 15:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-13 16:33 - 2018-03-01 15:06 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-11 10:52 - 2018-05-21 08:56 - 000000000 ____D C:\Users\Vlasta Petrová\Desktop\Rodinné rozpočty
2019-02-10 15:19 - 2018-05-25 09:35 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4246267622-4105470206-3163352383-1001
2019-02-10 15:19 - 2018-05-25 09:31 - 000002391 _____ C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-09 09:21 - 2018-09-08 16:16 - 000000000 ____D C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-02-08 17:32 - 2018-06-24 15:02 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 16:50 - 2018-05-25 09:35 - 000003396 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4246267622-4105470206-3163352383-1002
2019-02-07 16:50 - 2018-05-25 09:31 - 000002418 _____ C:\Users\Vlasta Petrová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-07 16:50 - 2018-02-28 16:53 - 000000000 ___RD C:\Users\Vlasta Petrová\OneDrive
2019-02-02 23:53 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 23:53 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-31 13:52 - 2018-04-22 10:04 - 000000000 ___RD C:\Users\dbube\Documents\Scanned Documents
2019-01-30 09:44 - 2019-01-12 10:33 - 000000000 ____D C:\Users\dbube\Downloads\opera autoupdate
2019-01-24 13:57 - 2018-03-01 15:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories =======

2018-03-01 16:42 - 2018-03-01 16:42 - 000000282 _____ () C:\Users\dbube\AppData\Roaming\GPU MeterV2_Settings.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-25 09:30

==================== End of FRST.txt ============================

[Diallix]

Neevidim ziadnu AV ochranu.


Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

Task: {32581A7A-53AB-4834-899E-CA6F48E5C40C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7AAD4ED6-55B7-41DE-978F-44C78E67DBFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
AlternateDataStreams: C:\Users\dbube\Desktop\nem1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\nem1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\nem2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\nem2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\zadost.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\zadost.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
FirewallRules: [{F862EBE6-B82D-441E-A926-E6C65E1084F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{89E9228D-6080-4F62-B92F-0EC97A4DBA80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{E362628D-2CD2-4C6E-820A-0CA5F52FA1F8}C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe] => (Allow) C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe No File
FirewallRules: [UDP Query User{170F6B3D-830F-49FA-9F21-B55176B7A539}C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe] => (Allow) C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe No File
HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\...\MountPoints2: F - "F:\setup.exe" 

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

[Bubenak1]

Měl jsem za to, že antivirovou ochranu mám již nainstalovanou společně s Windows 10 ( Windows Defender ) tudíž jsem nestahoval žádné jiné AV ochrany.

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.02.2019
Ran by dbube (18-02-2019 11:16:11) Run:1
Running from C:\Users\dbube\Desktop
Loaded Profiles: dbube (Available Profiles: dbube & Vlasta Petrová & SERVIS)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {32581A7A-53AB-4834-899E-CA6F48E5C40C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7AAD4ED6-55B7-41DE-978F-44C78E67DBFA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
AlternateDataStreams: C:\Users\dbube\Desktop\nem1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\nem1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\nem2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\nem2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\zadost.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\zadost.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
FirewallRules: [{F862EBE6-B82D-441E-A926-E6C65E1084F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{89E9228D-6080-4F62-B92F-0EC97A4DBA80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{E362628D-2CD2-4C6E-820A-0CA5F52FA1F8}C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe] => (Allow) C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe No File
FirewallRules: [UDP Query User{170F6B3D-830F-49FA-9F21-B55176B7A539}C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe] => (Allow) C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe No File
HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\...\MountPoints2: F - "F:\setup.exe"

EmptyTemp:

*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32581A7A-53AB-4834-899E-CA6F48E5C40C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32581A7A-53AB-4834-899E-CA6F48E5C40C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AAD4ED6-55B7-41DE-978F-44C78E67DBFA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AAD4ED6-55B7-41DE-978F-44C78E67DBFA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Users\dbube\Desktop\nem1.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully
C:\Users\dbube\Desktop\nem1.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\dbube\Desktop\nem2.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully
C:\Users\dbube\Desktop\nem2.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\dbube\Desktop\zadost.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully
C:\Users\dbube\Desktop\zadost.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F862EBE6-B82D-441E-A926-E6C65E1084F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{89E9228D-6080-4F62-B92F-0EC97A4DBA80}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E362628D-2CD2-4C6E-820A-0CA5F52FA1F8}C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{170F6B3D-830F-49FA-9F21-B55176B7A539}C:\users\dbube\desktop\rocketleaguetrainer_v0_8_2\rocketleaguetrainer.exe" => removed successfully
HKU\S-1-5-21-4246267622-4105470206-3163352383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 250410102 B
Java, Flash, Steam htmlcache => 344069609 B
Windows/system/drivers => 1778402 B
Edge => 19456 B
Chrome => 629663666 B
Firefox => 0 B
Opera => 20844222 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 61440 B
LocalService => 0 B
NetworkService => 323928 B
NetworkService => 0 B
dbube => 6191110 B
Vlasta Petrová => 22230095 B
SERVIS => 640035 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:16:59 ====

[Diallix]

Doporucujem doinstalovat Aviru.

Ako je na tom pocitac?

[Bubenak1]

No zatím to vypadá velmi dobře, během našeho čištění jsem zjistil, že se jednalo o zatěžování disku (D:) ale už je to nejspíš OK, nevíte čím to bylo? Smazali jsme snad něco, co bylo na Disku D ?

[Diallix]

Bola tam nakaza ADS, ktora mohla zatazovat procesy, po zavedeni - desktop, co mohlo viest k inicializacii vstupnych bodov medii, co sa mohlo javit ako zatazenie diskov. Skuste odsledovat, ci sa to bude opakovat :]]

[Bubenak1]

Dobře. Děkuji moc za pomoc můžete locknout.

[Diallix]